Changeset View
Standalone View
security/vuxml/vuln.xml
- This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 Lines • Show All 52 Lines • ▼ Show 20 Lines | |||||
Help is also available from ports-security@freebsd.org. | Help is also available from ports-security@freebsd.org. | ||||
Notes: | Notes: | ||||
* Please add new entries to the beginning of this file. | * Please add new entries to the beginning of this file. | ||||
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.) | * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) | ||||
--> | --> | ||||
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> | <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> | ||||
<vuln vid="d0be41fe-2a20-4633-b057-4e8b25c41780"> | |||||
<topic>bro -- array bounds and potential DOS issues</topic> | |||||
<affects> | |||||
<package> | |||||
<name>bro</name> | |||||
<range><lt>2.5.5</lt></range> | |||||
</package> | |||||
</affects> | |||||
<description> | |||||
<body xmlns="http://www.w3.org/1999/xhtml"> | |||||
<p>Corelight reports:</p> | |||||
matthew: Who is reporting here? | |||||
Not Done Inline ActionsGood point (but I'm disappointed validate didn't complain...) leres: Good point (but I'm disappointed validate didn't complain...) | |||||
Not Done Inline Actionsvalidate only checks for well-formed XML, not semantic correctness. matthew: validate only checks for well-formed XML, not semantic correctness. | |||||
<blockquote cite="https://www.bro.org/download/NEWS.bro.html"> | |||||
<p>Bro 2.5.5 primarily addresses security issues:</p> | |||||
<ul> | |||||
<li>Fix array bounds checking in BinPAC: for arrays | |||||
that are fields within a record, the bounds check | |||||
was based on a pointer to the start of the record | |||||
rather than the start of the array field, potentially | |||||
resulting in a buffer over-read.</li> | |||||
Done Inline ActionsThese paragraphs have rather excessively long line lengths -- doesn't make validate warn you about the formatting here? Also, you can use any HTML elements inside the <blockquote> area, not just <p></p> -- so <ul><li></li></ul> could be pasted in directly from the BRO news page, although you will have to trim the CSS class settings. matthew: These paragraphs have rather excessively long line lengths -- doesn't `make validate` warn you… | |||||
Not Done Inline Actionsmake validate did not complain about the line length. Also I used really long lines the last time I added a entry for bro to security/vuxml and was trying to use it as a template. And I'm sure I used long lines because I found old entries that did it that way. Using <ul> seems much better. leres: make validate did not complain about the line length. Also I used really long lines the last… | |||||
<li>Fix SMTP command string comparisons: the number | |||||
of bytes compared was based on the user-supplied | |||||
string length and can lead to incorrect matches. | |||||
e.g. giving a command of "X" incorrectly matched | |||||
"X-ANONYMOUSTLS" (and an empty commands match | |||||
anything).</li> | |||||
</ul> | |||||
<p>Address potential vectors for Denial of Service:</p> | |||||
<ul> | |||||
<li>"Weird" events are now generally suppressed/sampled | |||||
by default according to some tunable parameters.</li> | |||||
<li>Improved handling of empty lines in several text | |||||
protocol analyzers that can cause performance issues | |||||
when seen in long sequences.</li> | |||||
<li>Add `smtp_excessive_pending_cmds' weird which | |||||
serves as a notification for when the "pending | |||||
command" queue has reached an upper limit and been | |||||
cleared to prevent one from attempting to slowly | |||||
exhaust memory.</li> | |||||
</ul> | |||||
Not Done Inline ActionsHmmm.... AFAIR the indentation style preferred by the project looks like: <ul> <li>"Weird" events are now generally suppressed/sampled by default according to some tunable parameters.</li> <li>Improved handling of empty lines in several text protocol analyzers that can cause performance issues when seen in long sequences.</li> <li>Add `smtp_excessive_pending_cmds' weird which serves as a notification for when the "pending command" queue has reached an upper limit and been cleared to prevent one from attempting to slowly exhaust memory.</li> </ul> although I see this has not been rigorously observed. I guess if make validate doesn't complain then you're golden. matthew: Hmmm.... AFAIR the indentation style preferred by the project looks like:
```
<ul>… | |||||
</blockquote> | |||||
</body> | |||||
</description> | |||||
<references> | |||||
<url>https://www.bro.org/download/NEWS.bro.html</url> | |||||
</references> | |||||
<dates> | |||||
<discovery>2018-08-28</discovery> | |||||
<entry>2018-08-29</entry> | |||||
</dates> | |||||
</vuln> | |||||
<vuln vid="0904e81f-a89d-11e8-afbb-bc5ff4f77b71"> | <vuln vid="0904e81f-a89d-11e8-afbb-bc5ff4f77b71"> | ||||
<topic>node.js -- multiple vulnerabilities</topic> | <topic>node.js -- multiple vulnerabilities</topic> | ||||
<affects> | <affects> | ||||
<package> | <package> | ||||
<name>node</name> | <name>node</name> | ||||
<range><lt>10.9.0</lt></range> | <range><lt>10.9.0</lt></range> | ||||
</package> | </package> | ||||
<package> | <package> | ||||
▲ Show 20 Lines • Show All 32,759 Lines • Show Last 20 Lines |
Who is reporting here?