FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-27 06:34:59 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
3ba1ca94-a563-11ec-8be6-d4c9ef517024	Weechat -- Possible man-in-the-middle attack in TLS connection to servers The Weechat project reports: After changing the options weechat.network.gnutls_ca_system or weechat.network.gnutls_ca_user, the TLS verification function is lost. Consequently, any connection to a server with TLS is made without verifying the certificate, which could lead to a man-in-the-middle attack. Connection to IRC servers with TLS is affected, as well as any connection a server made by a plugin or a script using the function hook_connect. Discovery 2022-03-13 Entry 2022-03-16 weechat < 3.4.1 https://weechat.org/doc/security/WSA-2022-1/

VuXML ID

Description

3ba1ca94-a563-11ec-8be6-d4c9ef517024

Weechat -- Possible man-in-the-middle attack in TLS connection to servers

The Weechat project reports:

After changing the options weechat.network.gnutls_ca_system or weechat.network.gnutls_ca_user, the TLS verification function is lost. Consequently, any connection to a server with TLS is made without verifying the certificate, which could lead to a man-in-the-middle attack. Connection to IRC servers with TLS is affected, as well as any connection a server made by a plugin or a script using the function hook_connect.

Discovery 2022-03-13
Entry 2022-03-16
weechat

< 3.4.1

https://weechat.org/doc/security/WSA-2022-1/