kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fix date format

Browse source 
While here, correct some grammar

PR:		222683
Submitted by:	Vladimir Krstulja <vlad-fbsd@acheronmedia.com>
This commit is contained in:
Steve Wills 2017-09-29 13:20:15 +00:00
parent 0899675b73
commit c6c22ec78b
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=450891
1 changed files with 28 additions and 28 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

56
security/vuxml/vuln.xml
View file

@ -148,7 +148,7 @@ Notes:
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>sam2p developers reports:</p>
<p>sam2p developers report:</p>
<blockquote cite="https://github.com/pts/sam2p/issues/14">
<p>In sam2p 0.49.3, a heap-based buffer overflow exists in the pcxLoadImage24 function of the file in_pcx.cpp.</p>
<p>In sam2p 0.49.3, the in_xpm_reader function in in_xpm.cpp has an integer signedness error, leading to a crash when writing to an out-of-bounds array element.</p>
@ -169,8 +169,8 @@ Notes:
<cvename>CVE-2017-14637</cvename>
</references>
<dates>
<discovery>2017-9-21</discovery>
<entry>2017-9-28</entry>
<discovery>2017-09-21</discovery>
<entry>2017-09-28</entry>
</dates>
</vuln>
@ -184,7 +184,7 @@ Notes:
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>libraw developers reports:</p>
<p>libraw developers report:</p>
<blockquote cite="https://github.com/LibRaw/LibRaw/commit/d13e8f6d1e987b7491182040a188c16a395f1d21">
<p>In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash.</p>
</blockquote>
@ -196,8 +196,8 @@ Notes:
<cvename>CVE-2017-14608</cvename>
</references>
<dates>
<discovery>2017-9-20</discovery>
<entry>2017-9-28</entry>
<discovery>2017-09-20</discovery>
<entry>2017-09-28</entry>
</dates>
</vuln>
@ -307,8 +307,8 @@ Notes:
<cvename>CVE-2017-2816</cvename>
</references>
<dates>
<discovery>2017-9-13</discovery>
<entry>2017-9-27</entry>
<discovery>2017-09-13</discovery>
<entry>2017-09-27</entry>
</dates>
</vuln>
@ -322,7 +322,7 @@ Notes:
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>sugarcrm developers reports:</p>
<p>sugarcrm developers report:</p>
<blockquote cite="https://blog.ripstech.com/2017/sugarcrm-security-diet-multiple-vulnerabilities/">
<p>An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 (and Sugar Community Edition 6.5.26). Several areas have been identified in the Documents and Emails module that could allow an authenticated user to perform SQL injection, as demonstrated by a backslash character at the end of a bean_id to modules/Emails/DetailView.php. An attacker could exploit these vulnerabilities by sending a crafted SQL request to the affected areas. An exploit could allow the attacker to modify the SQL database. Proper SQL escaping has been added to prevent such exploits.</p>
<p>An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 (and Sugar Community Edition 6.5.26). A remote file inclusion has been identified in the Connectors module allowing authenticated users to include remotely accessible system files via a query string. Proper input validation has been added to mitigate this issue.</p>
@ -342,8 +342,8 @@ Notes:
<cvename>CVE-2017-14510</cvename>
</references>
<dates>
<discovery>2017-9-17</discovery>
<entry>2017-9-26</entry>
<discovery>2017-09-17</discovery>
<entry>2017-09-26</entry>
</dates>
</vuln>
@ -369,8 +369,8 @@ Notes:
<cvename>CVE-2017-14107</cvename>
</references>
<dates>
<discovery>2017-9-1</discovery>
<entry>2017-9-27</entry>
<discovery>2017-09-01</discovery>
<entry>2017-09-27</entry>
</dates>
</vuln>
@ -398,8 +398,8 @@ Notes:
<cvename>CVE-2017-14227</cvename>
</references>
<dates>
<discovery>2017-9-9</discovery>
<entry>2017-9-26</entry>
<discovery>2017-09-09</discovery>
<entry>2017-09-26</entry>
</dates>
</vuln>
@ -512,7 +512,7 @@ Notes:
</references>
<dates>
<discovery>2017-7-22</discovery>
<entry>2017-9-26</entry>
<entry>2017-09-26</entry>
</dates>
</vuln>
@ -538,8 +538,8 @@ Notes:
<cvename>CVE-2017-14348</cvename>
</references>
<dates>
<discovery>2017-9-12</discovery>
<entry>2017-9-26</entry>
<discovery>2017-09-12</discovery>
<entry>2017-09-26</entry>
</dates>
</vuln>
@ -564,8 +564,8 @@ Notes:
<cvename>CVE-2017-14265</cvename>
</references>
<dates>
<discovery>2017-9-11</discovery>
<entry>2017-9-26</entry>
<discovery>2017-09-11</discovery>
<entry>2017-09-26</entry>
</dates>
</vuln>
@ -593,8 +593,8 @@ Notes:
<cvename>CVE-2017-6362</cvename>
</references>
<dates>
<discovery>2017-9-7</discovery>
<entry>2017-9-26</entry>
<discovery>2017-09-07</discovery>
<entry>2017-09-26</entry>
</dates>
</vuln>
@ -658,8 +658,8 @@ Notes:
<cvename>CVE-2017-2807</cvename>
</references>
<dates>
<discovery>2017-9-5</discovery>
<entry>2017-9-26</entry>
<discovery>2017-09-05</discovery>
<entry>2017-09-26</entry>
</dates>
</vuln>
@ -685,8 +685,8 @@ Notes:
<cvename>CVE-2017-14181</cvename>
</references>
<dates>
<discovery>2017-9-7</discovery>
<entry>2017-9-25</entry>
<discovery>2017-09-07</discovery>
<entry>2017-09-25</entry>
</dates>
</vuln>
@ -700,7 +700,7 @@ Notes:
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>ansible developers reports:</p>
<p>ansible developers report:</p>
<blockquote cite="https://github.com/ansible/ansible/issues/22505">
<p>Ansible versions 2.2.3 and earlier are vulnerable to an information disclosure flaw due to the interaction of call back plugins and the no_log directive where the information may not be sanitized properly.</p>
</blockquote>
@ -712,7 +712,7 @@ Notes:
</references>
<dates>
<discovery>2017-7-21</discovery>
<entry>2017-9-25</entry>
<entry>2017-09-25</entry>
</dates>
</vuln>