svn commit: r451767 - head/security/vuxml

Steve Wills swills at FreeBSD.org
Wed Oct 11 18:06:48 UTC 2017 

Author: swills
Date: Wed Oct 11 18:06:46 2017
New Revision: 451767
URL: https://svnweb.freebsd.org/changeset/ports/451767

Log:
  Document ncurses issues

Modified:
  head/security/vuxml/vuln.xml

Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml	Wed Oct 11 17:47:40 2017	(r451766)
+++ head/security/vuxml/vuln.xml	Wed Oct 11 18:06:46 2017	(r451767)
@@ -58,6 +58,44 @@ Notes:
   * Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+  <vuln vid="b84dbd94-e894-4c91-b8cd-d328537b1b2b">
+    <topic>ncurses -- multiple issues</topic>
+    <affects>
+      <package>
+	<name>ncurses</name>
+	<range><le>6.0</le></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>ncurses developers reports:</p>
+	<blockquote cite="https://bugzilla.redhat.com/show_bug.cgi?id=1484285">
+	  <p>There are multiple illegal address access issues and an infinite loop issue. Please refer to the CVE list for details.</p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <url>https://bugzilla.redhat.com/show_bug.cgi?id=1484274</url>
+      <url>https://bugzilla.redhat.com/show_bug.cgi?id=1484276</url>
+      <url>https://bugzilla.redhat.com/show_bug.cgi?id=1484284</url>
+      <url>https://bugzilla.redhat.com/show_bug.cgi?id=1484285</url>
+      <url>https://bugzilla.redhat.com/show_bug.cgi?id=1484287</url>
+      <url>https://bugzilla.redhat.com/show_bug.cgi?id=1484290</url>
+      <url>https://bugzilla.redhat.com/show_bug.cgi?id=1484291</url>
+      <cvename>CVE-2017-13728</cvename>
+      <cvename>CVE-2017-13729</cvename>
+      <cvename>CVE-2017-13730</cvename>
+      <cvename>CVE-2017-13731</cvename>
+      <cvename>CVE-2017-13732</cvename>
+      <cvename>CVE-2017-13733</cvename>
+      <cvename>CVE-2017-13734</cvename>
+    </references>
+    <dates>
+      <discovery>2017-08-29</discovery>
+      <entry>2017-10-11</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="9164f51e-ae20-11e7-a633-009c02a2ab30">
     <topic>Python 2.7 -- multiple vulnerabilities</topic>
     <affects>

More information about the svn-ports-head mailing list