Bug 218852

Summary: security/vuxml: weechat CVE-2017-8073
Product: Ports & Packages Reporter: Jochen Neumeister <joneum>
Component: Individual Port(s)Assignee: Bernard Spil <brnrd>
Status: Closed FIXED    
Severity: Affects Many People CC: brnrd, joneum
Priority: --- Flags: bugzilla: maintainer-feedback? (ports-secteam)
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
weechat vuxml none

Description Jochen Neumeister freebsd_committer freebsd_triage 2017-04-24 18:05:14 UTC 
Created attachment 182051 [details]
weechat vuxml

WeeChat before 1.7.1 allows a remote crash by sending a filename via DCC to the IRC plugin. This occurs in the irc_ctcp_dcc_filename_without_quotes function during quote removal, with a buffer overflow.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8073
Comment 1 commit-hook freebsd_committer freebsd_triage 2017-04-24 20:13:29 UTC 
A commit references this bug:

Author: brnrd
Date: Mon Apr 24 20:12:59 UTC 2017
New revision: 439344
URL: https://svnweb.freebsd.org/changeset/ports/439344

Log:
  security/vuxml: Document weechat vulnerability

  PR:		218852
  Submitted by:	Jochen Neumeister <joneum@bsdproject.de>

Changes:
  head/security/vuxml/vuln.xml
Comment 2 Bernard Spil freebsd_committer freebsd_triage 2017-04-24 20:16:50 UTC 
Hi Jochen,

Thanks for the patch (and the heads-up!)

Make sure you run make validate after you modify vuln.xml. You had trailing spaces on the <p> block.

Version was lt 1.7.1 (which is preferred over le 1.7) not lt 1.7

The CVE is never the link I believe, always something from a project page or something like seclists. The cve is linked via the cvename.

Thanks!
Comment 3 Jochen Neumeister freebsd_committer freebsd_triage 2017-04-24 21:16:13 UTC 
(In reply to Bernard Spil from comment #2)

Thanks for the hint. My mistake. I'll make it the next time better!

Cheers! :-)