FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-09-27 15:48:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
c8c31c41-49ed-11df-83fb-0015587e2cc1	curl -- libcurl buffer overflow vulnerability The cURL project reports in a security advisory: Using the affected libcurl version to download compressed content over HTTP, an application can ask libcurl to automatically uncompress data. When doing so, libcurl can wrongly send data up to 64K in size to the callback which thus is much larger than the documented maximum size. An application that blindly trusts libcurl's max limit for a fixed buffer size or similar is then a possible target for a buffer overflow vulnerability. Discovery 2010-02-09 Entry 2010-04-19 curl >= 7.10.5 lt 7.20.0 CVE-2010-0734 http://curl.haxx.se/docs/adv_20100209.html http://www.debian.org/security/2010/dsa-2023 http://www.openwall.com/lists/oss-security/2010/02/09/5

VuXML ID

Description

c8c31c41-49ed-11df-83fb-0015587e2cc1

curl -- libcurl buffer overflow vulnerability

The cURL project reports in a security advisory:

Using the affected libcurl version to download compressed content over HTTP, an application can ask libcurl to automatically uncompress data. When doing so, libcurl can wrongly send data up to 64K in size to the callback which thus is much larger than the documented maximum size.

An application that blindly trusts libcurl's max limit for a fixed buffer size or similar is then a possible target for a buffer overflow vulnerability.

Discovery 2010-02-09
Entry 2010-04-19
curl

>= 7.10.5 lt 7.20.0

CVE-2010-0734
http://curl.haxx.se/docs/adv_20100209.html
http://www.debian.org/security/2010/dsa-2023
http://www.openwall.com/lists/oss-security/2010/02/09/5