svn commit: r315370 - head/security/vuxml
Erwin Lansing
erwin at FreeBSD.org
Wed Mar 27 10:29:26 UTC 2013
Author: erwin
Date: Wed Mar 27 10:29:25 2013
New Revision: 315370
URL: http://svnweb.freebsd.org/changeset/ports/315370
Log:
Add entry for latest Bind advisory CVE-2013-2266
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Wed Mar 27 10:20:36 2013 (r315369)
+++ head/security/vuxml/vuln.xml Wed Mar 27 10:29:25 2013 (r315370)
@@ -51,6 +51,45 @@ Note: Please add new entries to the beg
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="7a282e49-95b6-11e2-8433-0800273fe665">
+ <topic>dns/bind9* -- Malicious Regex Can Cause Memory Exhaustion</topic>
+ <affects>
+ <package>
+ <name>bind99</name>
+ <range><lt>9.9.2.2</lt></range>
+ </package>
+ <package>
+ <name>bind99-base</name>
+ <range><lt>9.9.2.2</lt></range>
+ </package>
+ <package>
+ <name>bind98</name>
+ <range><lt>9.8.4.2</lt></range>
+ </package>
+ <package>
+ <name>bind98-base</name>
+ <range><lt>9.8.4.2</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>ISC reports:</p>
+ <blockquote cite="https://kb.isc.org/article/AA-00871">
+ <p>A critical defect in BIND 9 allows an attacker to cause
+ excessive memory consumption in named or other programs
+ linked to libdns.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2013-2266</cvename>
+ </references>
+ <dates>
+ <discovery>2013-03-11</discovery>
+ <entry>2013-03-27</entry>
+ </dates>
+ </vuln>
+
<vuln vid="bdd48858-9656-11e2-a9a8-00262d5ed8ee">
<topic>chromium -- multiple vulnerabilities</topic>
<affects>
More information about the svn-ports-all
mailing list