FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-23 17:01:17 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
b5ffaa2a-ee50-4498-af99-61bc1b163c00	leafnode -- denial of service vulnerability Matthias Andree reports: A vulnerability was found in the fetchnews program (the NNTP client) that may under some circumstances cause a wait for input that never arrives, fetchnews "hangs". [...] As only one fetchnews program can run at a time, subsequently started fetchnews and texpire programs will terminate. [...] Upgrade your leafnode package to version 1.11.3. Discovery 2005-06-08 Entry 2005-06-09 leafnode < 1.11.3 CVE-2005-1911 http://leafnode.sourceforge.net/leafnode-SA-2005-02.txt ports/82056 http://marc.theaimsgroup.com/?l=vulnwatch&m=111827180929063
a051a4ec-3aa1-4dd1-9bdc-a61eb5700153	leafnode fetchnews denial-of-service triggered by truncated transmission When a downloaded news article ends prematurely, i. e. when the server sends [CR]LF.[CR]LF before sending a blank line, fetchnews may wait indefinitely for data that never arrives. Workaround: configure "minlines=1" (or use a bigger value) in the configuration file. Found by Toni ViemerÃ¶. Discovery 2004-01-08 Entry 2004-05-21 Modified 2005-05-13 leafnode <= 1.9.47 CVE-2004-2068 http://leafnode.sourceforge.net/leafnode-SA-2004-01.txt http://sourceforge.net/tracker/index.php?func=detail&aid=873149&group_id=57767&atid=485349 http://article.gmane.org/gmane.network.leafnode.announce/32 http://sourceforge.net/mailarchive/message.php?msg_id=6922570 ports/61105

VuXML ID

Description

b5ffaa2a-ee50-4498-af99-61bc1b163c00

leafnode -- denial of service vulnerability

Matthias Andree reports:

A vulnerability was found in the fetchnews program (the NNTP client) that may under some circumstances cause a wait for input that never arrives, fetchnews "hangs". [...]

As only one fetchnews program can run at a time, subsequently started fetchnews and texpire programs will terminate. [...]

Upgrade your leafnode package to version 1.11.3.

Discovery 2005-06-08
Entry 2005-06-09
leafnode

< 1.11.3

CVE-2005-1911
http://leafnode.sourceforge.net/leafnode-SA-2005-02.txt
ports/82056
http://marc.theaimsgroup.com/?l=vulnwatch&m=111827180929063

a051a4ec-3aa1-4dd1-9bdc-a61eb5700153

leafnode fetchnews denial-of-service triggered by truncated transmission

When a downloaded news article ends prematurely, i. e. when the server sends [CR]LF.[CR]LF before sending a blank line, fetchnews may wait indefinitely for data that never arrives. Workaround: configure "minlines=1" (or use a bigger value) in the configuration file. Found by Toni ViemerÃ¶.

Discovery 2004-01-08
Entry 2004-05-21
Modified 2005-05-13
leafnode

<= 1.9.47

CVE-2004-2068
http://leafnode.sourceforge.net/leafnode-SA-2004-01.txt
http://sourceforge.net/tracker/index.php?func=detail&aid=873149&group_id=57767&atid=485349
http://article.gmane.org/gmane.network.leafnode.announce/32
http://sourceforge.net/mailarchive/message.php?msg_id=6922570
ports/61105