aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRyan Steinmetz <zi@FreeBSD.org>2021-06-02 13:46:30 +0000
committerRyan Steinmetz <zi@FreeBSD.org>2021-06-02 13:48:26 +0000
commit687785a86a755feb934a5e7eb1d902c4431ce0ad (patch)
treecd3617d506600713308b295988aecee27c933d79
parent46a6779def8fcc069cf77c3fb281cabae9909d09 (diff)
downloadports-687785a86a755feb934a5e7eb1d902c4431ce0ad.tar.gz
ports-687785a86a755feb934a5e7eb1d902c4431ce0ad.zip
security/vuxml: Document isc-dhcp44-* vulnerability
PR: 256377
-rw-r--r--security/vuxml/vuln.xml36
1 files changed, 36 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 9f5b59c17c1b..c3c369a55749 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -76,6 +76,42 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="e24fb8f8-c39a-11eb-9370-b42e99a1b9c3">
+ <topic>isc-dhcp -- remotely exploitable vulnerability</topic>
+ <affects>
+ <package>
+ <name>isc-dhcp44-relay</name>
+ <range><lt>4.4.2-P1</lt></range>
+ </package>
+ <package>
+ <name>isc-dhcp44-server</name>
+ <range><lt>4.4.2-P1</lt></range>
+ </package>
+ <package>
+ <name>isc-dhcp44-client</name>
+ <range><lt>4.4.2-P1</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Michael McNally reports:</p>
+ <blockquote cite="https://seclists.org/oss-sec/2021/q2/170">
+ <p>Program code used by the ISC DHCP package to read and parse stored leases</p>
+ <p>has a defect that can be exploited by an attacker to cause one of several
+ undesirable outcomes</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2021-25217</cvename>
+ <url>https://kb.isc.org/docs/cve-2021-25217</url>
+ </references>
+ <dates>
+ <discovery>2021-05-26</discovery>
+ <entry>2021-06-02</entry>
+ </dates>
+ </vuln>
+
<vuln vid="5f52d646-c31f-11eb-8dcf-001b217b3468">
<topic>Gitlab -- Multiple Vulnerabilities</topic>
<affects>