FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

I am looking for an LTO tape library. Do you have one to spare?
found something from the cache
non port: head/devel/bugzilla44/distinfo
SVNWeb

Number of commits found: 7

Mon, 6 Oct 2014
[ 19:16 ohauer ] Original commit 
370211 devel/bugzilla44/Makefile
370211 devel/bugzilla44/distinfo
370211 devel/bugzilla44/pkg-plist
- update to bugzilla 4.4.6

Summary
=======
The following security issues have been discovered in Bugzilla:

* The 'realname' parameter is not correctly filtered on user account
  creation, which could lead to user data override.
* Several places were found in the Bugzilla code where cross-site
  scripting attacks could be used to access sensitive information.
* Private comments can be shown to flagmail recipients who aren't in
  the insider group
* Specially formatted values in a CSV search results export could be
  used in spreadsheet software to attack a user's computer.

Security:	CVE-2014-1572
		CVE-2014-1571
		CVE-2014-1571
Fri, 25 Jul 2014
[ 14:15 ohauer ] Original commit 
362911 devel/bugzilla44/Makefile
362911 devel/bugzilla44/distinfo
362911 devel/bugzilla44/pkg-plist
- update to bugzilla44-4.4.5

Vulnerability Details
=====================

Class:       Cross Site Request Forgery
Versions:    3.7.1 to 4.0.13, 4.1.1 to 4.2.9, 4.3.1 to 4.4.4, 4.5.1 to 4.5.4
Fixed In:    4.0.14, 4.2.10, 4.4.5, 4.5.5
Description: Adobe does not properly restrict the SWF file format,
             which allows remote attackers to conduct cross-site
             request forgery (CSRF) attacks against Bugzilla's JSONP
             endpoint, possibly obtaining sensitive bug information,
             via a crafted OBJECT element with SWF content satisfying
             the character-set requirements of a callback API.

http://www.bugzilla.org/security/4.0.13/

MFH:		2014Q3
Security:	9defb2d6-1404-11e4-8cae-20cf30e32f6d
		CVE-2014-1546
Sun, 20 Apr 2014
[ 17:26 ohauer ] Original commit 
351626 devel/bugzilla40/Makefile
351626 devel/bugzilla40/distinfo
351626 devel/bugzilla42/Makefile
351626 devel/bugzilla42/distinfo
351626 devel/bugzilla44/Makefile
351626 devel/bugzilla44/distinfo
- update bugzilla to 4.4.4, 4.2.9, 4.0.13
- minor Makefile cleanup

This release fixes one regression introduced in Bugzilla by
security bug 968576: URLs in bug comments are displayed
correctly again. (Bug 998323)

Release Notes & Changes
=======================
Before installing or upgrading, you should read the Release Notes for
the new version of Bugzilla:

  4.4.4:  http://www.bugzilla.org/releases/4.4.4/release-notes.html
  4.2.9:  http://www.bugzilla.org/releases/4.2.9/release-notes.html
  4.0.13: http://www.bugzilla.org/releases/4.0.13/release-notes.html

MFH:		2014Q2
Fri, 18 Apr 2014
[ 18:54 ohauer ] Original commit 
351558 devel/bugzilla42/distinfo
351558 devel/bugzilla44/distinfo
- commit forgotten distinfo
[ 15:03 ohauer ] Original commit 
351542 devel/bugzilla40/Makefile
351542 devel/bugzilla40/Makefile.common
351542 devel/bugzilla40/distinfo
351542 devel/bugzilla42/Makefile
351542 devel/bugzilla42/Makefile.common
351542 devel/bugzilla42/distinfo
351542 devel/bugzilla44/Makefile
351542 devel/bugzilla44/Makefile.common
351542 devel/bugzilla44/distinfo
351542 devel/bugzilla44/pkg-plist
- update to 4.0.12, 4.2.8, 4.4.3
- move BINMODE to Makefile.common so it is also used in the language packs

Security:	CVE-2014-1517
Security:	608ed765-c700-11e3-848c-20cf30e32f6d
Security:	60bfa396-c702-11e3-848c-20cf30e32f6d
Thu, 17 Oct 2013
[ 19:35 ohauer ] Original commit 
330666 MOVED
330666 devel/Makefile
330666 devel/bugzilla
330666 devel/bugzilla40
330666 devel/bugzilla40/Makefile
330666 devel/bugzilla40/Makefile.common
330666 devel/bugzilla40/Makefile.options
330666 devel/bugzilla40/distinfo
330666 devel/bugzilla40/pkg-plist
330666 devel/bugzilla42/Makefile

(Only the first 10 of 36 ports in this commit are shown above. View all ports for this commit)
- update to latest release [1]
- use PKGNAMESUFFIX instead LATEST_LINK
- whitespace cleanup
- svn mv */bugzilla to */bugzilla40
- add vuxml entry

4.4.1, 4.2.7, and 4.0.11 Security Advisory
Wednesday Oct 16th, 2013

Summary
=======

Bugzilla is a Web-based bug-tracking system used by a large number of
software projects. The following security issues have been discovered
in Bugzilla:
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Thu, 20 Jun 2013
[ 22:21 ohauer ] Original commit 
321429 devel/Makefile
321429 devel/bugzilla44
321429 devel/bugzilla44/Makefile
321429 devel/bugzilla44/Makefile.common
321429 devel/bugzilla44/Makefile.options
321429 devel/bugzilla44/distinfo
321429 devel/bugzilla44/pkg-plist
321429 german/Makefile
321429 german/bugzilla44
321429 german/bugzilla44/Makefile

(Only the first 10 of 16 ports in this commit are shown above. View all ports for this commit)
New ports for bugzilla44
- devel/bugzilla44
- japanese/bugzilla44
- german/bugzilla44

Release Notes:
http://www.bugzilla.org/releases/4.4/release-notes.html

Number of commits found: 7

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
otrsDec 16
mod_dav_svnDec 15
subversionDec 15
subversion16Dec 15
subversion17Dec 15
nvidia-driverDec 14
nvidia-driver-173Dec 14
nvidia-driver-304Dec 14
nvidia-driver-71Dec 14
nvidia-driver-96Dec 14
asterisk11Dec 11
bind99Dec 11
xorg-serverDec 10
unboundDec 09
freetype2Dec 07

11 vulnerabilities affecting 47 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds


Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 24437
Broken 139
Deprecated 70
Ignore 394
Forbidden 3
Restricted 206
No CDROM 93
Vulnerable 22
Expired 0
Set to expire 65
Interactive 0
new 24 hours 1
new 48 hours6
new 7 days29
new fortnight56
new month244

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.