svn commit: r532023 - head/security/vuxml
Koop Mast
kwm at FreeBSD.org
Sat Apr 18 11:35:26 UTC 2020
Author: kwm
Date: Sat Apr 18 11:35:25 2020
New Revision: 532023
URL: https://svnweb.freebsd.org/changeset/ports/532023
Log:
Document webkit2-gtk3 vulnability
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Sat Apr 18 10:49:01 2020 (r532022)
+++ head/security/vuxml/vuln.xml Sat Apr 18 11:35:25 2020 (r532023)
@@ -58,6 +58,32 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="e418b8f0-9abb-420b-a7f1-1d8231b352e2">
+ <topic>webkit2-gtk3 -- Denial of service</topic>
+ <affects>
+ <package>
+ <name>webkit2-gtk3</name>
+ <range><lt>2.28.1</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>The WebKitGTK project reports the following vulnerability.</p>
+ <blockquote cite="https://webkitgtk.org/security/WSA-2020-0004.html">
+ <p>Processing maliciously crafted web content may lead to arbitrary code execution or application crash (denial of service). Description: A memory corruption issue (use-after-free) was addressed with improved memory handling.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>https://webkitgtk.org/security/WSA-2020-0004.html</url>
+ <cvename>CVE-2020-11793</cvename>
+ </references>
+ <dates>
+ <discovery>2020-04-16</discovery>
+ <entry>2020-04-18</entry>
+ </dates>
+ </vuln>
+
<vuln vid="e24fd421-8128-11ea-aa57-000ffec73f06">
<topic>drupal -- Drupal Core - Moderately critical - Third-party library</topic>
<affects>
More information about the svn-ports-all
mailing list