aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMark Felder <feld@FreeBSD.org>2016-08-18 21:44:34 +0000
committerMark Felder <feld@FreeBSD.org>2016-08-18 21:44:34 +0000
commit708dfa0a29491ecbc6fa4d07af43b6ae3198b7fc (patch)
treef3bfd8212ffaaab80f44f5d47b7e5c47e3ab4143
parent1b8743f8446e55e5d083f383185fc734ff59f222 (diff)
downloadports-708dfa0a29491ecbc6fa4d07af43b6ae3198b7fc.tar.gz
ports-708dfa0a29491ecbc6fa4d07af43b6ae3198b7fc.zip
Add a number of old expired and End of Life ports to vuxml
PR: 211975
Notes
Notes: svn path=/head/; revision=420425
-rw-r--r--security/vuxml/vuln.xml94
1 files changed, 94 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 47fb18a3e1aa..a923ff25cb90 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -58,6 +58,100 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="7fe7df75-6568-11e6-a590-14dae9d210b8">
+ <topic>End of Life Ports</topic>
+ <affects>
+ <package>
+ <name>python32</name>
+ <name>py32-*</name>
+ <name>python31</name>
+ <name>py31-*</name>
+ <name>python30</name>
+ <name>py30-*</name>
+ <name>python26</name>
+ <name>py26-*</name>
+ <name>python25</name>
+ <name>py25-*</name>
+ <name>python24</name>
+ <name>py24-*</name>
+ <name>python23</name>
+ <name>py23-*</name>
+ <name>python22</name>
+ <name>py22-*</name>
+ <name>python21</name>
+ <name>py21-*</name>
+ <name>python20</name>
+ <name>py20-*</name>
+ <name>python15</name>
+ <name>py15-*</name>
+ <range><ge>0</ge></range>
+ </package>
+ <package>
+ <name>php54</name>
+ <name>php54-*</name>
+ <name>php53</name>
+ <name>php53-*</name>
+ <name>php52</name>
+ <name>php52-*</name>
+ <name>php5</name>
+ <name>php5-*</name>
+ <name>php4</name>
+ <name>php4-*</name>
+ <range><ge>0</ge></range>
+ </package>
+ <package>
+ <name>perl5</name>
+ <range><lt>5.18</lt></range>
+ </package>
+ <package>
+ <name>perl5.16</name>
+ <name>perl5.14</name>
+ <name>perl5.12</name>
+ <name>perl5.10</name>
+ <range><ge>0</ge></range>
+ </package>
+ <package>
+ <name>ruby20</name>
+ <name>ruby19</name>
+ <name>ruby18</name>
+ <name>ruby16</name>
+ <name>ruby14</name>
+ <range><ge>0</ge></range>
+ </package>
+ <package>
+ <name>unifi2</name>
+ <name>unifi3</name>
+ <range><ge>0</ge></range>
+ </package>
+ <package>
+ <name>apache21</name>
+ <name>apache20</name>
+ <name>apache13</name>
+ <range><ge>0</ge></range>
+ </package>
+ <package>
+ <name>tomcat55</name>
+ <name>tomcat41</name>
+ <range><ge>0</ge></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>These packages have reached End of Life status and/or have
+ been removed from the Ports Tree. They may contain undocumented
+ security issues. Please take caution and find alternative
+ software as soon as possible.</p>
+ </body>
+ </description>
+ <references>
+ <freebsdpr>211975</freebsdpr>
+ </references>
+ <dates>
+ <discovery>2016-08-18</discovery>
+ <entry>2016-08-18</entry>
+ </dates>
+ </vuln>
+
<vuln vid="e1c71d8d-64d9-11e6-b38a-25a46b33f2ed">
<topic>gnupg -- attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output</topic>
<affects>