FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-23 17:01:17 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
5a771686-9e33-11e8-8b2d-9cf7a8059466chicken -- multiple vulnerabilities

CHICKEN reports:

  • CVE-2017-6949: Unchecked malloc() call in SRFI-4 constructors when allocating in non-GC memory, resulting in potential 1-word buffer overrun and/or segfault
  • CVE-2017-9334: "length" crashes on improper lists
  • CVE-2017-11343: The randomization factor of the symbol table was set before the random seed was set, causing it to have a fixed value on many platforms

Discovery 2017-03-16
Entry 2018-08-12
chicken
< 4.13.0,1

https://code.call-cc.org/releases/4.13.0/NEWS
CVE-2017-6949
CVE-2017-9334
CVE-2017-11343
c6932dd4-eaff-11e6-9ac1-a4badb2f4699chicken -- multiple vulnerabilities

Peter Bex reports:

A buffer overflow error was found in the POSIX unit's procedures process-execute and process-spawn.

Additionally, a memory leak existed in this code, which would be triggered when an error is raised during argument and environment processing.

Irregex versions before 0.9.6 contain a resource exhaustion vulnerability: when compiling deeply nested regexes containing the "+" operator due to exponential expansion behaviour.


Discovery 2016-08-12
Entry 2017-02-04
Modified 2017-03-05
chicken
< 4.12,1

http://lists.nongnu.org/archive/html/chicken-announce/2016-08/msg00001.html
CVE-2016-6830
CVE-2016-6831
CVE-2016-9954
ports/216661