FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

uriparser -- Multiple vulnerabilities

Affected packages
uriparser < 0.9.0

Details

VuXML ID 3563fae5-f60c-11e8-b513-5404a68ad561
Discovery 2018-10-27
Entry 2018-12-02

The upstream project reports:

* Fixed: Out-of-bounds write in uriComposeQuery* and uriComposeQueryEx* Commit 864f5d4c127def386dd5cc926ad96934b297f04e Thanks to Google Autofuzz team for the report!

* Fixed: Detect integer overflow in uriComposeQuery* and uriComposeQueryEx* Commit f76275d4a91b28d687250525d3a0c5509bbd666f Thanks to Google Autofuzz team for the report!

* Fixed: Protect uriResetUri* against acting on NULL input Commit f58c25069cf4a986fe17a80c5b38687e31feb539

References

CVE Name CVE-2018-19198
CVE Name CVE-2018-19199
CVE Name CVE-2018-19200
URL https://github.com/uriparser/uriparser/blob/uriparser-0.9.0/ChangeLog