FreshPorts - VuXML
This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2025-01-14 21:31:10 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68
These are the vulnerabilities relating to the commit you have selected:
| VuXML ID | Description |
|---|
| a5c64f6f-2af3-11ef-a77e-901b0e9408dc | go -- multiple vulnerabilities
The Go project reports:
archive/zip: mishandling of corrupt central directory record
The archive/zip package's handling of certain types of
invalid zip files differed from the behavior of most zip
implementations. This misalignment could be exploited to
create an zip file with contents that vary depending on the
implementation reading the file. The archive/zip package now
rejects files containing these errors.
net/netip: unexpected behavior from Is methods for
IPv4-mapped IPv6 addresses
The various Is methods (IsPrivate, IsLoopback, etc) did
not work as expected for IPv4-mapped IPv6 addresses,
returning false for addresses which would return true in
their traditional IPv4 forms.
Discovery 2024-06-04
Entry 2024-06-15
go122
< 1.22.4
go121
< 1.21.11
CVE-2024-24789
CVE-2024-24790
https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ
|