svn commit: r434520 - head/security/vuxml
Dmitry Marakasov
amdmi3 at FreeBSD.org
Tue Feb 21 11:18:12 UTC 2017
Author: amdmi3
Date: Tue Feb 21 11:18:11 2017
New Revision: 434520
URL: https://svnweb.freebsd.org/changeset/ports/434520
Log:
Document information disclosure vulnerability on fbsdmon
PR: 217099
Submitted by: asomers
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Tue Feb 21 11:18:04 2017 (r434519)
+++ head/security/vuxml/vuln.xml Tue Feb 21 11:18:11 2017 (r434520)
@@ -58,6 +58,31 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="786a7d87-f826-11e6-9436-14dae9d5a9d2">
+ <topic>fbsdmon -- information disclosure vulnerability</topic>
+ <affects>
+ <package>
+ <name>fbsdmon</name>
+ <range><ge>0</ge></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Alan Somers reports:</p>
+ <blockquote cite="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=217099">
+ <p>The web site used by this port, http://fbsdmon.org, has been taken over by cybersquatters. That means that users are sending their system info to an unknown party.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=217099</url>
+ </references>
+ <dates>
+ <discovery>2017-02-14</discovery>
+ <entry>2017-02-21</entry>
+ </dates>
+ </vuln>
+
<vuln vid="f1075415-f5e9-11e6-a4e2-5404a68ad561">
<topic>wavpack -- multiple invalid memory reads</topic>
<affects>
More information about the svn-ports-all
mailing list