Document ethereal -- multiple vulnerabilities.

- Fix apache 2.1 range for CAN-2005-2088 entry which prevents apache 2.0 from
  upgrading.

Pointyhat to:   clement, remko
Reviewed by:    erwin

Mark apache+mod_ssl-1.3.33+2.8.22_1 as not vulnerable in the latest Apache
entry.

There must be an curse. s/il/li/.

Noticed by:     nectar

Update my latest Apache entry to make clear that this only affects certain
installations (when Apache is used as a HTTP proxy in combination with some
web servers). I didn't make that clear in the first commit.

Requested by:           nectar
Discussed with:         clement

Document apache -- http request smuggling.

Requested by:   clement
Glanced at by:  clement

Set modified date in entry for previous commit.

Cluebat swung by:       simon

Note that the fd_set vulnerability in net/bld was fixed in 0.3.3

Prodded by:     garga
Glanced at by:  remko

Document clamav -- multiple remote buffer overflows.

- Document isc-dhcpd -- format string vulnerabilities (older
  vulnerabilty). [1]
- Use standard title format for latest egroupware entry.

Reminded by:    Panagiotis Christias [1]

Add entry for eGroupWare's recent vulnerabilities.

Document denial of service attack in fetchmail 6.5.2.1.

Reported by:    Matthias Andree <matthias.andree@gmx.de>
Reviewed by:    simon

Update phppgadmin entry to note that it was fixed in 3.5.4 and add a
few references while here anyway.

Prodded by:     Tobias Roth (I think :-) )

Document dnrd -- remote buffer and stack overflow vulnerabilities.

Fix typo in last commit

Noticed by:     Matthias Andree <matthias.andree@gmx.de>

Add more references to latest fetchmail entry [1] and sort references
while here anyway.

Submitted by:   Matthias Andree <matthias.andree@gmx.de> [1]

Document an issue with the LDAP backend provided by PowerDNS.

Document fetchmail -- remote root/code injection from malicious POP3
server.

Submitted by:   Matthias Andree <matthias.andree@gmx.de>

o add kdebase (kate) vulnarability.

Reviewed by:    simon

Add CVE names to recent bugzilla entry.

- Document firefox & mozilla -- multiple vulnerabilities.
- Minor style nit in drupal entry: Use port name (i.e. lower case) as
  first part of the title.

Add an entry for the drupal vulnerabilities.

Fixed incorrect newsfetch and mnogosearch affected package versions

Approved by:    nectar (mentor)

Markup fixed version of net-snmp problem.

Correct a typo: s/lemote/remote/

Spotted by:     simon

Document the following vulnerabilities:
phpSysInfo -- cross site scripting vulnerability
mysql-server -- insecure temporary file creation
net-snmp -- fixproc insecure temporary file creation
phpbb -- multiple vulnerabilities
shtool -- insecure temporary file creation

Approved by:            simon

Document phppgadmin -- "formLanguage" local file inclusion vulnerability.

Document pear-XML_RPC -- information disclosure vulnerabilities.

Document ekg -- insecure temporary file creation.

Document bugzilla -- multiple vulnerabilities.

Document nwclient -- multiple vulnerabilities (old issues).

PR:             ports/82101
Submitted by:   niels
Noticed by:     Derik van Zuetphen <dz@426.ch>

Add CAN reference to recent phpbb vulnerability.

Document acroread -- insecure temporary file creation.

Document two calmav vulnerabilities.

- Add FreeBSD-SA-05:16.zlib.
- Fix ranges for recent security advisories, a bunch of <le> really
  should have been <lt>.

Document acroread -- buffer overflow vulnerability.

Document net-snmp -- remote DoS vulnerability.

Document cacti -- multiple vulnerabilities.

Prodded by:     Babak Farrokhi <babak@farrokhi.net>

- Add another reference to bzip2 -- denial of service and permission
  race vulnerabilities.
- Document two cases of wordpress -- multiple vulnerabilities.

Document the following issues:
 - phpbb -- remote PHP code execution vulnerability
 - pear-XML_RPC -- arbitrary remote code execution

Add certvu reference to kernel -- TCP connection stall denial of service
vulnerability.

Add FreeBSD-SA-05:13.ipfw, FreeBSD-SA-05:14.bzip2, and
FreeBSD-SA-05:15.tcp.

Document ethereal -- multiple protocol dissectors vulnerabilities.

Document tor -- information disclosure.

Document linux-realplayer -- RealText parsing heap overflow.

Document ruby -- arbitrary command execution on XMLRPC server.

- net/cacti - potential SQL injection and cross site scripting attacks

Document three opera issues.

Document sudo -- local race condition vulnerability.

Add another reference to the latest tcpdump issue.

- Add entry for trac -- file upload/download vulnerability.
- Improve the last couple of entries a bit:
  - Whilespace cleanup.
  - Use standard topic format (port name first, then description
    starting with lower case).
  - Make sure SpamAssasin entry also match other 3.0.3 port revisions.

- razor-agents DoS vulnerabilities

PR:             ports/82414
Submitted by:   dawnshade <h-k@mail.ru>

Fix year in <discovery> and <entry>.

Noticed by:     nectar
Pointy hat to:  hrs

Document SpamAssassin -- Denial of service vulnerability.

Document squirrelmail -- Several cross site scripting vulnerabilities.

Document acroread -- XML External Entity vulnerability.

Use standard topic format for gzip vulnerability.

Document FreeBSD-SA-05:11.gzip.

Document SA-05:10.tcpdump.

Document two vulnerabilities in Gaim.

Document an older, more serious gallery vulnerability.

Document XSS vulnerabilities in gallery.

Document KDE kstars vulnerability.

Document fd_set overruns reported by 3APA3A.

Document leafnode -- denial of service vulnerability.

Submitted by:   Matthias Andree <matthias.andree@gmx.de>

Document a directory traversal issue in older GForge versions.

Document an authentication bypass vulnerability in imap-uw.

Document squid denial-of-service vulnerabilities.

Document a remote denial-of-service vulnerability in racoon.

Document integer overflows in xli.

Document arbitrary command execution vulnerabilities in xli and
xloadimage.

Add new CVE names for yamt entry.

Correct and improve recent xli entry:
* It actually affected xloadimage and xli
* A slightly better topic than just "buffer overflows"
* More refererences
* Fix the version number for xli... it is still vulnerable as of this
  writing

Correct recently added yamt entry:
* This is not CAN-2004-1302, which was documented much earlier
* Try to explain the issue
* Add the only public reference to the issue I can find

Buffer overflow in xli.

Fix breakage I caused.

Note buffer overflows and directory transversal issues in audio/ymat.

Update entry for FreeStyle Wiki:
* <topic> style: ASCII em-dash "--" for separator
* replace quoted text with more informative excerpt from a Secunia
  advisory
* add CVE name

Document vulnerabilities in XView library.

document a vulnerability in xtrlock

Document vulnerabilities reported in the Red Hat 7.1 libraries.

Document squirrelmail vulnerabilities.

correct version number for mailman password generation issue

Document vulnerability in set-user-ID sympa application.

Another older mailman vulnerability, somewhat minor

Add year-old mailman vulnerability, that seems to not have been
previously documented here.

document Apache Jakarta Tomcat 5.x XSS issue

Mark samba-2.2.12.j1.0beta1_2 as safe from "samba -- integer overflow
vulnerability".

Reminded by:    NAKAJI Hiroyuki <nakaji@jp.freebsd.org>

- Update to 3.5.8 (including XSS problem fix).

Submitted by:   Toshiya SAITOH <toshiya@saitoh.nu>
PR:             ports/81520

Remove a forgotten :.

Spotted by:             simon

Document the following issues:

o freeradius -- sql injection and denial of service vulnerability
o ppxp -- local root exploit
o oops -- format string vulnerability

Approved by:    simon

Fix entry dates for latest squid entries.

Reword the cdrdao entry, this includes comments from Simon which i overlooked.

Forgotten by:   remko
Spotted by:     simon

- Update Squid to 2.5.STABLE10

PR:             ports/81213
Submitted by:   Thomas-Martin Seck <tmseck@netcologne.de> (maintainer)

Document cdrdao -- unspecified privilege escalation vulnerability.

Approved by:            simon

Document two gaim issues.

Add FreeBSD-SA-05:09.htt.

$EDITOR should not be quoted.  It might be "emacsclient -a vi" or
something.

MAINTAINER -> security@FreeBSD.org

Update some leafnode references.
Add new leafnode vulnerability.

PR:             ports/80724
Submitted by:   Matthias Andree <matthias.andree@gmx.de>