FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-24 11:27:39 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
51358314-bec8-11e5-82cd-bcaec524bf84	claws-mail -- no bounds checking on the output buffer in conv_jistoeuc, conv_euctojis, conv_sjistoeuc DrWhax reports: So in codeconv.c there is a function for Japanese character set conversion called conv_jistoeuc(). There is no bounds checking on the output buffer, which is created on the stack with alloca() Bug can be triggered by sending an email to TAILS_luser@riseup.net or whatever. Since my C is completely rusty, you might be able to make a better judgment on the severity of this issue. Marking critical for now. Discovery 2015-11-04 Entry 2016-01-19 claws-mail < 3.13.2 CVE-2015-8614 https://security-tracker.debian.org/tracker/CVE-2015-8614

VuXML ID

Description

51358314-bec8-11e5-82cd-bcaec524bf84

claws-mail -- no bounds checking on the output buffer in conv_jistoeuc, conv_euctojis, conv_sjistoeuc

DrWhax reports:

So in codeconv.c there is a function for Japanese character set conversion called conv_jistoeuc(). There is no bounds checking on the output buffer, which is created on the stack with alloca() Bug can be triggered by sending an email to TAILS_luser@riseup.net or whatever. Since my C is completely rusty, you might be able to make a better judgment on the severity of this issue. Marking critical for now.

Discovery 2015-11-04
Entry 2016-01-19
claws-mail

< 3.13.2

CVE-2015-8614
https://security-tracker.debian.org/tracker/CVE-2015-8614