kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fix a bunch of noticed typos and spelling mistakes, covering years

Browse source 
2016-2017.  Some of those are so common that I've taken liberty to
fix them all over the file.
This commit is contained in:
Alexey Dokuchaev 2017-07-04 19:01:06 +00:00
parent 907e25479b
commit fa3ffef0b1
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=445038
1 changed files with 59 additions and 59 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

118
security/vuxml/vuln.xml
View file

@ -447,7 +447,7 @@ maliciously crafted GET request to the Horde server.</p>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Google Chrome releaseses reports:</p>
<p>Google Chrome releases reports:</p>
<blockquote cite="https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop_15.html">
<p>5 security fixes in this release, including:</p>
<ul>
@ -1655,7 +1655,7 @@ maliciously crafted GET request to the Horde server.</p>
filter, content inside Hamlit filters (:css, :javascript, :preserve, :plain)
is not automatically escaped.</p>
<h1>Cross-Site Scripting (XSS) vulnerability in git submodule support</h1>
<p>Jobert Abma from HackerOne reported a persitent XSS vulnerability in the
<p>Jobert Abma from HackerOne reported a persistent XSS vulnerability in the
GitLab repository files view that could be exploited by injecting malicious
script into a git submodule.</p>
<h1>Cross-Site Scripting (XSS) vulnerability in repository "new branch"
@ -2841,7 +2841,7 @@ maliciously crafted GET request to the Horde server.</p>
</vuln>
<vuln vid="d9e01c35-2531-11e7-b291-b499baebfeaf">
<topic>MySQL -- mulitiple vulnerabilities</topic>
<topic>MySQL -- multiple vulnerabilities</topic>
<affects>
<package>
<name>mariadb55-server</name>
@ -3765,7 +3765,7 @@ maliciously crafted GET request to the Horde server.</p>
application. Methods and means of acquiring the CRLs is not part
of the TLS handshake and in the strict TLS setting this
vulnerability cannot be triggered remotely. The vulnerability
cannot be triggered unless the application explicitely calls
cannot be triggered unless the application explicitly calls
mbedtls_x509_crl_parse() or mbedtls_x509_crl_parse_file()on a PEM
formatted CRL of untrusted origin. In which case the
vulnerability can be exploited to launch a denial of service
@ -4562,7 +4562,7 @@ maliciously crafted GET request to the Horde server.</p>
</vuln>
<vuln vid="79bbb8f8-f049-11e6-8a6a-bcaec565249c">
<topic>gtk-vnc -- bounds checking vulnabilities</topic>
<topic>gtk-vnc -- bounds checking vulnerabilities</topic>
<affects>
<package>
<name>gtk-vnc</name>
@ -4837,7 +4837,7 @@ maliciously crafted GET request to the Horde server.</p>
<p>Jens Georg reports:</p>
<blockquote cite="https://mail.gnome.org/archives/shotwell-list/2017-January/msg00048.html">
<p>I have just released Shotwell 0.24.5 and 0.25.4 which turn
on HTTPS encyption all over the publishing plugins.</p>
on HTTPS encryption all over the publishing plugins.</p>
<p>Users using Tumblr and Yandex.Fotki publishing are strongly
advised to change their passwords and reauthenticate Shotwell
to those services after upgrade.</p>
@ -5313,10 +5313,10 @@ maliciously crafted GET request to the Horde server.</p>
</blockquote>
<blockquote cite="https://www.phpmyadmin.net/security/PMASA-2017-3/">
<h3>Summary</h3>
<p>DOS vulnerabiltiy in table editing</p>
<p>DOS vulnerability in table editing</p>
<h3>Description</h3>
<p>It was possible to trigger recursive include operation by
crafter parameters when editing table data.</p>
crafted parameters when editing table data.</p>
<h3>Severity</h3>
<p>We consider this to be non critical.</p>
</blockquote>
@ -5385,7 +5385,7 @@ maliciously crafted GET request to the Horde server.</p>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Intel Corporaion reports:</p>
<p>Intel Corporation reports:</p>
<blockquote cite="https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00063&amp;languageid=en-fr">
<p>A security vulnerability in the Intel(R) Ethernet Controller X710
and Intel(R) Ethernet Controller XL710 family of products
@ -6841,7 +6841,7 @@ maliciously crafted GET request to the Horde server.</p>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Samba team reports:</p>
<blockquote cite="https://www.samba.org/samba/latest_news.html#4.5.3">
<p>[CVE-2016-2123] Authenicated users can supply malicious dnsRecord attributes
<p>[CVE-2016-2123] Authenticated users can supply malicious dnsRecord attributes
on DNS objects and trigger a controlled memory corruption.</p>
<p>[CVE-2016-2125] Samba client code always requests a forwardable ticket
when using Kerberos authentication. This means the target server, which must be in the current or trusted
@ -7032,7 +7032,7 @@ maliciously crafted GET request to the Horde server.</p>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Squid security advisory 2016:10 reports:</p>
<blockquote cite="http://www.squid-cache.org/Advisories/SQUID-2016_10.txt">
<p>Due to incorrect comparsion of request headers Squid can deliver
<p>Due to incorrect comparison of request headers Squid can deliver
responses containing private data to clients it should not have
reached.</p>
<p>This problem allows a remote attacker to discover private and
@ -7249,7 +7249,7 @@ maliciously crafted GET request to the Horde server.</p>
<h2>printf floating point buffer overflow</h2>
<p>libcurl's implementation of the printf() functions triggers a
buffer overflow when doing a large floating point output. The bug
occurs whenthe conversion outputs more than 255 bytes.</p>
occurs when the conversion outputs more than 255 bytes.</p>
</blockquote>
</body>
</description>
@ -7491,7 +7491,7 @@ maliciously crafted GET request to the Horde server.</p>
':' delimiter of any request header lines.<br/><br/>
RFC7230 Section 3.5 calls out some of these whitespace exceptions,
and section 3.2.3 eliminated and clarified the role of implied
whitespace in the grammer of this specification. Section 3.1.1
whitespace in the grammar of this specification. Section 3.1.1
requires exactly one single SP between the method and
request-target, and between the request-target and HTTP-version,
followed immediately by a CRLF sequence. None of these
@ -7505,7 +7505,7 @@ maliciously crafted GET request to the Horde server.</p>
application servers, either through mod_proxy or using conventional
CGI mechanisms. In each case where one agent accepts such CTL
characters and does not treat them as whitespace, there is the
possiblity in a proxy chain of generating two responses from a
possibility in a proxy chain of generating two responses from a
server behind the uncautious proxy agent. In a sequence of two
requests, this results in request A to the first proxy being
interpreted as requests A + A' by the backend server, and if
@ -8299,7 +8299,7 @@ maliciously crafted GET request to the Horde server.</p>
<blockquote cite="http://seclists.org/oss-sec/2016/q4/413">
<p>Imagemagick before 3cbfb163cff9e5b8cdeace8312e9bfee810ed02b
suffer from a heap overflow in WaveletDenoiseImage(). This problem is
easelly trigerrable from a perl script.</p>
easily trigerrable from a Perl script.</p>
</blockquote>
</body>
</description>
@ -8401,7 +8401,7 @@ maliciously crafted GET request to the Horde server.</p>
sensitive host files (an information leak). Additionally, a
malicious guest administrator can cause files on the host to be
removed, causing a denial of service. In some unusual host
configurations, ability to remove certain files may be useable for
configurations, ability to remove certain files may be usable for
privilege escalation.</p>
</blockquote>
</body>
@ -9466,8 +9466,8 @@ maliciously crafted GET request to the Horde server.</p>
<p>LegalHackers' reports:</p>
<blockquote cite="http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html">
<p>RCE Bugs discovered in MySQL and its variants like MariaDB.
It works by manupulating my.cnf files and using --malloc-lib.
The bug seems fixed in MySQL5.7.15 by Oracle</p>
It works by manipulating my.cnf files and using --malloc-lib.
The bug seems fixed in MySQL 5.7.15 by Oracle</p>
</blockquote>
</body>
</description>
@ -10511,7 +10511,7 @@ fuzzing and other initiatives.</li>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Node.js has released new verions containing the following security fix:</p>
<p>Node.js has released new versions containing the following security fix:</p>
<blockquote cite="https://nodejs.org/en/blog/vulnerability/october-2016-security-releases/">
<p>The following releases all contain fixes for CVE-2016-5180 "ares_create_query single
byte out of buffer write": Node.js v0.10.48 (Maintenance), Node.js v0.12.17 (Maintenance),
@ -11045,7 +11045,7 @@ and CVE-2013-0155.</p>
<p>Debian reports:</p>
<blockquote cite="https://www.debian.org/security/2016/dsa-3675">
<p>Various memory handling problems and cases of missing or
incomplete input sanitising may result in denial of service or the
incomplete input sanitizing may result in denial of service or the
execution of arbitrary code if malformed SIXEL, PDB, MAP, SGI, TIFF and
CALS files are processed.</p>
</blockquote>
@ -11299,7 +11299,7 @@ and CVE-2013-0155.</p>
directory.</p>
<h1>Impact:</h1>
<p>An attacker who can control freebsd-update's or portsnap's
input to tar can change file content or permisssions on
input to tar(1) can change file content or permissions on
files outside of the update tool's working sandbox.</p>
</body>
</description>
@ -11856,8 +11856,8 @@ and CVE-2013-0155.</p>
<p>LegalHackers' reports:</p>
<blockquote cite="http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html">
<p>RCE Bugs discovered in MySQL and its variants like MariaDB.
It works by manupulating my.cnf files and using --malloc-lib.
The bug seems fixed in MySQL5.7.15 by Oracle</p>
It works by manipulating my.cnf files and using --malloc-lib.
The bug seems fixed in MySQL 5.7.15 by Oracle</p>
</blockquote>
</body>
</description>
@ -12613,7 +12613,7 @@ and CVE-2013-0155.</p>
</vuln>
<vuln vid="e195679d-045b-4953-bb33-be0073ba2ac6">
<topic>libxml2 -- multiple vulnabilities</topic>
<topic>libxml2 -- multiple vulnerabilities</topic>
<affects>
<package>
<name>libxml2</name>
@ -13880,7 +13880,7 @@ and CVE-2013-0155.</p>
<h1>Problem Description:</h1>
<p>The SNMP protocol supports an authentication model called
USM, which relies on a shared secret. The default permission
of the snmpd.configiguration file, /etc/snmpd.config, is
of the snmpd configuration file, /etc/snmpd.config, is
weak and does not provide adequate protection against local
unprivileged users.</p>
<h1>Impact:</h1>
@ -14184,7 +14184,7 @@ and CVE-2013-0155.</p>
would run commands.</p>
<h1>Impact:</h1>
<p>This issue could be exploited to execute arbitrary
commands as the user invoking patch(1) against a specically
commands as the user invoking patch(1) against a specially
crafted patch file, which could be leveraged to obtain
elevated privileges.</p>
</body>
@ -14260,7 +14260,7 @@ and CVE-2013-0155.</p>
commands.</p>
<h1>Impact:</h1>
<p>This issue could be exploited to execute arbitrary
commands as the user invoking patch(1) against a specically
commands as the user invoking patch(1) against a specially
crafted patch file, which could be leveraged to obtain
elevated privileges.</p>
</body>
@ -14463,7 +14463,7 @@ and CVE-2013-0155.</p>
can read or write 16-bits of kernel memory.</p>
<h1>Impact:</h1>
<p>An unprivileged process can read or modify 16-bits of
memory which belongs to the kernel. This smay lead to
memory which belongs to the kernel. This may lead to
exposure of sensitive information or allow privilege
escalation.</p>
</body>
@ -15869,7 +15869,7 @@ and CVE-2013-0155.</p>
pre-existing pagetable entries, to skip expensive re-validation
in safe cases (e.g. clearing only Access/Dirty bits). The bits
considered safe were too broad, and not actually safe.</p>
<p>A malicous PV guest administrator can escalate their privilege to
<p>A malicious PV guest administrator can escalate their privilege to
that of the host.</p>
</blockquote>
</body>
@ -15886,7 +15886,7 @@ and CVE-2013-0155.</p>
</vuln>
<vuln vid="cb5189eb-572f-11e6-b334-002590263bf5">
<topic>libidn -- mulitiple vulnerabilities</topic>
<topic>libidn -- multiple vulnerabilities</topic>
<affects>
<package>
<name>libidn</name>
@ -16408,7 +16408,7 @@ and CVE-2013-0155.</p>
</vuln>
<vuln vid="00cb1469-4afc-11e6-97ea-002590263bf5">
<topic>atutor -- multiple vulnerabilites</topic>
<topic>atutor -- multiple vulnerabilities</topic>
<affects>
<package>
<name>atutor</name>
@ -16435,7 +16435,7 @@ and CVE-2013-0155.</p>
</vuln>
<vuln vid="ffa8ca79-4afb-11e6-97ea-002590263bf5">
<topic>atutor -- multiple vulnerabilites</topic>
<topic>atutor -- multiple vulnerabilities</topic>
<affects>
<package>
<name>atutor</name>
@ -16901,7 +16901,7 @@ and CVE-2013-0155.</p>
rate-limited in any way. The guest can easily cause qemu to print
messages to stderr, causing this file to become arbitrarily large.
</p>
<p>The disk containing the logfile can be exausted, possibly causing a
<p>The disk containing the logfile can be exhausted, possibly causing a
denial-of-service (DoS).</p>
</blockquote>
</body>
@ -18037,7 +18037,7 @@ and CVE-2013-0155.</p>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Piwik reports:</p>
<blockquote cite="http://piwik.org/changelog/piwik-2-16-1/">
<p>iThe Piwik Security team is grateful for the responsible
<p>The Piwik Security team is grateful for the responsible
disclosures by our security researchers: Egidio Romano (granted a
critical security bounty), James Kettle and Paweł Bartunek (XSS) and
Emanuel Bronshtein (limited XSS).</p>
@ -21844,10 +21844,10 @@ and CVE-2013-0155.</p>
<p>JMS Object messages depends on Java Serialization for
marshaling/unmashaling of the message payload. There are a couple of places
inside the broker where deserialization can occur, like web console or stomp
object message transformation. As deserialization of untrusted data can leaed to
object message transformation. As deserialization of untrusted data can lead to
security flaws as demonstrated in various reports, this leaves the broker
vunerable to this attack vector. Additionally, applications that consume
ObjectMessage type of messages can be vunerable as they deserlize objects on
vulnerable to this attack vector. Additionally, applications that consume
ObjectMessage type of messages can be vulnerable as they deserialize objects on
ObjectMessage.getObject() calls.</p>
</blockquote>
</body>
@ -23108,7 +23108,7 @@ and CVE-2013-0155.</p>
<p>Andreas Schneider reports:</p>
<blockquote cite="https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/">
<p>libssh versions 0.1 and above have a bits/bytes confusion bug and
generate the an anormaly short ephemeral secret for the
generate an abnormally short ephemeral secret for the
diffie-hellman-group1 and diffie-hellman-group14 key exchange
methods. The resulting secret is 128 bits long, instead of the
recommended sizes of 1024 and 2048 bits respectively. There are
@ -23134,7 +23134,7 @@ and CVE-2013-0155.</p>
</vuln>
<vuln vid="7d09b9ee-e0ba-11e5-abc4-6fb07af136d2">
<topic>exim -- local privilleges escalation</topic>
<topic>exim -- local privillege escalation</topic>
<affects>
<package>
<name>exim</name>
@ -23532,7 +23532,7 @@ and CVE-2013-0155.</p>
<p>The Apache Software Foundation reports:</p>
<blockquote cite="http://xerces.apache.org/xerces-c/secadv/CVE-2016-0729.txt">
<p>The Xerces-C XML parser mishandles certain kinds of malformed input
documents, resulting in buffer overlows during processing and error
documents, resulting in buffer overflows during processing and error
reporting. The overflows can manifest as a segmentation fault or as
memory corruption during a parse operation. The bugs allow for a
denial of service attack in many applications by an unauthenticated
@ -26466,14 +26466,14 @@ and CVE-2013-0155.</p>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>DrWhax reports:</p>
<blockquote cite="http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557">
<p>So in codeconv.c there is a function for japanese character set
<p>So in codeconv.c there is a function for Japanese character set
conversion called conv_jistoeuc(). There is no bounds checking on
the output buffer, which is created on the stack with alloca()
Bug can be triggered by sending an email to TAILS_luser@riseup.net
or whatever.
Since my C is completely rusty, you might be able to make a better
judgement on the severity of this issue. Marking critical for now.</p>
judgment on the severity of this issue. Marking critical for now.</p>
</blockquote>
</body>
</description>
@ -28407,7 +28407,7 @@ and CVE-2013-0155.</p>
</vuln>
<vuln vid="84c7ea88-bf04-4bdc-973b-36744bf540ab">
<topic>flash -- multiple vulnabilities</topic>
<topic>flash -- multiple vulnerabilities</topic>
<affects>
<package>
<name>linux-c6-flashplugin</name>
@ -29013,7 +29013,7 @@ and CVE-2013-0155.</p>
a potential volume name of something like '../../../etc/passwd' to
attempt to access a file not belonging to the storage pool. When
fine-grained Access Control Lists (ACL) are in effect, a user with
storage_vol:create ACL permission but lacking domain:write permssion
storage_vol:create ACL permission but lacking domain:write permission
could thus abuse virStorageVolCreateXML and similar APIs to gain
access to files not normally permitted to that user. Fortunately, it
appears that the only APIs that could leak information or corrupt
@ -29306,7 +29306,7 @@ and CVE-2013-0155.</p>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>ISC reports:</p>
<blockquote cite="https://kb.isc.org/article/AA-01328/0/BIND-9.10.3-P2-Release-Notes.html">
<p>Named is potentially vulnerable to the OpenSSL vulnerabilty described in CVE-2015-3193.</p>
<p>Named is potentially vulnerable to the OpenSSL vulnerability described in CVE-2015-3193.</p>
<p>Incorrect reference counting could result in an INSIST
failure if a socket error occurred while performing a lookup. This flaw
is disclosed in CVE-2015-8461. [RT#40945]</p>
@ -29836,7 +29836,7 @@ and CVE-2013-0155.</p>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Redmine reports:</p>
<blockquote cite="http://www.redmine.org/projects/redmine/wiki/Security_Advisories">
<p>Mass-assignemnt vulnerability that would allow an attacker to
<p>Mass-assignment vulnerability that would allow an attacker to
bypass part of the security checks.</p>
<p>Persistent XSS vulnerability</p>
</blockquote>
@ -29928,7 +29928,7 @@ and CVE-2013-0155.</p>
</vuln>
<vuln vid="c8842a84-9ddd-11e5-8c2f-c485083ca99c">
<topic>flash -- multiple vulnabilities</topic>
<topic>flash -- multiple vulnerabilities</topic>
<affects>
<package>
<name>linux-c6-flashplugin</name>
@ -30865,7 +30865,7 @@ and CVE-2013-0155.</p>
</vuln>
<vuln vid="e5423caf-8fb8-11e5-918c-bcaec565249c">
<topic>libxml2 -- multiple vulnabilities</topic>
<topic>libxml2 -- multiple vulnerabilities</topic>
<affects>
<package>
<name>libxml2</name>
@ -31236,7 +31236,7 @@ and CVE-2013-0155.</p>
</vuln>
<vuln vid="547fbd98-8b1f-11e5-b48b-bcaec565249c">
<topic>flash -- multiple vulnabilities</topic>
<topic>flash -- multiple vulnerabilities</topic>
<affects>
<package>
<name>linux-c6-flashplugin</name>
@ -33534,7 +33534,7 @@ and CVE-2013-0155.</p>
</vuln>
<vuln vid="4e3e8a50-65c1-11e5-948e-bcaec565249c">
<topic>flash -- multiple vulnabilities</topic>
<topic>flash -- multiple vulnerabilities</topic>
<affects>
<package>
<name>linux-c6-flashplugin</name>
@ -40554,7 +40554,7 @@ and CVE-2013-0155.</p>
</vuln>
<vuln vid="d46ed7b8-1912-11e5-9fdf-00262d5ed8ee">
<topic>www/chromium -- mulitple vulnerabilities</topic>
<topic>www/chromium -- multiple vulnerabilities</topic>
<affects>
<package>
<name>chromium</name>
@ -43726,7 +43726,7 @@ and CVE-2013-0155.</p>
</vuln>
<vuln vid="505904d3-ea95-11e4-beaf-bcaec565249c">
<topic>wordpress -- multiple vulnabilities</topic>
<topic>wordpress -- multiple vulnerabilities</topic>
<affects>
<package>
<name>wordpress</name>
@ -49192,8 +49192,8 @@ and CVE-2013-0155.</p>
limited amount of information exposure.</p>
<p>SECURITY-127 and SECURITY-128 are rated <strong>high</strong>. The
formed can be used to further escalate privileges, and the latter
results inloss of data.</p>
former can be used to further escalate privileges, and the latter
results in loss of data.</p>
<p>SECURITY-131 and SECURITY-138 is rated <strong>critical</strong>.
This vulnerabilities results in exposure of sensitie information
@ -102539,7 +102539,7 @@ executed in your Internet Explorer while displaying the email.</p>
</blockquote>
<blockquote cite="http://drupal.org/node/184348">
<p>The Drupal Forms API protects against cross site request
forgeries (CSRF), where a malicous site can cause a user
forgeries (CSRF), where a malicious site can cause a user
to unintentionally submit a form to a site where he is
authenticated. The user deletion form does not follow the
standard Forms API submission model and is therefore not
@ -105879,7 +105879,7 @@ executed in your Internet Explorer while displaying the email.</p>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>The freeradius development team reports:</p>
<blockquote cite="http://www.freeradius.org/security.html">
<p>A malicous 802.1x supplicant could send malformed Diameter format
<p>A malicious 802.1x supplicant could send malformed Diameter format
attributes inside of an EAP-TTLS tunnel. The server would reject
the authentication request, but would leak one VALUE_PAIR data
structure, of approximately 300 bytes. If an attacker performed
@ -120075,7 +120075,7 @@ executed in your Internet Explorer while displaying the email.</p>
<p>In fetchmail 6.2.5.1, the remote code injection via
POP3 UIDL was fixed, but a denial of service attack was
introduced:</p>
<p>Two possible NULL-pointer dereferences allow a malicous
<p>Two possible NULL-pointer dereferences allow a malicious
POP3 server to crash fetchmail by respondig with UID lines
containing only the article number but no UID (in violation
of RFC-1939), or a message without Message-ID when no UIDL
@ -129031,7 +129031,7 @@ http_access deny Gopher</pre>
<p><code>acl something src "/path/to/empty_file.txt"<br/>
http_access allow something somewhere</code></p>
<p>gets parsed (with warnings) as</p>
<p><code>http_access allow somwhere</code></p>
<p><code>http_access allow somewhere</code></p>
<p>And similarily if you are using proxy_auth acls without
having any auth schemes defined.</p>
</blockquote>
@ -131313,7 +131313,7 @@ http_access deny Gopher</pre>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Sean <q>infamous42md</q> reports that a malicous GroupWise
<p>Sean <q>infamous42md</q> reports that a malicious GroupWise
messaging server may be able to exploit a heap buffer
overflow in gaim, leading to arbitrary code execution.</p>
</body>