From aa58fbfe97fb98dc7e71c280fbc30b7102d65941 Mon Sep 17 00:00:00 2001
From: Vincent Bernat <vincent@bernat.im>
Date: Wed, 2 Dec 2015 08:13:03 +0100
Subject: [PATCH] security: add a security page with vulnerabilities

---
 content/security.html | 40 ++++++++++++++++++++++++++++++++++++++++
 layout/menu.j2        |  1 +
 2 files changed, 41 insertions(+)
 create mode 100644 content/security.html

diff --git a/content/security.html b/content/security.html
new file mode 100644
index 00000000..abb6c109
--- /dev/null
+++ b/content/security.html
@@ -0,0 +1,40 @@
+---
+title: Security
+---
+
+`lldpd` contains several security features to mitigate vulnerabilities
+(privilege separation, chrooted process, …). If you wish to report a
+security issue, either open an [issue on GitHub][] or [mail me][]
+directly.
+
+# Past vulnerabilities
+
+ * [CVE-2015-8011][]: buffer overflow when handling management address
+   TLV for LLDP. When a remote device was advertising a too large
+   management address while still respecting TLV boundaries, lldpd
+   would crash due to a buffer overflow. This vulnerability affects
+   the parser which is run in an unprivileged and chrooted
+   process. It does not allow arbitrary code execution
+   unless hardening has been specifically disabled. This bug has been
+   introduced in version 0.6.0. It has been fixed in commit
+   [dd4f16e7][] and in version 0.7.19.
+
+ * [CVE-2015-8012][]: crash on malformed management address. When a
+   remote device was advertising a malformed management address, lldpd
+   would crash with an assertion error. This vulnerability affects the
+   parser which is run in an unprivileged and chrooted process. It
+   does not allow arbitrary code execution. This bug has been
+   introduced in version 0.6.0. It has been fixed in commit
+   [793526f8][] and in version 0.7.19.
+
+[issue on GitHub]: https://github.com/vincentbernat/lldpd/issues/new
+[mail me]: mailto:vincent@bernat.im
+[CVE-2015-8011]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8011
+[CVE-2015-8012]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8012
+[dd4f16e7]: https://github.com/vincentbernat/lldpd/commit/dd4f16e7e816f2165fba76e3d162cd8d2978dcb2
+[793526f8]: https://github.com/vincentbernat/lldpd/commit/793526f8884455f43daecd0a2c46772388417a00
+
+{# Local Variables:      #}
+{# mode: markdown        #}
+{# indent-tabs-mode: nil #}
+{# End:                  #}
diff --git a/layout/menu.j2 b/layout/menu.j2
index 90b68b49..51558251 100644
--- a/layout/menu.j2
+++ b/layout/menu.j2
@@ -10,6 +10,7 @@
     <li><a href="{{ content_url('features.html') }}">Features</a></li>
     <li><a href="{{ content_url('installation.html') }}">Installation</a></li>
     <li><a href="{{ content_url('usage.html') }}">Usage</a></li>
+    <li><a href="{{ content_url('security.html') }}">Security</a></li>
   </ul>
 </nav>
 
-- 
2.39.5