View | Details | Raw Unified | Return to bug 256273 | Differences between
and this patch

Collapse All | Expand All

(-)b/security/vuxml/vuln.xml (+28 lines)
Lines 76-81 Notes: Link Here
76 
  * Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
 76 
  * Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
77 
-->
 77 
-->
78 
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
 78 
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
79 
  <vuln vid="fd24a530-c202-11eb-b217-b42e99639323">
80 
    <topic>wayland -- integer overflow</topic>
81 
    <affects>
82 
      <package>
83 
	<name>wayland</name>
84 
	<range><lt>1.19.0_1</lt></range>
85 
      </package>
86 
    </affects>
87 
    <description>
88 
      <body xmlns="http://www.w3.org/1999/xhtml">
89 
	<p>Tobias Stoeckmann reports:</p>
90 
	<blockquote
91 
	  cite="https://gitlab.freedesktop.org/wayland/wayland/-/merge_requests/133">
92 
	  <p>The libXcursor fix for CVE-2013-2003 has never been imported into wayland, leaving it vulnerable to it.</p>
93 
	</blockquote>
94 
      </body>
95 
    </description>
96 
    <references>
97 
      <cvename>CVE-2013-2003</cvename>
98 
      <url>https://gitlab.freedesktop.org/wayland/wayland/-/merge_requests/133</url>
99 
      <freebsdpr>ports/256273</freebsdpr>
100 
    </references>
101 
    <dates>
102 
      <discovery>2021-05-02</discovery>
103 
      <entry>2021-05-31</entry>
104 
    </dates>
105 
  </vuln>
106 

            

        

          79
          
  <vuln vid="107c7a76-beaa-11eb-b87a-901b0ef719ab">

          107
          
  <vuln vid="107c7a76-beaa-11eb-b87a-901b0ef719ab">

        

        

          80
          
    <topic>FreeBSD -- Missing message validation in libradius(3)</topic>

          108
          
    <topic>FreeBSD -- Missing message validation in libradius(3)</topic>

        

        

          81
          
    <affects>

          109
          
    <affects>

        






  

  Return to bug 256273