1
0
mirror of https://git.FreeBSD.org/ports.git synced 2025-01-13 07:34:50 +00:00

Add VuXML DTDs and the VuXML document for FreeBSD.

This commit is contained in:
Jacques Vidrine 2004-02-12 14:23:48 +00:00
parent 017e891a43
commit b73c2468c3
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=100761
7 changed files with 615 additions and 0 deletions

98
security/vuxml/Makefile Normal file
View File

@ -0,0 +1,98 @@
# New ports collection makefile for: vuxml
# Date created: 2004/02/12
# Whom: nectar@FreeBSD.org
#
# $FreeBSD$
#
PORTNAME= vuxml
PORTVERSION= 1.0
PORTREVISION= 0
CATEGORIES= security textproc
MASTER_SITES= http://www.vuxml.org/dtd/vuxml-1/
DISTFILES= vuxml-10.dtd vuxml-model-10.mod
MAINTAINER= nectar@FreeBSD.org
COMMENT= Vulnerability and eXposure Markup Language DTD
RUN_DEPENDS= ${XMLCATMGR}:${PORTSDIR}/textproc/xmlcatmgr \
${LOCALBASE}/share/xml/dtd/xhtml-modularization/VERSION:${PORTSDIR}/textproc/xhtml-modularization \
${LOCALBASE}/share/xml/dtd/xhtml-basic/xhtml-basic10.dtd:${PORTSDIR}/textproc/xhtml-basic
NO_MTREE= YES
NO_BUILD= YES
WRKSRC= ${WRKDIR}
dir_DTD= share/xml/dtd/vuxml
XMLCATMGR= ${LOCALBASE}/bin/xmlcatmgr
SGMLCAT= ${PREFIX}/share/sgml/catalog.ports
XMLCAT= ${PREFIX}/share/xml/catalog.ports
XMLCAT_ADD= ${XMLCATMGR} -c ${XMLCAT} add nextCatalog \
${PREFIX}/${dir_DTD}/catalog.xml
XMLCAT_RM= ${XMLCATMGR} -c ${XMLCAT} remove nextCatalog \
${PREFIX}/${dir_DTD}/catalog.xml
SGMLCAT_ADD= ${XMLCATMGR} -sc ${SGMLCAT} add CATALOG \
${PREFIX}/${dir_DTD}/vuxml.cat
SGMLCAT_RM= ${XMLCATMGR} -sc ${SGMLCAT} remove CATALOG \
${PREFIX}/${dir_DTD}/vuxml.cat
CATALOG_PORTS_SGML= ${PREFIX}/share/sgml/catalog.ports
CATALOG_PORTS_XML= ${PREFIX}/share/xml/catalog.ports
PLIST= ${WRKDIR}/PLIST
VUXML_FILE?= ${PKGDIR}/vuln.xml
do-extract:
@${RM} -rf ${WRKDIR}
@${MKDIR} ${WRKDIR}
.for f in ${DISTFILES}
${CP} ${_DISTDIR}/${f} ${WRKDIR}/${f}
.endfor
pre-install:
${CP} ${PKGDIR}/pkg-plist ${PLIST}
${ECHO} "@unexec ${XMLCAT_RM}" >> ${PLIST}
${ECHO} "@exec ${XMLCAT_ADD}" >> ${PLIST}
${ECHO} "@unexec ${SGMLCAT_RM}" >> ${PLIST}
${ECHO} "@exec ${SGMLCAT_ADD}" >> ${PLIST}
${ECHO} "@dirrm ${dir_DTD}" >> ${PLIST}
${ECHO} '@unexec rmdir %D share/xml/dtd 2>/dev/null || true' >> \
${PLIST}
do-install:
@[ -d ${PREFIX}/${dir_DTD} ] || \
${MKDIR} ${PREFIX}/${dir_DTD}
.for f in ${DISTFILES}
${INSTALL_DATA} ${WRKSRC}/${f} ${PREFIX}/${dir_DTD}/${f}
.endfor
${SED} -e "s;@@PREFIX@@;${PREFIX};g" ${FILESDIR}/catalog.xml > \
${WRKDIR}/catalog.xml
${INSTALL_DATA} ${WRKDIR}/catalog.xml ${PREFIX}/${dir_DTD}/catalog.xml
${INSTALL_DATA} ${FILESDIR}/vuxml.cat ${PREFIX}/${dir_DTD}/vuxml.cat
${XMLCAT_ADD}
${SGMLCAT_ADD}
validate:
.if defined(WITH_XMLLINT)
${SETENV} SGML_CATALOG_FILES="${CATALOG_PORTS_XML}" \
xmllint --catalogs --valid --noout "${VUXML_FILE}"
.elif defined(WITH_NSGMLS)
${SETENV} SP_CHARSET_FIXED=YES SP_ENCODING=XML \
nsgmls -wxml -s "${VUXML_FILE}"
.elif defined(WITH_RXP)
${SETENV} XML_CATALOG_FILES="${CATALOG_PORTS_XML}" \
rxp -EVNxs "${VUXML_FILE}"
.else
@${ECHO} "Define one of the following to validate:"
@${ECHO} " WITH_XMLLINT Use xmllint from libxml2"
@${ECHO} " WITH_NSGMLS Use nsgmls from jade"
# RXP 1.4 works great, but the ports system is stuck at 1.2.5
# @${ECHO} " WITH_RXP Use rxp"
@${ECHO}
@${FALSE}
.endif
.include <bsd.port.mk>

2
security/vuxml/distinfo Normal file
View File

@ -0,0 +1,2 @@
MD5 (vuxml-10.dtd) = a0fa5d5facdff104bbf25c7e55459fac
MD5 (vuxml-model-10.mod) = bc4b64d08d60d2d4d0dc5b3f83f4fca0

View File

@ -0,0 +1,22 @@
<?xml version="1.0"?>
<!DOCTYPE catalog PUBLIC "-//OASIS//DTD Entity Resolution XML Catalog V1.0//EN"
"http://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd">
<catalog xmlns="urn:oasis:names:tc:entity:xmlns:xml:catalog"
prefer="public"
xml:base="file://@@PREFIX@@/share/xml/dtd/vuxml/">
<rewriteSystem
systemIdStartString="http://www.vuxml.org/dtd/vuxml-1"
rewritePrefix="./" />
<public
publicId="-//vuxml.org/DTD VuXML 1.0//EN"
uri="vuxml-10.dtd" />
<public
publicId="-//vuxml.org//ELEMENTS VuXML 1.0 Document Model//EN"
uri="vuxml-model-10.mod" />
</catalog>

View File

@ -0,0 +1,4 @@
OVERRIDE YES
PUBLIC "-//vuxml.org//DTD VuXML 1.0//EN" "vuxml-10.dtd"
PUBLIC "-//vuxml.org//ELEMENTS VuXML 1.0 Document Model//EN" "vuxml-model-10.mod"

4
security/vuxml/pkg-descr Normal file
View File

@ -0,0 +1,4 @@
VuXML (the Vulnerability and eXposure Markup Language) is an XML
application for documenting security bugs and corrections within
a software package collection such as the FreeBSD Ports Collection.
This port installs the DTDs required for validating VuXML documents.

4
security/vuxml/pkg-plist Normal file
View File

@ -0,0 +1,4 @@
share/xml/dtd/vuxml/catalog.xml
share/xml/dtd/vuxml/vuxml-10.dtd
share/xml/dtd/vuxml/vuxml-model-10.mod
share/xml/dtd/vuxml/vuxml.cat

481
security/vuxml/vuln.xml Normal file
View File

@ -0,0 +1,481 @@
<?xml version="1.0" encoding="utf-8" ?>
<!--
Copyright 2003, 2004 Jacques Vidrine and contributors
Redistribution and use in source (VuXML) and 'compiled' forms (SGML,
HTML, PDF, PostScript, RTF and so forth) with or without modification,
are permitted provided that the following conditions are met:
1. Redistributions of source code (VuXML) must retain the above
copyright notice, this list of conditions and the following
disclaimer as the first lines of this file unmodified.
2. Redistributions in compiled form (transformed to other DTDs,
published online in any format, converted to PDF, PostScript,
RTF and other formats) must reproduce the above copyright
notice, this list of conditions and the following disclaimer
in the documentation and/or other materials provided with the
distribution.
THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-->
<!DOCTYPE vuxml PUBLIC "-//vuxml.org//DTD VuXML 1.0//EN"
"http://www.vuxml.org/dtd/vuxml-1/vuxml-10.dtd">
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
<vuln vid="67c05283-5d62-11d8-80e3-0020ed76ef5a">
<topic>Buffer overflow in Mutt 1.4</topic>
<affects>
<package>
<name>mutt</name>
<name>ja-mutt</name>
<range><ge>1.4</ge><lt>1.4.2</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Mutt 1.4 contains a buffer overflow that could be exploited
with a specially formed message, causing Mutt to crash or
possibly execute arbitrary code.</p>
</body>
</description>
<references>
<cvename>CAN-2004-0078</cvename>
<url>http://www.mutt.org/news.html</url>
</references>
<dates>
<discovery>2004/02/11</discovery>
<entry>2004/02/12</entry>
</dates>
</vuln>
<vuln vid="7557a2b1-5d63-11d8-80e3-0020ed76ef5a">
<topic>Apache-SSL optional client certificate vulnerability</topic>
<affects>
<package>
<name>apache+ssl</name>
<range><lt>1.3.29.1.53</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>From the Apache-SSL security advisory:</p>
<blockquote>
If configured with SSLVerifyClient set to 1 or 3 (client
certificates optional) and SSLFakeBasicAuth, Apache-SSL
1.3.28+1.52 and all earlier versions would permit a
client to use real basic authentication to forge a client
certificate.
All the attacker needed is the "one-line DN" of a valid
user, as used by faked basic auth in Apache-SSL, and the
fixed password ("password" by default).
</blockquote>
</body>
</description>
<references>
<url>http://www.apache-ssl.org/advisory-20040206.txt</url>
</references>
<dates>
<discovery>2004/02/06</discovery>
<entry>2004/02/10</entry>
</dates>
</vuln>
<vuln vid="96ba2dae-4ab0-11d8-96f2-0020ed76ef5a">
<topic>L2TP, ISAKMP, and RADIUS parsing vulnerabilities in
tcpdump</topic>
<affects>
<package>
<name>tcpdump</name>
<range><lt>3.8.1_351</lt></range>
</package>
<system>
<name>FreeBSD</name>
<range><lt>5.2.1</lt></range>
</system>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Jonathan Heusser discovered vulnerabilities in tcpdump's
L2TP, ISAKMP, and RADIUS protocol handlers. These
vulnerabilities may be used by an attacker to crash a running
`tcpdump' process.</p>
</body>
</description>
<references>
<cvename>CAN-2003-0989</cvename>
<cvename>CAN-2003-1029</cvename>
<cvename>CAN-2004-0057</cvename>
<url>http://marc.theaimsgroup.com/?l=tcpdump-workers&amp;m=107228187124962&amp;w=2</url>
<url>http://marc.theaimsgroup.com/?l=tcpdump-workers&amp;m=107325073018070&amp;w=2</url>
</references>
<dates>
<discovery>2003-12-24</discovery>
<entry>2004-01-19</entry>
</dates>
</vuln>
<vuln vid="20be2982-4aae-11d8-96f2-0020ed76ef5a">
<topic>fsp buffer overflow and directory traversal vulnerabilities</topic>
<affects>
<package>
<name>fspd</name>
<range><gt>0</gt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>The <a href="http://www.debian.org/security">Debian
security team</a> reported a pair of vulnerabilities in
fsp:</p>
<blockquote cite="http://www.debian.org/security/2004/dsa-416">
<p>A vulnerability was discovered in fsp, client utilities
for File Service Protocol (FSP), whereby a remote user could
both escape from the FSP root directory (CAN-2003-1022), and
also overflow a fixed-length buffer to execute arbitrary
code (CAN-2004-0011).</p>
</blockquote>
</body>
</description>
<references>
<cvename>CAN-2003-1022</cvename>
<cvename>CAN-2004-0011</cvename>
<url>http://www.debian.org/security/2004/dsa-416</url>
</references>
<dates>
<discovery>2004-01-06</discovery>
<entry>2004-01-19</entry>
</dates>
</vuln>
<vuln vid="fd376b8b-41e1-11d8-b096-0020ed76ef5a">
<topic>Buffer overflow in INN control message handling</topic>
<affects>
<package>
<name>inn</name>
<range><lt>2.4.1</lt></range>
</package>
<package>
<name>inn-stable</name>
<range><lt>20031022_1</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>A small, fixed-size stack buffer is used to construct a
filename based on a received control message. This could
result in a stack buffer overflow.</p>
</body>
</description>
<references>
<url>http://lists.litech.org/pipermail/inn-workers/2004q1/002763.html</url>
</references>
<dates>
<discovery>2004-01-07</discovery>
<entry>2004-01-08</entry>
</dates>
</vuln>
<vuln vid="cf0fb426-3f96-11d8-b096-0020ed76ef5a">
<topic>ProFTPD ASCII translation bug resulting in remote root
compromise</topic>
<affects>
<package>
<name>proftpd</name>
<range><lt>1.2.8_1</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>A buffer overflow exists in the ProFTPD code that handles
translation of newline characters during ASCII-mode file
uploads. An attacker may exploit this buffer overflow by
uploading a specially crafted file, resulting in code
execution and ultimately a remote root compromise.</p>
</body>
</description>
<references>
<url>http://xforce.iss.net/xforce/alerts/id/154</url>
<cvename>CAN-2003-0831</cvename>
</references>
<dates>
<discovery>2003-09-23</discovery>
<entry>2004-01-05</entry>
</dates>
</vuln>
<vuln vid="f04cc5cb-2d0b-11d8-beaf-000a95c4d922">
<topic>bind8 negative cache poison attack</topic>
<affects>
<package>
<name>bind</name>
<range><ge>8.3</ge><lt>8.3.7</lt></range>
<range><ge>8.4</ge><lt>8.4.3</lt></range>
</package>
<system>
<name>FreeBSD</name>
<range><ge>5.1</ge><lt>5.1p11</lt></range>
<range><ge>5.0</ge><lt>5.0p19</lt></range>
<range><ge>4.9</ge><lt>4.9p1</lt></range>
<range><ge>4.8</ge><lt>4.8p14</lt></range>
<range><ge>4.7</ge><lt>4.7p24</lt></range>
<range><ge>4.6</ge><lt>4.6.2p27</lt></range>
<range><ge>4.5</ge><lt>4.5p37</lt></range>
<range><lt>4.4p47</lt></range>
</system>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>A programming error in BIND 8 named can result in a DNS
message being incorrectly cached as a negative response. As
a result, an attacker may arrange for malicious DNS messages
to be delivered to a target name server, and cause that name
server to cache a negative response for some target domain
name. The name server would thereafter respond negatively
to legitimate queries for that domain name, resulting in a
denial-of-service for applications that require DNS.</p>
</body>
</description>
<references>
<cvename>CAN-2003-0914</cvename>
<freebsdsa>SA-03:19</freebsdsa>
<certvu>734644</certvu>
</references>
<dates>
<discovery>2003-11-28</discovery>
<entry>2003-12-12</entry>
</dates>
</vuln>
<vuln vid="81313647-2d03-11d8-9355-0020ed76ef5a">
<topic>ElGamal sign+encrypt keys created by GnuPG can be
compromised</topic>
<affects>
<package>
<name>gnupg</name>
<range><ge>1.0.2</ge><lt>1.2.3_4</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Any ElGamal sign+encrypt keys created by GnuPG contain a
cryptographic weakness that may allow someone to obtain
the private key. <strong>These keys should be considered
unusable and should be revoked.</strong></p>
<p>The following summary was written by Werner Koch, GnuPG
author:</p>
<blockquote cite="http://lists.gnupg.org/pipermail/gnupg-devel/2003-November/020570.html">
<p>Phong Nguyen identified a severe bug in the way GnuPG
creates and uses ElGamal keys for signing. This is
a significant security failure which can lead to a
compromise of almost all ElGamal keys used for signing.
Note that this is a real world vulnerability which will
reveal your private key within a few seconds.</p>
<p>...</p>
<p>Please <em>take immediate action and revoke your ElGamal
signing keys</em>. Furthermore you should take whatever
measures necessary to limit the damage done for signed or
encrypted documents using that key.</p>
<p>Note that the standard keys as generated by GnuPG (DSA
and ElGamal encryption) as well as RSA keys are NOT
vulnerable. Note also that ElGamal signing keys cannot
be generated without the use of a special flag to enable
hidden options and even then overriding a warning message
about this key type. See below for details on how to
identify vulnerable keys.</p>
</blockquote>
</body>
</description>
<references>
<cvename>CAN-2003-0971</cvename>
<url>http://lists.gnupg.org/pipermail/gnupg-devel/2003-November/020570.html</url>
</references>
<dates>
<discovery>2003-11-27</discovery>
<entry>2003-12-12</entry>
</dates>
</vuln>
<vuln vid="96fdbf5b-2cfd-11d8-9355-0020ed76ef5a">
<topic>Mathopd buffer overflow</topic>
<affects>
<package>
<name>mathopd</name>
<range><lt>1.4p2</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Mathopd contains a buffer overflow in the prepare_reply()
function that may be remotely exploitable.</p>
</body>
</description>
<references>
<url>http://www.mail-archive.com/mathopd%40mathopd.org/msg00136.html</url>
</references>
<dates>
<discovery>2003-12-04</discovery>
<entry>2003-12-12</entry>
</dates>
</vuln>
<vuln vid="d7af61c8-2cc0-11d8-9355-0020ed76ef5a">
<topic>lftp HTML parsing vulnerability</topic>
<affects>
<package>
<name>lftp</name>
<range><le>2.6.10</le></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>A buffer overflow exists in lftp which may be triggered when
requesting a directory listing from a malicious server over
HTTP.</p>
</body>
</description>
<references>
<cvename>CAN-2003-0963</cvename>
<url>http://lftp.yar.ru/news.html#2.6.10</url>
</references>
<dates>
<discovery>2003-12-11</discovery>
<entry>2003-12-12</entry>
</dates>
</vuln>
<vuln vid="af0296be-2455-11d8-82e5-0020ed76ef5a">
<topic>Fetchmail address parsing vulnerability</topic>
<affects>
<package>
<name>fetchmail</name>
<range><le>6.2.0</le></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Fetchmail can be crashed by a malicious email message.</p>
</body>
</description>
<references>
<url>http://security.e-matters.de/advisories/052002.html</url>
</references>
<dates>
<discovery>2003-10-25</discovery>
<entry>2003-10-25</entry>
</dates>
</vuln>
<vuln vid="2bcd2d24-24ca-11d8-82e5-0020ed76ef5a">
<topic>Buffer overflow in pam_smb password handling</topic>
<affects>
<package>
<name>pam_smb</name>
<range><lt>1.9.9_3</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Applications utilizing pam_smb can be compromised by
any user who can enter a password. In many cases,
this is a remote root compromise.</p>
</body>
</description>
<references>
<url>http://www.skynet.ie/~airlied/pam_smb/</url>
<cvename>CAN-2003-0686</cvename>
</references>
<dates>
<discovery>2003-10-25</discovery>
<entry>2003-10-25</entry>
<modified>2003-10-25</modified>
</dates>
</vuln>
<vuln vid="c4b7badf-24ca-11d8-82e5-0020ed76ef5a">
<topic>Buffer overflows in libmcrypt</topic>
<affects>
<package>
<name>libmcrypt</name>
<range><lt>2.5.6</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>libmcrypt does incomplete input validation, leading to
several buffer overflow vuxml. Additionally,
a memory leak is present. Both of these problems may be
exploited in a denial-of-service attack.</p>
</body>
</description>
<references>
<url>http://seclists.org/lists/bugtraq/2003/Jan/0022.html</url>
<cvename>CAN-2003-0031</cvename>
<cvename>CAN-2003-0032</cvename>
</references>
<dates>
<discovery>2003-10-25</discovery>
<entry>2003-10-25</entry>
<modified>2003-10-25</modified>
</dates>
</vuln>
<vuln vid="ebdf65c7-2ca6-11d8-9355-0020ed76ef5a">
<topic>qpopper format string vulnerability</topic>
<affects>
<package>
<name>qpopper</name>
<range><lt>2.53_1</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>An authenticated user may trigger a format string
vulnerability present in qpopper's UIDL code, resulting
in arbitrary code execution with group ID `mail'
privileges.</p>
</body>
</description>
<references>
<bid>1241</bid>
<cvename>CVE-2000-0442</cvename>
<url>http://www.netsys.com/suse-linux-security/2000-May/att-0137/01-b0f5-Qpopper.txt</url>
</references>
<dates>
<discovery>2000-05-23</discovery>
<entry>2003-12-12</entry>
</dates>
</vuln>
<vuln vid="42c50e16-5ce8-11d8-80e3-0020ed76ef5a">
<topic>Vulnerable test port</topic>
<affects>
<package>
<name>vulnerability-test-port</name>
<range><lt>2004.02.12</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>This is a test entry.</p>
</body>
</description>
<references>
<url>http://cvsweb.freebsd.org/ports/security/vulnerability-test-port/</url>
</references>
<dates>
<discovery>2004-02-12</discovery>
<entry>2004-02-12</entry>
</dates>
</vuln>
</vuxml>