FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

chicken -- multiple vulnerabilities

Affected packages
		chicken	<	4.13.0,1

Details

VuXML ID	5a771686-9e33-11e8-8b2d-9cf7a8059466
Discovery	2017-03-16
Entry	2018-08-12

CHICKEN reports:

CVE-2017-6949: Unchecked malloc() call in SRFI-4 constructors when allocating in non-GC memory, resulting in potential 1-word buffer overrun and/or segfault

CVE-2017-9334: "length" crashes on improper lists

CVE-2017-11343: The randomization factor of the symbol table was set before the random seed was set, causing it to have a fixed value on many platforms

[source]

References

CVE Name	CVE-2017-11343
CVE Name	CVE-2017-6949
CVE Name	CVE-2017-9334
URL	https://code.call-cc.org/releases/4.13.0/NEWS