FreeBSD Bugzilla – Attachment 157339 Details for
Bug 200568
security/wpa_supplicant: [security] multiple vulnerabilities
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
security/vuxml entry for PR200568 and 200567
hostapd-wpa_supplicant_vuxml.diff (text/plain), 2.27 KB, created by
Jason Unovitch
on 2015-06-01 11:15:29 UTC
(
hide
)
Description:
security/vuxml entry for PR200568 and 200567
Filename:
MIME Type:
Creator:
Jason Unovitch
Created:
2015-06-01 11:15:29 UTC
Size:
2.27 KB
patch
obsolete
>Index: security/vuxml/vuln.xml >=================================================================== >--- security/vuxml/vuln.xml (revision 388207) >+++ security/vuxml/vuln.xml (working copy) >@@ -57,6 +57,53 @@ > > --> > <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> >+ <vuln vid="bbc0db92-084c-11e5-bb90-002590263bf5"> >+ <topic>hostapd and wpa_supplicant -- multiple vulnerabilities</topic> >+ <affects> >+ <package> >+ <name>hostapd</name> >+ <range><lt>2.4_1</lt></range> >+ </package> >+ <package> >+ <name>wpa_supplicant</name> >+ <range><lt>2.4_3</lt></range> >+ </package> >+ </affects> >+ <description> >+ <body xmlns="http://www.w3.org/1999/xhtml"> >+ <p>Jouni Malinen reports:</p> >+ <blockquote cite="http://w1.fi/security/2015-2/wps-upnp-http-chunked-transfer-encoding.txt"> >+ <p>WPS UPnP vulnerability with HTTP chunked transfer encoding. (2015-2 >+ - CVE-2015-4141)</p> >+ </blockquote> >+ <blockquote cite="http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt"> >+ <p>Integer underflow in AP mode WMM Action frame processing. (2015-3 - >+ CVE-2015-4142)</p> >+ </blockquote> >+ <blockquote cite="http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt"> >+ <p>EAP-pwd missing payload length validation. (2015-4 - CVE-2015-4143, >+ CVE-2015-4144, CVE-2015-4145, CVE-2015-4146)</p> >+ </blockquote> >+ </body> >+ </description> >+ <references> >+ <url>http://w1.fi/security/2015-2/wps-upnp-http-chunked-transfer-encoding.txt</url> >+ <url>http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt</url> >+ <url>http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt</url> >+ <cvename>CVE-2015-4141</cvename> >+ <cvename>CVE-2015-4142</cvename> >+ <cvename>CVE-2015-4143</cvename> >+ <cvename>CVE-2015-4144</cvename> >+ <cvename>CVE-2015-4145</cvename> >+ <cvename>CVE-2015-4146</cvename> >+ <mlist>http://openwall.com/lists/oss-security/2015/05/31/6</mlist> >+ </references> >+ <dates> >+ <discovery>2015-05-04</discovery> >+ <entry>2015-06-01</entry> >+ </dates> >+ </vuln> >+ > <vuln vid="cfb12f02-06e1-11e5-8fda-002590263bf5"> > <topic>cabextract -- directory traversal with UTF-8 symbols in filenames</topic> > <affects>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=157339">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 200568
:
157337
|
157338
| 157339