FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-23 05:42:14 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
0a7a5dfb-aba4-11ed-be2c-001cc0382b2fGnuTLS -- timing sidechannel in RSA decryption

The GnuTLS project reports:

A vulnerability was found that the response times to malformed RSA ciphertexts in ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. Only TLS ciphertext processing is affected.


Discovery 2023-02-10
Entry 2023-02-13
gnutls
< 3.7.9

CVE-2023-0361
https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14
1cd0c17a-17c0-11ed-91a5-080027f5fec9gnutls -- double free vulnerability

The GnuTLS project reports:

When gnutls_pkcs7_verify cannot verify signature against given trust list, it starts creating a chain of certificates starting from identified signer up to known root. During the creation of this chain the signer certificate gets freed which results in double free when the same signer certificate is freed at the end of the algorithm.


Discovery 2022-07-07
Entry 2022-08-09
gnutls
>= 3.6.0 lt 3.7.7

CVE-2022-2509
https://www.gnutls.org/security-new.html#GNUTLS-SA-2022-07-07