Page MenuHomeDevCentral
Paste P43

pkg audit on Ysul
ArchivedPublic
Actions

Authored by dereckson on Apr 3 2015, 17:00.
libzip-0.11.2_1 is vulnerable:
libzip -- integer overflow
CVE: CVE-2015-2331
WWW: http://vuxml.FreeBSD.org/freebsd/264749ae-d565-11e4-b545-00269ee29e57.html
php56-5.6.6 is vulnerable:
Several vulnerabilities found in PHP
CVE: CVE-2015-2311
CVE: CVE-2015-2305
CVE: CVE-2015-0231
WWW: http://vuxml.FreeBSD.org/freebsd/742563d4-d776-11e4-b595-4061861086c1.html
py27-django-1.7.3 is vulnerable:
django -- multiple vulnerabilities
CVE: CVE-2015-2317
CVE: CVE-2015-2316
WWW: http://vuxml.FreeBSD.org/freebsd/62287f51-d43d-11e4-879c-00e0814cab4e.html
subversion-1.8.11 is vulnerable:
subversion -- DoS vulnerabilities
CVE: CVE-2015-0251
CVE: CVE-2015-0248
CVE: CVE-2015-0202
WWW: http://vuxml.FreeBSD.org/freebsd/8e887b71-d769-11e4-b1c2-20cf30e32f6d.html
4 problem(s) in the installed packages found.

Event Timeline

dereckson edited the content of this paste. (Show Details)Apr 3 2015, 17:00
dereckson changed the title of this paste from untitled to Masterwork From Distant Lands.
dereckson updated the paste's language from autodetect to autodetect.
dereckson changed the title of this paste from Masterwork From Distant Lands to pkg audit on Ysul.Apr 3 2015, 17:01
dereckson added projects: Nasqueron security operations squad, security, Servers.
dereckson mentioned this in T289: Upgrade libzip, PHP 5.6, Django and Subversion on Ysul.
dereckson added a comment.Apr 3 2015, 17:05

Round one:

  • py27-django: 1.7.3 -> 1.7.7
  • libzip: 0.11.2_1 -> 0.11.2_2
  • py27-sqlite3: 2.7.9_5 -> 2.7.9_6

No binary package for subversion or php56.

dereckson added a comment.Apr 3 2015, 17:41

PHP upgraded to 5.6.7 (CLI, php-fpm, CGI)

dereckson archived this paste.Oct 23 2017, 22:43
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator