svn commit: r309195 - head/security/vuxml

Dirk Meyer dinoex at FreeBSD.org
Tue Dec 18 16:28:57 UTC 2012 

Author: dinoex
Date: Tue Dec 18 16:28:56 2012
New Revision: 309195
URL: http://svnweb.freebsd.org/changeset/ports/309195

Log:
  - add entry for opera 12.11

Modified:
  head/security/vuxml/vuln.xml

Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml	Tue Dec 18 16:28:54 2012	(r309194)
+++ head/security/vuxml/vuln.xml	Tue Dec 18 16:28:56 2012	(r309195)
@@ -51,6 +51,62 @@ Note:  Please add new entries to the beg
 
 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+  <vuln vid="85f33a8d-492f-11e2-aa75-003067c2616f">
+    <topic>opera -- execution of arbitrary code</topic>
+    <affects>
+      <package>
+        <name>opera</name>
+        <name>opera-devel</name>
+        <name>linux-opera</name>
+        <name>linux-opera-devel</name>
+        <range><lt>12.12</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+        <p>Opera reports:</p>
+        <blockquote cite="http://www.opera.com/support/kb/view/1038/">
+          <p>When loading GIF images into memory, Opera should allocate the
+            correct amount of memory to store that image. Specially crafted
+            image files can cause Opera to allocate the wrong amount of memory.
+            Subsequent data may then overwrite unrelated memory with
+            attacker-controlled data. This can lead to a crash, which may also
+            execute that data as code.</p>
+        </blockquote>
+      </body>
+    </description>
+    <references>
+      <url>http://www.opera.com/support/kb/view/1038/</url>
+      <url>http://www.opera.com/support/kb/view/1039/</url>
+    </references>
+    <dates>
+      <discovery>2012-12-18</discovery>
+      <entry>2012-12-18</entry>
+    </dates>
+
+    <topic> -- </topic>
+    <affects>
+      <package>
+	<name></name>
+	<range><lt></lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>SO-AND-SO reports:</p>
+	<blockquote cite="INSERT URL HERE">
+	  <p>.</p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+    </references>
+    <dates>
+      <discovery>2012-12-FIXME</discovery>
+      <entry>2012-12-18</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="1657a3e6-4585-11e2-a396-10bf48230856">
     <topic>linux-flashplugin -- multiple vulnerabilities</topic>
     <affects>

More information about the svn-ports-all mailing list