148203 – irc/kvirc-* vulnerabilities

Bug 148203 - irc/kvirc-* vulnerabilities

Summary: irc/kvirc-* vulnerabilities

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	Max Brazhnikov

URL:
Keywords:

Depends on:
Blocks:

Reported:	2010-06-28 07:30 UTC by Axel Gonzalez
Modified:	2010-07-17 20:26 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Axel Gonzalez 2010-06-28 07:30:05 UTC

Security advisor: CVE-2010-2451 CVE-2010-2452

This problems have been fixed in latest version (4.0.0) and svn of 3.4

The bugs allow remote exploits, so they are serious.

Fix: 

Upgrade to kvirc-4.0.0
Backport the patches to 3.4.2, use latest from svn, or mark it as broken
How-To-Repeat: install from ports

Comment 1 Stefan Walter freebsd_committer

2010-06-28 08:18:23 UTC

Responsible Changed
From-To: freebsd-ports-bugs->makc

Over to maintainer.

Comment 2 dfilter service freebsd_committer

2010-06-30 21:59:03 UTC

makc        2010-06-30 20:58:50 UTC

  FreeBSD ports repository

  Modified files:
    irc/kvirc-devel      Makefile 
  Log:
  Mark FORBIDDEN: multiple vulnerabilities
  
  PR:             ports/148203
  Reported by:    Axel Gonzalez <loox at e-shell.net>
  Feature safe:   yes
  
  Revision  Changes    Path
  1.71      +2 -0      ports/irc/kvirc-devel/Makefile
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"

Comment 3 dfilter service freebsd_committer

2010-06-30 21:59:20 UTC

makc        2010-06-30 20:59:07 UTC

  FreeBSD ports repository

  Modified files:
    irc/kvirc            Makefile 
  Log:
  Mark FORBIDDEN: multiple vulnerabilities
  
  PR:             ports/148203
  Reported by:    Axel Gonzalez <loox at e-shell.net>
  Feature safe:   yes
  
  Revision  Changes    Path
  1.73      +2 -0      ports/irc/kvirc/Makefile
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"

Comment 4 Max Brazhnikov freebsd_committer

2010-07-17 20:26:52 UTC

State Changed
From-To: open->closed

Thanks for report!