FreeBSD Bugzilla – Attachment 178616 Details for
Bug 215834
[maintainer-update] security update devel/pcsc-lite, vuxml entry update too
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Regenerated previous patch according new changes on vuxml.
patch-updates-devel_pcsc-lite.new.diff (text/plain), 2.62 KB, created by
Mahdi Mokhtari
on 2017-01-08 11:15:10 UTC
(
hide
)
Description:
Regenerated previous patch according new changes on vuxml.
Filename:
MIME Type:
Creator:
Mahdi Mokhtari
Created:
2017-01-08 11:15:10 UTC
Size:
2.62 KB
patch
obsolete
>Index: devel/pcsc-lite/Makefile >=================================================================== >--- devel/pcsc-lite/Makefile (revision 430860) >+++ devel/pcsc-lite/Makefile (working copy) >@@ -2,10 +2,10 @@ > # $FreeBSD$ > > PORTNAME= pcsc-lite >-PORTVERSION= 1.8.19 >+PORTVERSION= 1.8.20 > PORTEPOCH= 2 > CATEGORIES= devel security >-MASTER_SITES= https://alioth.debian.org/frs/download.php/file/4198/ >+MASTER_SITES= https://alioth.debian.org/frs/download.php/latestfile/39/ > > MAINTAINER= mokhi64@gmail.com > COMMENT= Smartcard development library >Index: devel/pcsc-lite/distinfo >=================================================================== >--- devel/pcsc-lite/distinfo (revision 430860) >+++ devel/pcsc-lite/distinfo (working copy) >@@ -1,3 +1,3 @@ >-TIMESTAMP = 1481446804 >-SHA256 (pcsc-lite-1.8.19.tar.bz2) = b65e25ec6dd1328983b424ce1a649e2993b1c4c59fc87252689b5fa7037c4340 >-SIZE (pcsc-lite-1.8.19.tar.bz2) = 744283 >+TIMESTAMP = 1483729174 >+SHA256 (pcsc-lite-1.8.20.tar.bz2) = ec7d0114016c788c1c09859c84860f6cec6c4595436d23245105154b9c046bb2 >+SIZE (pcsc-lite-1.8.20.tar.bz2) = 745049 >Index: security/vuxml/vuln.xml >=================================================================== >--- security/vuxml/vuln.xml (revision 430860) >+++ security/vuxml/vuln.xml (working copy) >@@ -58,6 +58,37 @@ > * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) > --> > <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> >+ <vuln vid="c218873d-d444-11e6-84ef-f0def167eeea"> >+ <topic> Use-After-Free Vulnerability in pcsc-lite </topic> >+ <affects> >+ <package> >+ <name>pcsc-lite</name> >+ <range><ge>1.6.0</ge><lt>1.8.20</lt></range> >+ </package> >+ </affects> >+ <description> >+ <body xmlns="http://www.w3.org/1999/xhtml"> >+ <p>Peter Wu on Openwall mailing-list reports:</p> >+ <blockquote cite="http://www.openwall.com/lists/oss-security/2017/01/03/2"> >+ <p>The issue allows a local attacker to cause a Denial of Service, >+ but can potentially result in Privilege Escalation since >+ the daemon is running as root. while any local user can >+ connect to the Unix socket. >+ Fixed by patch which is released with hpcsc-lite 1.8.20.</p> >+ </blockquote> >+ </body> >+ </description> >+ <references> >+ <cvename>CWE-415</cvename> >+ <cvename>CWE-416</cvename> >+ <url>http://www.openwall.com/lists/oss-security/2017/01/03/2</url> >+ </references> >+ <dates> >+ <discovery>2017-01-03</discovery> >+ <entry>2017-01-06</entry> >+ </dates> >+ </vuln> >+ > <vuln vid="e5ec2767-d529-11e6-ae1b-002590263bf5"> > <topic>tomcat -- information disclosure vulnerability</topic> > <affects>
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Flags:
mmokhi
:
maintainer-approval+
Actions:
View
|
Diff
Attachments on
bug 215834
:
178579
|
178583
|
178616
|
178617