notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine
This referral link gives you 10% off a Fastmail.com account and gives me a discount on my Fastmail account.

Get notified when packages are built

A new feature has been added. FreshPorts already tracks package built by the FreeBSD project. This information is displayed on each port page. You can now get an email when FreshPorts notices a new package is available for something on one of your watch lists. However, you must opt into that. Click on Report Subscriptions on the right, and New Package Notification box, and click on Update.

Finally, under Watch Lists, click on ABI Package Subscriptions to select your ABI (e.g. FreeBSD:14:amd64) & package set (latest/quarterly) combination for a given watch list. This is what FreshPorts will look for.

Port details
vuxml Vulnerability and eXposure Markup Language DTD
1.1_6 security on this many watch lists=31 search for ports that depend on this port Find issues related to this port Report an issue related to this port View this port on Repology. pkg-fallout 1.1_6Version of this port present on the latest quarterly branch.
Maintainer: ports-secteam@FreeBSD.org search for ports maintained by this maintainer
Port Added: 2004-02-12 14:24:23
Last Update: 2024-03-27 18:02:18
Commit Hash: af1a072
People watching this port, also watch:: gnupg, curl, libxml2, nmap, vim
Also Listed In: textproc
License: BSD2CLAUSE
WWW:
https://vuxml.freebsd.org/
Description:
VuXML (the Vulnerability and eXposure Markup Language) is an XML application for documenting security bugs and corrections within a software package collection such as the FreeBSD Ports Collection. This port installs the DTDs required for validating VuXML documents.
Homepage    cgit ¦ Codeberg ¦ GitHub ¦ GitLab ¦ SVNWeb

Manual pages:
FreshPorts has no man page information for this port.
pkg-plist: as obtained via: make generate-plist
Expand this list (13 items)
Collapse this list.
  1. /usr/local/share/licenses/vuxml-1.1_6/catalog.mk
  2. /usr/local/share/licenses/vuxml-1.1_6/LICENSE
  3. /usr/local/share/licenses/vuxml-1.1_6/BSD2CLAUSE
  4. @xmlcatmgr share/xml/dtd/vuxml/catalog
  5. @xmlcatmgr share/xml/dtd/vuxml/catalog.xml
  6. share/xml/dtd/vuxml/vuxml-10.dtd
  7. share/xml/dtd/vuxml/vuxml-11.dtd
  8. share/xml/dtd/vuxml/vuxml-model-10.mod
  9. share/xml/dtd/vuxml/vuxml-model-11.mod
  10. share/xml/dtd/vuxml/xml1.dcl
  11. @owner
  12. @group
  13. @mode
Collapse this list.
Dependency lines:
  • vuxml>0:security/vuxml
To install the port:
cd /usr/ports/security/vuxml/ && make install clean
To add the package, run one of these commands:
  • pkg install security/vuxml
  • pkg install vuxml
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.
PKGNAME: vuxml
Flavors: there is no flavor information for this port.
distinfo:
SHA256 (vuxml/vuxml-10.dtd) = 6a635ad2cf45f52361c8c2a29a689157fad4d00519045485bc822d34e04a524e SIZE (vuxml/vuxml-10.dtd) = 2986 SHA256 (vuxml/vuxml-model-10.mod) = 051fed00b52bedde8ee901003fc29f7b95cd904157e31ceef34e6b06f2d1a14a

Expand this list (11 items)

Collapse this list.

SIZE (vuxml/vuxml-model-10.mod) = 10599 SHA256 (vuxml/vuxml-11.dtd) = 12b50061d7bb34cecffede2e08d439e4469324376d55aeb7c73eb6aab0f36af1 SIZE (vuxml/vuxml-11.dtd) = 3063 SHA256 (vuxml/vuxml-model-11.mod) = a40777208625a3029c6f416aeeea733f614802a6a5f26035a4e445a09e61a47c SIZE (vuxml/vuxml-model-11.mod) = 13282 SHA256 (vuxml/xml1.dcl) = 343efa94c4e1302e85e08b2d1791d86e50aac1ecdbc3161daecac100e4726847 SIZE (vuxml/xml1.dcl) = 7372 SHA256 (vuxml/catalog) = 479a69cf02995603443fd1f3b5b33f97811670931f87f53be99a727d664abc66 SIZE (vuxml/catalog) = 549 SHA256 (vuxml/catalog.xml) = 7b2e2850f57264eeba0ccd3d1fc161b9d5ce3071ae0ec51b9da7fa956f2a6509 SIZE (vuxml/catalog.xml) = 2150

Collapse this list.


Packages (timestamps in pop-ups are UTC):
vuxml
ABIaarch64amd64armv6armv7i386powerpcpowerpc64powerpc64le
FreeBSD:13:latest1.1_61.1_61.1_51.1_61.1_6-1.1_5-
FreeBSD:13:quarterly1.1_61.1_61.1_61.1_61.1_61.1_61.1_61.1_6
FreeBSD:14:latest1.1_61.1_61.1_61.1_61.1_61.1_6-1.1_6
FreeBSD:14:quarterly1.1_61.1_6-1.1_61.1_61.1_61.1_61.1_6
FreeBSD:15:latest1.1_61.1_6n/a1.1_6n/a1.1_61.1_61.1_6
FreeBSD:15:quarterly--n/a-n/a---
Dependencies
NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
Runtime dependencies:
  1. xmlcatmgr : textproc/xmlcatmgr
  2. xsltproc : textproc/libxslt
  3. VERSION : textproc/xhtml-modularization
  4. xhtml-basic10.dtd : textproc/xhtml-basic
  5. python3.9 : lang/python39
There are no ports dependent upon this port

Configuration Options:
No options to configure
Options name:
security_vuxml
USES:
python:run
FreshPorts was unable to extract/find any pkg message
Master Sites:
Expand this list (1 items)
Collapse this list.
  1. http://www.vuxml.org/dtd/vuxml-1/
Collapse this list.

Number of commits found: 7210 (showing only 100 on this page)

[First Page]  «  9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19  »  [Last Page]

Commit History - (may be incomplete: for full details, see links to repositories near top of page)
CommitCreditsLog message
1.1_4
31 May 2020 10:53:13
Revision:537150Original commit files touched by this commit
adamw search for other commits by this committer
VuXML: Add entry for gitea < 1.11.6

PR:		246892
Submitted by:	maintainer
1.1_4
29 May 2020 06:51:37
Revision:536950Original commit files touched by this commit
tagattie search for other commits by this committer
Correct vulnerable version range of powerdns-recursor

PR:		246655
Submitted by:	Ralf van der Enden <tremere@cainites.net>
Approved by:	ehaupt (mentor)
1.1_4
29 May 2020 02:07:53
Revision:536876Original commit files touched by this commit
sunpoet search for other commits by this committer
Fix r536871
1.1_4
29 May 2020 01:59:46
Revision:536871Original commit files touched by this commit
sunpoet search for other commits by this committer
Document rubygem-kaminari-core vulnerability
1.1_4
28 May 2020 10:20:23
Revision:536757Original commit files touched by this commit
cmt search for other commits by this committer
document sane-backend vulnerabilities

CVE-2020-12861, CVE-2020-12862, CVE-2020-12863, CVE-2020-12864,
CVE-2020-12865, CVE-2020-12866, CVE-2020-12867

PR:		246803
1.1_4
28 May 2020 06:19:22
Revision:536740Original commit files touched by this commit
mfechner search for other commits by this committer
Document gitlab-ce vulnerabilities.
1.1_4
27 May 2020 16:20:11
Revision:536701Original commit files touched by this commit
pi search for other commits by this committer
security/vuxml: add two entries for mail/sympa

PR:		246701
Submitted by:	Geoffroy Desvernay <dgeo@centrale-marseille.fr>
1.1_4
27 May 2020 12:08:46
Revision:536689Original commit files touched by this commit
tagattie search for other commits by this committer
Document powerdns-recursor vulnerabilities

PR:		246655
Submitted by:	Ralf van der Enden <tremere@cainites.net>
Approved by:	ehaupt (mentor)
1.1_4
25 May 2020 18:04:40
Revision:536490Original commit files touched by this commit
pi search for other commits by this committer
security/vuxml: add three CVEs for qmail

PR:		245010
Submitted by:	erdgeist@erdgeist.org
1.1_4
24 May 2020 18:55:35
Revision:536418Original commit files touched by this commit
rene search for other commits by this committer
Document new vulnerabilities in www/chromium 83.0.4103.61.

The website is somewhat crippled and does not show the full text.
1.1_4
23 May 2020 12:31:37
Revision:536295Original commit files touched by this commit
joneum search for other commits by this committer
Add entry for piwigo

PR:		245153
Sponsored by:	Netzkommune GmbH
1.1_4
23 May 2020 09:22:21
Revision:536276Original commit files touched by this commit
joneum search for other commits by this committer
Add entry for tomcat

PR:		246657
Sponsored by:	Netzkommune GmbH
1.1_4
22 May 2020 22:20:22
Revision:536247Original commit files touched by this commit
delphij search for other commits by this committer
Document unbound multiple vulnerabilities.
1.1_4
22 May 2020 13:07:46
Revision:536198Original commit files touched by this commit
joneum search for other commits by this committer
Add entry for drual7

Sponsored by:	Netzkommune GmbH
1.1_4
20 May 2020 11:41:05
Revision:535992Original commit files touched by this commit
dbaio search for other commits by this committer
security/vuxml: Document net-mgmt/zabbix3 issue

Security:	CVE-2020-11800
1.1_4
19 May 2020 23:35:17
Revision:535958Original commit files touched by this commit
sunpoet search for other commits by this committer
Document rails vulnerability
1.1_4
19 May 2020 14:18:34
Revision:535860Original commit files touched by this commit
wen search for other commits by this committer
- Document CVE-2019-18348, CVE-2020-8492 for python38
1.1_4
18 May 2020 19:00:35
Revision:535775Original commit files touched by this commit
ler search for other commits by this committer
security/vuxml: Report multiple dovecot vulnerabilities.
1.1_4
17 May 2020 20:42:25
Revision:535678Original commit files touched by this commit
zi search for other commits by this committer
- Document security/clamav vulnerabilities
1.1_4
17 May 2020 20:18:31
Revision:535672Original commit files touched by this commit
sunpoet search for other commits by this committer
Update json-c vulnerability

- While I'm here, fix format

json-c 0.14 will land the ports tree along with the fix, thus I change it to
0.14.

PR:		246389
1.1_4
17 May 2020 18:33:09
Revision:535637Original commit files touched by this commit
sunpoet search for other commits by this committer
Document rails vulnerability
1.1_4
16 May 2020 09:17:26
Revision:535368Original commit files touched by this commit
brnrd search for other commits by this committer
security/vuxml: MariaDB vulnerabilities
1.1_4
16 May 2020 06:45:08
Revision:535356Original commit files touched by this commit
woodsb02 search for other commits by this committer
Add new sysutils/py-salt vulnerabilities

PR:		246061
Reported by:	Christer Edwards <christer.edwards@gmail.com>
Security:	CVE-2020-11651
Security:	CVE-2020-11652
1.1_4
14 May 2020 11:29:20
Revision:535226Original commit files touched by this commit
mandree search for other commits by this committer
devel/json-c: CVE-2020-12762 integer overflow, out of bounds write

Reported by:	Daniel Engberg
Security:	abc3ef37-95d4-11ea-9004-25fadb81abf4
Security:	CVE-2020-12762
1.1_4
13 May 2020 20:44:18
Revision:535178Original commit files touched by this commit
sunpoet search for other commits by this committer
Document typo3 vulnerability
1.1_4
13 May 2020 15:16:46
Revision:535112Original commit files touched by this commit
gordon search for other commits by this committer
Add proper links for the html output of vuln.xml.

Add freebsdsa as a proper type.
Correct link to CVEs.

Reviewed by:	gjb, joneum
Approved by:	ports-secteam (joneum)
Differential Revision:	https://reviews.freebsd.org/D24824
1.1_4
12 May 2020 18:37:02
Revision:535002Original commit files touched by this commit
gordon search for other commits by this committer
Add data for today's SA batch.

Approved by:	so
1.1_4
09 May 2020 16:02:59
Revision:534787Original commit files touched by this commit
novel search for other commits by this committer
security/vuxml: log www/qutebrowser CVE-2020-11054
1.1_4
09 May 2020 10:08:14
Revision:534730Original commit files touched by this commit
wen search for other commits by this committer
- Document python27 CVE-2019-18348
1.1_4
09 May 2020 08:23:42
Revision:534722Original commit files touched by this commit
joneum search for other commits by this committer
add entry for www/glpi

PR:		244971
Sponsored by:	Netzkommune GmbH
1.1_4
07 May 2020 19:56:01
Revision:534283Original commit files touched by this commit
mandree search for other commits by this committer
mail/mailman: extend content injection vuln via private archive login

This led up to mailman 2.1.33 today.
https://bugs.launchpad.net/mailman/+bug/1877379
https://launchpadlibrarian.net/478684932/private.diff
https://mail.python.org/archives/list/mailman-developers@python.org/thread/SYBIZ3MNSQZLKN6PVKO7ZKR7QMOBMS45/

Approved by:	ports-secteam@ (blanket for security fixes)
Security:	88760f4d-8ef7-11ea-a66d-4b2ef158be83
1.1_4
06 May 2020 23:26:49
Revision:534209Original commit files touched by this commit
leres search for other commits by this committer
security/vuxml: Mark zeek < 3.0.6 as vulnerable as per:

    https://raw.githubusercontent.com/zeek/zeek/v3.0.6/NEWS

Various issues including buffer over-reads, uninitialized field
access, memory leak, and stack overflows.
1.1_4
06 May 2020 15:02:40
Revision:534178Original commit files touched by this commit
salvadore search for other commits by this committer
security/vuxml: Update discovery date for CVE-2020-1730

Update discovery date for CVE-2020-1730 based on information obtained from
the libssh team.

Approved by:	gerald (mentor)
1.1_4
06 May 2020 05:14:42
Revision:534144Original commit files touched by this commit
sunpoet search for other commits by this committer
Document wagtail vulnerability
1.1_4
05 May 2020 22:55:22
Revision:534107Original commit files touched by this commit
mandree search for other commits by this committer
Permit mail/mailman vulnerability to be fixed in 2.1.30_3 already

...not in 2.1.31 only. We can't just easily backport 2.1.31 to 2020Q2.

Security:	88760f4d-8ef7-11ea-a66d-4b2ef158be83
1.1_4
05 May 2020 17:51:49
Revision:534100Original commit files touched by this commit
mandree search for other commits by this committer
new mailman < 2.1.31 content injection vulnerability

similar to CVE-2018-13796 (not sure if they'll reuse that no. so
not including in Security: tags below)

https://bugs.launchpad.net/mailman/+bug/1873722

Security:	88760f4d-8ef7-11ea-a66d-4b2ef158be83
1.1_4
05 May 2020 05:32:48
Revision:534026Original commit files touched by this commit
fjoe search for other commits by this committer
Fix version range for 97fcc60a-6ec0-11ea-a84a-4c72b94353b5:
phpMyAdmin 4.9.5 is not vulnerable

PR:		245096
1.1_4
04 May 2020 23:23:15
Revision:533995Original commit files touched by this commit
dbaio search for other commits by this committer
security/vuxml: Document net-mgmt/cacti issue

PR:		246164
Submitted by:	Michael Muenz <m.muenz@gmail.com>
Security:	CVE-2020-7106
1.1_4
03 May 2020 21:28:58
Revision:533883Original commit files touched by this commit
pi search for other commits by this committer
security/vuxml: add squid 4.10 CVEs

PR:		245433
Submitted by:	Michael Muenz <m.muenz@gmail.com>
1.1_4
03 May 2020 07:46:28
Revision:533756Original commit files touched by this commit
tcberner search for other commits by this committer
Document audio/taglib vulnerability
1.1_4
01 May 2020 09:44:40
Revision:533532Original commit files touched by this commit
mfechner search for other commits by this committer
Documented gitlab vulnerabilities.
1.1_4
29 Apr 2020 22:31:08
Revision:533400Original commit files touched by this commit
dbaio search for other commits by this committer
security/vuxml: Add other flavors of py-yaml
1.1_4
29 Apr 2020 18:48:51
Revision:533382Original commit files touched by this commit
tcberner search for other commits by this committer
Document multimedia/vlc vulnerabilities

Security:	CVE-2019-19721 CVE-2020-6071 CVE-2020-6072 CVE-2020-6073 CVE-2020-6077
CVE-2020-6078 CVE-2020-6079
1.1_4
29 Apr 2020 15:03:41
Revision:533343Original commit files touched by this commit
timur search for other commits by this committer
Add an entry about CVE-2020-10700, CVE-2020-10704 in samba410 and 411.

Security:	CVE-2020-10700
		CVE-2020-10704
1.1_4
29 Apr 2020 06:08:20
Revision:533316Original commit files touched by this commit
fluffy search for other commits by this committer
net/ceph14: document CVE-2020-1759, CVE-2020-1760
1.1_4
29 Apr 2020 01:35:22
Revision:533305Original commit files touched by this commit
delphij search for other commits by this committer
Document OpenLDAP CVE-2020-12243.

PR:		213895
Submitted by:	rob2g2 <spam123 bitbert com>
1.1_4
27 Apr 2020 19:47:27
Revision:533163Original commit files touched by this commit
jpaetzel search for other commits by this committer
Add entry for py-yaml vulnerability
1.1_4
26 Apr 2020 17:39:27
Revision:533080Original commit files touched by this commit
dbaio search for other commits by this committer
security/vuxml: Document www/py-bleach issue

PR:		245943
Security:	CVE-2020-6817
1.1_4
23 Apr 2020 12:25:39
Revision:532677Original commit files touched by this commit
brnrd search for other commits by this committer
security/vuxml: MySQL Server 2020Q2 vulnerabilities
1.1_4
23 Apr 2020 12:23:50
Revision:532676Original commit files touched by this commit
brnrd search for other commits by this committer
security/vuxml: MySQL client 2020Q2 vulnerabilities
1.1_4
23 Apr 2020 11:48:08
Revision:532672Original commit files touched by this commit
brnrd search for other commits by this committer
security/vuxml: Register Nextcloud vulnerabilities
1.1_4
23 Apr 2020 01:17:13
Revision:532610Original commit files touched by this commit
dbaio search for other commits by this committer
security/vuxml: Document lang/python issue

PR:		245819
Security:	CVE-2020-8492
1.1_4
22 Apr 2020 21:33:18
Revision:532599Original commit files touched by this commit
sunpoet search for other commits by this committer
Document wagtail vulnerability
1.1_4
22 Apr 2020 20:29:14
Revision:532512Original commit files touched by this commit
gordon search for other commits by this committer
11.3 isn't vulenrable to the recent OpenSSL vulnerability.

Approved by:	so
X-Pointy-Hat to: gordon
1.1_4
22 Apr 2020 20:02:55
Revision:532511Original commit files touched by this commit
leres search for other commits by this committer
security/vuxml: Restore openssl port version range to the 2020-04-21 entry

I tested that this passes "make validate" and correctly flags
openssl-1.1.1f,1 as vulnerable.

Approved by:	gjb
1.1_4
22 Apr 2020 11:11:17
Revision:532469Original commit files touched by this commit
gjb search for other commits by this committer
Revert r532466, adding back 'FreeBSD' to the topic.

Sponsored by:	Rubicon Communications, LLC (netgate.com)
1.1_4
22 Apr 2020 11:09:17
Revision:532468Original commit files touched by this commit
gjb search for other commits by this committer
The vuxml build is now fixed.  Remove the 'ignore' block and its
contents.

Sponsored by:	Rubicon Communications, LLC (netgate.com)
1.1_4
22 Apr 2020 11:07:32
Revision:532467Original commit files touched by this commit
gjb search for other commits by this committer
Comment the second name tag, which I believe is what is causing the
vuxml build to fail.  If I am wrong, I will revert this commit.

Sponsored by:	Rubicon Communications, LLC (netgate.com)
1.1_4
22 Apr 2020 11:03:50
Revision:532466Original commit files touched by this commit
gjb search for other commits by this committer
Um, ok.  Third attempt to try to fix the vuxml build.

Sponsored by:	Rubicon Communications, LLC (netgate.com)
1.1_4
22 Apr 2020 10:44:59
Revision:532463Original commit files touched by this commit
gjb search for other commits by this committer
Attempt number 2 to fix the vuxml build.

Sponsored by:	Rubicon Communications, LLC (netgate.com)
1.1_4
22 Apr 2020 10:36:57
Revision:532462Original commit files touched by this commit
gjb search for other commits by this committer
Fix vuxml build.

Sponsored by:	Rubicon Communications, LLC (netgate.com)
1.1_4
22 Apr 2020 09:38:05
Revision:532458Original commit files touched by this commit
brnrd search for other commits by this committer
security/vuxml: Fix OpenSSL port commit
1.1_4
22 Apr 2020 08:20:12
Revision:532451Original commit files touched by this commit
brnrd search for other commits by this committer
security/vuxml: Mark OpenSSL 1.1.1f from ports vulnerable too
1.1_4
21 Apr 2020 19:48:03
Revision:532399Original commit files touched by this commit
sunpoet search for other commits by this committer
Document libntlm vulnerability
1.1_4
21 Apr 2020 18:29:59
Revision:532291Original commit files touched by this commit
gordon search for other commits by this committer
Add new entries for SA-20:10 and SA-20:11.
1.1_4
21 Apr 2020 12:25:01
Revision:532266Original commit files touched by this commit
dbaio search for other commits by this committer
security/vuxml: Document devel/py-twisted vulnerabilities

PR:		245252
Submitted by:	Sascha Biberhofer <ports@skyforge.at>
Reported by:	contact@evilham.com
1.1_4
19 Apr 2020 12:58:21
Revision:532108Original commit files touched by this commit
salvadore search for other commits by this committer
security/vuxml: Add CVE-2020-1730 affecting security/libssh

Approved by:	gerald (mentor)
Differential Revision:	https://reviews.freebsd.org/D24377
1.1_4
18 Apr 2020 11:35:25
Revision:532023Original commit files touched by this commit
kwm search for other commits by this committer
Document webkit2-gtk3 vulnability
1.1_4
18 Apr 2020 04:13:41
Revision:531995Original commit files touched by this commit
acm search for other commits by this committer
- Add www/drupal8 entry
1.1_4
17 Apr 2020 22:29:36
Revision:531977Original commit files touched by this commit
bofh search for other commits by this committer
sysutils/ansible*: Add multiple Vulnerabilities

- Add vuxml entry for CVE-2020-1737, CVE-2020-1739 and CVE-2020-1740

Security:       CVE-2020-1737
Security:       CVE-2020-1739
Security:       CVE-2020-1740
1.1_4
16 Apr 2020 16:16:25
Revision:531859Original commit files touched by this commit
rene search for other commits by this committer
Document new vulnerabilities in www/chromium < 81.0.4044.113

Obtained from:	Google Chrome Releases
1.1_4
16 Apr 2020 09:32:25
Revision:531833Original commit files touched by this commit
mandree search for other commits by this committer
document security/openvpn{,-mbedtls,-devel} illegal client float DoS

URL:		https://community.openvpn.net/openvpn/ticket/1272

Reported by:	Lev Stipakov
Security:	CVE-2020-11810
Security:	8604121c-7fc2-11ea-bcac-7781e90b0c8f
1.1_4
15 Apr 2020 13:30:03
Revision:531767Original commit files touched by this commit
tijl search for other commits by this committer
Document Mbed TLS CVE-2020-10932.

Security:	https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-04
1.1_4
15 Apr 2020 06:21:20
Revision:531745Original commit files touched by this commit
mfechner search for other commits by this committer
Document gitlab vulnerabilities.
1.1_4
14 Apr 2020 20:53:37
Revision:531728Original commit files touched by this commit
leres search for other commits by this committer
security/vuxml: Mark zeek < 3.0.4 as vulnerable as per:

   
https://github.com/zeek/zeek/blob/e059d4ec2e689b3c8942f4aa08b272f24ed3f612/NEWS

An attacker can crash Zeek remotely via crafted packet sequence via
a stack overflow in POP3 analyzer.
1.1_4
12 Apr 2020 10:06:00
Revision:531501Original commit files touched by this commit
rene search for other commits by this committer
Document new vulnerabilities in www/chromium < 81.0.4044.92
1.1_4
02 Apr 2020 19:32:40
Revision:530403Original commit files touched by this commit
rene search for other commits by this committer
Document partial new vulnerabilities in www/chromium < 80.0.3987.162
1.1_4
02 Apr 2020 18:12:58
Revision:530396Original commit files touched by this commit
flo search for other commits by this committer
Add an entry for the HAproxy vulnerability announced today. The ports have
already been fixed.

PR:		245282
Discussed with:	demon
1.1_4
02 Apr 2020 12:21:59
Revision:530364Original commit files touched by this commit
sunpoet search for other commits by this committer
Fix rubygem-json entry (40194e1c-6d89-11ea-8082-80ee73419af3)

rubygem-json 2.3.0 was erroneously marked as vulnerable.

% cd /usr/ports/devel/rubygem-json
% make fetch
===>  rubygem-json-2.3.0 has known vulnerabilities:
rubygem-json-2.3.0 is vulnerable:
rubygem-json -- Unsafe Objection Creation Vulnerability in JSON (Additional fix)
CVE: CVE-2020-10663
WWW: https://vuxml.FreeBSD.org/freebsd/40194e1c-6d89-11ea-8082-80ee73419af3.html

1 problem(s) in 1 installed package(s) found.
=> Please update your ports tree and try again.
=> Note: Vulnerable ports are marked as such even if there is no update
available.
=> If you wish to ignore this vulnerability rebuild with 'make
DISABLE_VULNERABILITIES=yes'
*** Error code 1

Stop.
make: stopped in /usr/ports/devel/rubygem-json
1.1_4
02 Apr 2020 07:23:32
Revision:530262Original commit files touched by this commit
joneum search for other commits by this committer
Add entry for Apache 2.4

Sponsored by:	Netzkommune GmbH
1.1_4
01 Apr 2020 22:06:18
Revision:530246Original commit files touched by this commit
woodsb02 search for other commits by this committer
Document multiple vulnerabilities in net-mgmt/cacti < 1.2.10

PR:		245205
Submitted by:	Michael Muenz <m.muenz@gmail.com>
1.1_4
31 Mar 2020 15:52:42
Revision:529982Original commit files touched by this commit
tijl search for other commits by this committer
Add entry for GNUTLS-SA-2020-03-31 (flaw in DTLS).

Security:	https://gnutls.org/security-new.html#GNUTLS-SA-2020-03-31
1.1_4
29 Mar 2020 19:50:00
Revision:529829Original commit files touched by this commit
girgen search for other commits by this committer
Fix validation error
1.1_4
29 Mar 2020 19:46:16
Revision:529828Original commit files touched by this commit
girgen search for other commits by this committer
Add vuxml entry for CVE-2020-1720
1.1_4
27 Mar 2020 13:48:12
Revision:529248Original commit files touched by this commit
wen search for other commits by this committer
- Document mediawiki's multiple vulnerabilities
1.1_4
26 Mar 2020 20:43:10
Revision:529216Original commit files touched by this commit
gjb search for other commits by this committer
Fix vuxml build.

Sponsored by:	Rubicon Communications, LLC (netgate.com)
1.1_4
26 Mar 2020 20:27:30
Revision:529214Original commit files touched by this commit
mfechner search for other commits by this committer
Document gitlab vulnerabilities.
1.1_4
26 Mar 2020 04:40:23
Revision:529161Original commit files touched by this commit
meta search for other commits by this committer
security/vuxml: Document CVE-2020-10663 (devel/rubygem-json)

PR:		245023
1.1_4
25 Mar 2020 18:25:15
Revision:529115Original commit files touched by this commit
lwhsu search for other commits by this committer
Document Jenkins Security Advisory 2020-03-25

Sponsored by:	The FreeBSD Foundation
1.1_4
25 Mar 2020 17:59:50
Revision:529113Original commit files touched by this commit
joneum search for other commits by this committer
Add entry for phpmyadmin

Sponsored by:	Netzkommune GmbH
1.1_4
23 Mar 2020 17:34:41
Revision:528994Original commit files touched by this commit
romain search for other commits by this committer
Add details for two Puppet-related CVEs
1.1_4
19 Mar 2020 18:00:34
Revision:528737Original commit files touched by this commit
gordon search for other commits by this committer
Add details for today's SAs.

Approved by:	so
1.1_4
18 Mar 2020 07:23:22
Revision:528629Original commit files touched by this commit
koobs search for other commits by this committer
security/vuxml: Add www/py-bleach entry
1.1_4
15 Mar 2020 22:31:28
Revision:528507Original commit files touched by this commit
leres search for other commits by this committer
security/vuxml: Mark zeek < 3.0.3 as vulnerable as per:

   
https://raw.githubusercontent.com/zeek/zeek/9dda3602a760f00d9532c6314ea79108106033fa/NEWS

There are a number of potential denial of service issues due to
memory leaks, buffer overflows, and a null pointer dereference.

Approved by:	matthew (mentor, implicit)
1.1_4
13 Mar 2020 05:48:23
Revision:528332Original commit files touched by this commit
tcberner search for other commits by this committer
scurity/vuxml: fix range
1.1_4
13 Mar 2020 05:39:12
Revision:528330Original commit files touched by this commit
tcberner search for other commits by this committer
Document security issue in graphics/okular

https://kde.org/info/security/advisory-20200312-1.txt:

Overview
========
Okular can be tricked into executing local binaries via specially crafted
PDF files.

This binary execution can require almost no user interaction.

No parameters can be passed to those local binaries.

We have not been able to identify any binary that will cause actual damage,
be it in the hardware or software level, when run without parameters.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
1.1_4
12 Mar 2020 10:05:33
Revision:528282Original commit files touched by this commit
mfechner search for other commits by this committer
Document gitlab-ce vulnerability.
1.1_4
12 Mar 2020 01:31:29
Revision:528265Original commit files touched by this commit
wen search for other commits by this committer
- Document django's potential SQL injection vulnerability
1.1_4
11 Mar 2020 10:58:20
Revision:528227Original commit files touched by this commit
decke search for other commits by this committer
Document py-matrix-synapse vulnerabilities

PR:		244279
Submitted by:	Sascha Biberhofer <ports@skyforge.at>
1.1_4
09 Mar 2020 21:54:54
Revision:528135Original commit files touched by this commit
bhughes search for other commits by this committer
security/vuxml: document recent Node.js vulnerabilities

https://nodejs.org/en/blog/vulnerability/february-2020-security-releases/

While here, fix errors from `make validate` for the preceeding gitea
vulnerabilities.

Sponsored by:	Miles AS

Number of commits found: 7210 (showing only 100 on this page)

[First Page]  «  9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19  »  [Last Page]