Bug 131939 - vuxml submission for mail/imap-uw
Summary: vuxml submission for mail/imap-uw
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Anders Nordby
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-02-21 18:40 UTC by mark
Modified: 2009-05-21 16:40 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description mark 2009-02-21 18:40:01 UTC 

Fix: 

<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
   <vuln vid="5ed2f96b-33b7-4863-8c6b-540d22344424">
     <topic>imap-uw -- University of Washington IMAP c-client Remote Format String Vulnerability</topic>
     <affects>
       <package>
         <name>imap-uw</name>
         <range><eq>2007d</eq></range>
       </package>
     </affects>
     <description>
       <body xmlns="http://www.w3.org/1999/xhtml">
         <p>SecurityFocus reports:</p>
         <blockquote cite="http://www.securityfocus.com/bid/33795">
           <p>University of Washington IMAP c-client is prone to a remote format-string vulnerability because the software fails to adequately sanitize user-supplied input before passing it as the format-specifier to a formatted-printing function.</p>
         </blockquote>
       </body>
     </description>
     <references>
      <bid>33795</bid>
      <url>http://www.securityfocus.com/bid/33795</url>
     </references>
     <dates>
       <discovery>2009-02-17</discovery>
       <entry>2009-02-21</entry>
     </dates>
   </vuln>
Comment 1 Edwin Groothuis freebsd_committer freebsd_triage 2009-02-21 18:40:13 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->anders

Over to maintainer (via the GNATS Auto Assign Tool)
Comment 2 Pav Lucistnik freebsd_committer freebsd_triage 2009-05-21 16:30:42 UTC 
State Changed
From-To: open->closed

Committed, thanks!
Comment 3 dfilter service freebsd_committer freebsd_triage 2009-05-21 16:30:58 UTC 
pav         2009-05-21 15:30:42 UTC

  FreeBSD ports repository

  Modified files:
    security/vuxml       vuln.xml 
  Log:
  - Document imap-uw -- University of Washington IMAP c-client Remote Format
    String Vulnerability (submitted back in Feb 2009)
  
  PR:             ports/131939
  Submitted by:   Mark Foster <mark@foster.cc>
  
  Revision  Changes    Path
  1.1945    +30 -1     ports/security/vuxml/vuln.xml
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"