notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine
This referral link gives you 10% off a Fastmail.com account and gives me a discount on my Fastmail account.

Get notified when packages are built

A new feature has been added. FreshPorts already tracks package built by the FreeBSD project. This information is displayed on each port page. You can now get an email when FreshPorts notices a new package is available for something on one of your watch lists. However, you must opt into that. Click on Report Subscriptions on the right, and New Package Notification box, and click on Update.

Finally, under Watch Lists, click on ABI Package Subscriptions to select your ABI (e.g. FreeBSD:14:amd64) & package set (latest/quarterly) combination for a given watch list. This is what FreshPorts will look for.

Port details
vuxml Vulnerability and eXposure Markup Language DTD
1.1_6 security on this many watch lists=31 search for ports that depend on this port Find issues related to this port Report an issue related to this port View this port on Repology. pkg-fallout 1.1_6Version of this port present on the latest quarterly branch.
Maintainer: ports-secteam@FreeBSD.org search for ports maintained by this maintainer
Port Added: 2004-02-12 14:24:23
Last Update: 2024-03-29 07:52:06
Commit Hash: 5f4e773
People watching this port, also watch:: gnupg, curl, libxml2, nmap, vim
Also Listed In: textproc
License: BSD2CLAUSE
WWW:
https://vuxml.freebsd.org/
Description:
VuXML (the Vulnerability and eXposure Markup Language) is an XML application for documenting security bugs and corrections within a software package collection such as the FreeBSD Ports Collection. This port installs the DTDs required for validating VuXML documents.
Homepage    cgit ¦ Codeberg ¦ GitHub ¦ GitLab ¦ SVNWeb

Manual pages:
FreshPorts has no man page information for this port.
pkg-plist: as obtained via: make generate-plist
Expand this list (13 items)
Collapse this list.
  1. /usr/local/share/licenses/vuxml-1.1_6/catalog.mk
  2. /usr/local/share/licenses/vuxml-1.1_6/LICENSE
  3. /usr/local/share/licenses/vuxml-1.1_6/BSD2CLAUSE
  4. @xmlcatmgr share/xml/dtd/vuxml/catalog
  5. @xmlcatmgr share/xml/dtd/vuxml/catalog.xml
  6. share/xml/dtd/vuxml/vuxml-10.dtd
  7. share/xml/dtd/vuxml/vuxml-11.dtd
  8. share/xml/dtd/vuxml/vuxml-model-10.mod
  9. share/xml/dtd/vuxml/vuxml-model-11.mod
  10. share/xml/dtd/vuxml/xml1.dcl
  11. @owner
  12. @group
  13. @mode
Collapse this list.
Dependency lines:
  • vuxml>0:security/vuxml
To install the port:
cd /usr/ports/security/vuxml/ && make install clean
To add the package, run one of these commands:
  • pkg install security/vuxml
  • pkg install vuxml
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.
PKGNAME: vuxml
Flavors: there is no flavor information for this port.
distinfo:
SHA256 (vuxml/vuxml-10.dtd) = 6a635ad2cf45f52361c8c2a29a689157fad4d00519045485bc822d34e04a524e SIZE (vuxml/vuxml-10.dtd) = 2986 SHA256 (vuxml/vuxml-model-10.mod) = 051fed00b52bedde8ee901003fc29f7b95cd904157e31ceef34e6b06f2d1a14a

Expand this list (11 items)

Collapse this list.

SIZE (vuxml/vuxml-model-10.mod) = 10599 SHA256 (vuxml/vuxml-11.dtd) = 12b50061d7bb34cecffede2e08d439e4469324376d55aeb7c73eb6aab0f36af1 SIZE (vuxml/vuxml-11.dtd) = 3063 SHA256 (vuxml/vuxml-model-11.mod) = a40777208625a3029c6f416aeeea733f614802a6a5f26035a4e445a09e61a47c SIZE (vuxml/vuxml-model-11.mod) = 13282 SHA256 (vuxml/xml1.dcl) = 343efa94c4e1302e85e08b2d1791d86e50aac1ecdbc3161daecac100e4726847 SIZE (vuxml/xml1.dcl) = 7372 SHA256 (vuxml/catalog) = 479a69cf02995603443fd1f3b5b33f97811670931f87f53be99a727d664abc66 SIZE (vuxml/catalog) = 549 SHA256 (vuxml/catalog.xml) = 7b2e2850f57264eeba0ccd3d1fc161b9d5ce3071ae0ec51b9da7fa956f2a6509 SIZE (vuxml/catalog.xml) = 2150

Collapse this list.


Packages (timestamps in pop-ups are UTC):
vuxml
ABIaarch64amd64armv6armv7i386powerpcpowerpc64powerpc64le
FreeBSD:13:latest1.1_61.1_61.1_51.1_61.1_6-1.1_5-
FreeBSD:13:quarterly1.1_61.1_61.1_61.1_61.1_61.1_61.1_61.1_6
FreeBSD:14:latest1.1_61.1_61.1_61.1_61.1_61.1_6-1.1_6
FreeBSD:14:quarterly1.1_61.1_6-1.1_61.1_61.1_61.1_61.1_6
FreeBSD:15:latest1.1_61.1_6n/a1.1_6n/a1.1_61.1_61.1_6
FreeBSD:15:quarterly--n/a-n/a---
Dependencies
NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
Runtime dependencies:
  1. xmlcatmgr : textproc/xmlcatmgr
  2. xsltproc : textproc/libxslt
  3. VERSION : textproc/xhtml-modularization
  4. xhtml-basic10.dtd : textproc/xhtml-basic
  5. python3.9 : lang/python39
There are no ports dependent upon this port

Configuration Options:
No options to configure
Options name:
security_vuxml
USES:
python:run
FreshPorts was unable to extract/find any pkg message
Master Sites:
Expand this list (1 items)
Collapse this list.
  1. http://www.vuxml.org/dtd/vuxml-1/
Collapse this list.

Number of commits found: 7212 (showing only 100 on this page)

[First Page]  «  1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11  »  [Last Page]

Commit History - (may be incomplete: for full details, see links to repositories near top of page)
CommitCreditsLog message
1.1_6
14 Dec 2023 05:03:50
commit hash: de63c2ea475e9fb62ac01705643fdee6697bdacdcommit hash: de63c2ea475e9fb62ac01705643fdee6697bdacdcommit hash: de63c2ea475e9fb62ac01705643fdee6697bdacdcommit hash: de63c2ea475e9fb62ac01705643fdee6697bdacd files touched by this commit
Matthias Fechner (mfechner) search for other commits by this committer
security/vuxml: document gitlab vulnerabilities
1.1_6
14 Dec 2023 02:10:59
commit hash: 6c7887d34c00a0930b380f4ed487c592f2fb4569commit hash: 6c7887d34c00a0930b380f4ed487c592f2fb4569commit hash: 6c7887d34c00a0930b380f4ed487c592f2fb4569commit hash: 6c7887d34c00a0930b380f4ed487c592f2fb4569 files touched by this commit
Philip Paeps (philip) search for other commits by this committer
security/vuxml: adjust 12.4 range of FreeBSD SA-23:17.pf

Similar to what I did in 4826396e5d1555b9eebf58cac290490b24bf1243,
adjust the 12.4 releases affected by FreeBSD SA-23:17.pf.

There is no 100% correct way to encode this issue in vuxml.  Since the
issue only affects pf.ko, freebsd-update does not rebuild the kernel.

PR:		275743
Reported by:	martin@lispworks.com
1.1_6
13 Dec 2023 12:33:43
commit hash: 091b60b6597ff51d8fa958282634e10d07b064d5commit hash: 091b60b6597ff51d8fa958282634e10d07b064d5commit hash: 091b60b6597ff51d8fa958282634e10d07b064d5commit hash: 091b60b6597ff51d8fa958282634e10d07b064d5 files touched by this commit
Robert Nagy (rnagy) search for other commits by this committer
security/vuxml: add www/*chromium < 120.0.6099.109

Obtained
from:	https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_12.html
1.1_6
13 Dec 2023 06:23:15
commit hash: 8175693fe6ba849962fc720cda648f32842f3852commit hash: 8175693fe6ba849962fc720cda648f32842f3852commit hash: 8175693fe6ba849962fc720cda648f32842f3852commit hash: 8175693fe6ba849962fc720cda648f32842f3852 files touched by this commit
Philip Paeps (philip) search for other commits by this committer
security/vuxml: add FreeBSD SA released on 2023-12-12

FreeBSD-SA-23:18.nfsclient affects FreeBSD 14.0 and 13.2.
1.1_6
13 Dec 2023 03:39:47
commit hash: 98a038ac18f2784e0415a44e8063fa2b3df3eda3commit hash: 98a038ac18f2784e0415a44e8063fa2b3df3eda3commit hash: 98a038ac18f2784e0415a44e8063fa2b3df3eda3commit hash: 98a038ac18f2784e0415a44e8063fa2b3df3eda3 files touched by this commit
Jan Beich (jbeich) search for other commits by this committer
security/vuxml: mark xorg-server < 21.1.10,1 as vulnerable
1.1_6
11 Dec 2023 08:23:11
commit hash: 5f9cf6817fa5bc17ecd727e0942270db7acfea96commit hash: 5f9cf6817fa5bc17ecd727e0942270db7acfea96commit hash: 5f9cf6817fa5bc17ecd727e0942270db7acfea96commit hash: 5f9cf6817fa5bc17ecd727e0942270db7acfea96 files touched by this commit
Robert Nagy (rnagy) search for other commits by this committer
security/vuxml: add www/*chromium < 120.0.6099.62

Obtained
from:	https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop.html
1.1_6
11 Dec 2023 07:38:52
commit hash: 3af42e8b0f16aa1a4d8989177e6f7948d85ac5f8commit hash: 3af42e8b0f16aa1a4d8989177e6f7948d85ac5f8commit hash: 3af42e8b0f16aa1a4d8989177e6f7948d85ac5f8commit hash: 3af42e8b0f16aa1a4d8989177e6f7948d85ac5f8 files touched by this commit
Fernando Apesteguía (fernape) search for other commits by this committer
secuirty/vuxml: Remove duplicate entry

A previous entry for CVE-2023-41913 was added in
8c6ee1a1c2df0d7a769c1fd50f0366ded3798e86

PR:		275620
Reported by:	eugen@
Fixes:		eea55ca7b5c621fd4f032b1f256b8472fbae2b15
1.1_6
10 Dec 2023 17:07:55
commit hash: a991db5e17fa496ec31e0416b8dd8ee357dbee0ecommit hash: a991db5e17fa496ec31e0416b8dd8ee357dbee0ecommit hash: a991db5e17fa496ec31e0416b8dd8ee357dbee0ecommit hash: a991db5e17fa496ec31e0416b8dd8ee357dbee0e files touched by this commit
Fernando Apesteguía (fernape) search for other commits by this committer
security/vuxml: Record kafka vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Apache
ZooKeeper.

Note that this only affects SASL Quorum Peer authentication which is
not enabled by default.

 Base Score:	9.1 CRITICAL
 Vector:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

PR:	275611
1.1_6
10 Dec 2023 16:57:47
commit hash: eea55ca7b5c621fd4f032b1f256b8472fbae2b15commit hash: eea55ca7b5c621fd4f032b1f256b8472fbae2b15commit hash: eea55ca7b5c621fd4f032b1f256b8472fbae2b15commit hash: eea55ca7b5c621fd4f032b1f256b8472fbae2b15 files touched by this commit
Fernando Apesteguía (fernape) search for other commits by this committer
security/vuxml: Record strongswan buffer overflow

strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated
remote code execution via a DH public value that exceeds the internal buffer in
charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can
occur via a crafted IKE_SA_INIT message.

NVD score not yet provided.

PR:	275620
1.1_6
07 Dec 2023 08:54:15
commit hash: 48aec357545fc2d3ee083b4a197b2af02f0a0065commit hash: 48aec357545fc2d3ee083b4a197b2af02f0a0065commit hash: 48aec357545fc2d3ee083b4a197b2af02f0a0065commit hash: 48aec357545fc2d3ee083b4a197b2af02f0a0065 files touched by this commit
Hiroki Tagato (tagattie) search for other commits by this committer
security/vuxml: document electron25 multiple vulnerabilities

Obtained from:	https://github.com/electron/electron/releases/tag/v25.9.8
1.1_6
07 Dec 2023 04:49:28
commit hash: 4826396e5d1555b9eebf58cac290490b24bf1243commit hash: 4826396e5d1555b9eebf58cac290490b24bf1243commit hash: 4826396e5d1555b9eebf58cac290490b24bf1243commit hash: 4826396e5d1555b9eebf58cac290490b24bf1243 files touched by this commit
Philip Paeps (philip) search for other commits by this committer
security/vuxml: correct last SA's affected range

FreeBSD-SA-23:17.pf only affects the kernel, not userland.  The first
patch level of the kernel without the vulnerability is 13.2_4, not
13.2_7.

Reported by:	dvl
1.1_6
05 Dec 2023 23:01:20
commit hash: a580d36be4c7a18862a6a110e8bc2ba14e695125commit hash: a580d36be4c7a18862a6a110e8bc2ba14e695125commit hash: a580d36be4c7a18862a6a110e8bc2ba14e695125commit hash: a580d36be4c7a18862a6a110e8bc2ba14e695125 files touched by this commit
Philip Paeps (philip) search for other commits by this committer
security/vuxml: add FreeBSD SA released on 2023-12-05

FreeBSD-SA-23:17.pf affects all supported releases (12.4, 13.2, 14.0).
1.1_6
02 Dec 2023 18:42:34
commit hash: 4e03e6d862b5909e5c45f8f9ee803bd6b035d4bbcommit hash: 4e03e6d862b5909e5c45f8f9ee803bd6b035d4bbcommit hash: 4e03e6d862b5909e5c45f8f9ee803bd6b035d4bbcommit hash: 4e03e6d862b5909e5c45f8f9ee803bd6b035d4bb files touched by this commit
Danilo G. Baio (dbaio) search for other commits by this committer
security/vuxml: Add Varnish Cache vulnerability
1.1_6
01 Dec 2023 18:12:59
commit hash: 895d7f8424c3541efaf0117ad25729836c829fa2commit hash: 895d7f8424c3541efaf0117ad25729836c829fa2commit hash: 895d7f8424c3541efaf0117ad25729836c829fa2commit hash: 895d7f8424c3541efaf0117ad25729836c829fa2 files touched by this commit
Jason E. Hale (jhale) search for other commits by this committer
security/vuxml: Add www/qt6-webengine

qt6-webengine < 6.6.1 is also affected by the following VuXML IDs:
- 6d9c6aae-5eb1-11ee-8290-a8a1599412c6
- 07ee8c14-68f1-11ee-8290-a8a1599412c6
- a1e27775-7a61-11ee-8290-a8a1599412c6
- 0da4db89-84bf-11ee-8290-a8a1599412c6
1.1_6
01 Dec 2023 06:45:57
commit hash: 02e766d1386065a0ce5ca4adbae7a5e90435d283commit hash: 02e766d1386065a0ce5ca4adbae7a5e90435d283commit hash: 02e766d1386065a0ce5ca4adbae7a5e90435d283commit hash: 02e766d1386065a0ce5ca4adbae7a5e90435d283 files touched by this commit
Matthias Fechner (mfechner) search for other commits by this committer
security/vuxml: document gitlab vulnerabilities
1.1_6
01 Dec 2023 05:19:49
commit hash: 05b3e355a7466ba0dbbb7315a89da50de931c98ecommit hash: 05b3e355a7466ba0dbbb7315a89da50de931c98ecommit hash: 05b3e355a7466ba0dbbb7315a89da50de931c98ecommit hash: 05b3e355a7466ba0dbbb7315a89da50de931c98e files touched by this commit
Hiroki Tagato (tagattie) search for other commits by this committer
security/vuxml: document electron multiple vulnerabilities

Obtained from:	https://github.com/electron/electron/releases/tag/v25.9.7,
		https://github.com/electron/electron/releases/tag/v26.6.2
1.1_6
29 Nov 2023 13:35:20
commit hash: 12995b6213dee4e38e57cc97eb7de5c8a1d4c0b5commit hash: 12995b6213dee4e38e57cc97eb7de5c8a1d4c0b5commit hash: 12995b6213dee4e38e57cc97eb7de5c8a1d4c0b5commit hash: 12995b6213dee4e38e57cc97eb7de5c8a1d4c0b5 files touched by this commit
Robert Nagy (rnagy) search for other commits by this committer
security/vuxml: add www/*chromium < 119.0.6045.199

Obtained
from:	https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_28.html
1.1_6
27 Nov 2023 01:22:00
commit hash: 966f41c8285258f1afae8e76859528691b2e27ffcommit hash: 966f41c8285258f1afae8e76859528691b2e27ffcommit hash: 966f41c8285258f1afae8e76859528691b2e27ffcommit hash: 966f41c8285258f1afae8e76859528691b2e27ff files touched by this commit
Jason E. Hale (jhale) search for other commits by this committer
security/vuxml: Add devel/cmake-core

VuXML ID d6c19e8c-6806-11ee-9464-b42e991fc52e also affects the bundled
libcurl in devel/cmake-core < 3.27.8.
1.1_6
26 Nov 2023 17:28:38
commit hash: 743222a924569d7ed3d5f74cf2dda3fd326fe143commit hash: 743222a924569d7ed3d5f74cf2dda3fd326fe143commit hash: 743222a924569d7ed3d5f74cf2dda3fd326fe143commit hash: 743222a924569d7ed3d5f74cf2dda3fd326fe143 files touched by this commit
Bernard Spil (brnrd) search for other commits by this committer
security/vuxml: Document MariaDB vulnerability
1.1_6
26 Nov 2023 12:53:20
commit hash: 770747ad95d9d0dbf912609989bf80b7eeadd2d0commit hash: 770747ad95d9d0dbf912609989bf80b7eeadd2d0commit hash: 770747ad95d9d0dbf912609989bf80b7eeadd2d0commit hash: 770747ad95d9d0dbf912609989bf80b7eeadd2d0 files touched by this commit
Jason E. Hale (jhale) search for other commits by this committer
security/vuxml: Add www/qt5-webengine

VuXML ID 0da4db89-84bf-11ee-8290-a8a1599412c6 also affects
www/qt5-webengine < 5.15.16.p5
1.1_6
24 Nov 2023 08:32:26
commit hash: 8c6ee1a1c2df0d7a769c1fd50f0366ded3798e86commit hash: 8c6ee1a1c2df0d7a769c1fd50f0366ded3798e86commit hash: 8c6ee1a1c2df0d7a769c1fd50f0366ded3798e86commit hash: 8c6ee1a1c2df0d7a769c1fd50f0366ded3798e86 files touched by this commit
Eugene Grosbein (eugen) search for other commits by this committer
security/vuxml: document strongSwan vulnerability CVE-2023-41913

Security:	a62c0c50-8aa0-11ee-ac0d-00e0670f2660
Security:	CVE-2023-41913
1.1_6
22 Nov 2023 22:49:01
commit hash: 99b28e67aefc09d4bbf7189b65aa0c9142295b72commit hash: 99b28e67aefc09d4bbf7189b65aa0c9142295b72commit hash: 99b28e67aefc09d4bbf7189b65aa0c9142295b72commit hash: 99b28e67aefc09d4bbf7189b65aa0c9142295b72 files touched by this commit
Hiroki Tagato (tagattie) search for other commits by this committer
security/vuxml: document electron use after free in Garbage Collection

Obtained from:	https://github.com/electron/electron/releases/tag/v25.9.6,
		https://github.com/electron/electron/releases/tag/v26.6.1
1.1_6
16 Nov 2023 20:33:48
commit hash: 0060f4500d4f4c065c9d9d97aff171fa467403c6commit hash: 0060f4500d4f4c065c9d9d97aff171fa467403c6commit hash: 0060f4500d4f4c065c9d9d97aff171fa467403c6commit hash: 0060f4500d4f4c065c9d9d97aff171fa467403c6 files touched by this commit
Robert Nagy (rnagy) search for other commits by this committer
security/vuxml: add www/*chromium < 119.0.6045.159

Obtained
from:	https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_14.html
1.1_6
16 Nov 2023 09:02:23
commit hash: 1c3f198aab4acf7d4d3cc75fb88f79eba629194acommit hash: 1c3f198aab4acf7d4d3cc75fb88f79eba629194acommit hash: 1c3f198aab4acf7d4d3cc75fb88f79eba629194acommit hash: 1c3f198aab4acf7d4d3cc75fb88f79eba629194a files touched by this commit
Hiroki Tagato (tagattie) search for other commits by this committer
security/vuxml: document electron use after free in WebAudio

Obtained from:	https://github.com/electron/electron/releases/tag/v25.9.5,
		https://github.com/electron/electron/releases/tag/v26.6.0
1.1_6
15 Nov 2023 21:49:26
commit hash: 10625d13ea28a20d23e52972af8198b48528a1cdcommit hash: 10625d13ea28a20d23e52972af8198b48528a1cdcommit hash: 10625d13ea28a20d23e52972af8198b48528a1cdcommit hash: 10625d13ea28a20d23e52972af8198b48528a1cd files touched by this commit
Matthias Andree (mandree) search for other commits by this committer
security/vuxml: 2.6.0 <= openvpn < 2.6.7 vulnerabilities

Related to:

PR:		275055
Security:	2fe004f5-83fd-11ee-9f5d-31909fb2f495
Security:	CVE-2023-46849
Security:	CVE-2023-46850

This specifically documents < 2.6.7_1 in order to collect the
regression fix for https://github.com/OpenVPN/openvpn/issues/449
which was a bug newly introduced into 2.6.7.
1.1_6
15 Nov 2023 14:44:30
commit hash: 9f2b97cf900250ac7f00b93fdd9a0904e9ecffafcommit hash: 9f2b97cf900250ac7f00b93fdd9a0904e9ecffafcommit hash: 9f2b97cf900250ac7f00b93fdd9a0904e9ecffafcommit hash: 9f2b97cf900250ac7f00b93fdd9a0904e9ecffaf files touched by this commit
Fernando Apesteguía (fernape) search for other commits by this committer
security/vuxml: Record typo3-1{12} vulnerabilities

PR: 275073 275074
1.1_6
09 Nov 2023 15:07:59
commit hash: 6e7190b6dcc418f3e78d506fbc3c755b7bf751f1commit hash: 6e7190b6dcc418f3e78d506fbc3c755b7bf751f1commit hash: 6e7190b6dcc418f3e78d506fbc3c755b7bf751f1commit hash: 6e7190b6dcc418f3e78d506fbc3c755b7bf751f1 files touched by this commit
Palle Girgensohn (girgen) search for other commits by this committer
security/vuxml: add issues for PostgreSQL

https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/
1.1_6
09 Nov 2023 06:27:00
commit hash: 2ce5d2837a86446f411b64e7f54746be62a35383commit hash: 2ce5d2837a86446f411b64e7f54746be62a35383commit hash: 2ce5d2837a86446f411b64e7f54746be62a35383commit hash: 2ce5d2837a86446f411b64e7f54746be62a35383 files touched by this commit
Hiroki Tagato (tagattie) search for other commits by this committer
security/vuxml: document electron multiple vulnerabilities

Obtained from:	https://github.com/electron/electron/releases/tag/v25.9.4,
		https://github.com/electron/electron/releases/tag/v26.5.0
1.1_6
08 Nov 2023 22:29:20
commit hash: 5ee3418719947dd836ddd420c20c7d948ac4c01acommit hash: 5ee3418719947dd836ddd420c20c7d948ac4c01acommit hash: 5ee3418719947dd836ddd420c20c7d948ac4c01acommit hash: 5ee3418719947dd836ddd420c20c7d948ac4c01a files touched by this commit
Daniel Engberg (diizzy) search for other commits by this committer
security/vuxml: Document libsndfile vulnerability

https://nvd.nist.gov/vuln/detail/CVE-2022-33065
1.1_6
08 Nov 2023 18:21:31
commit hash: 8444d9a18c5babfa5e9361c926602d2ff6620f09commit hash: 8444d9a18c5babfa5e9361c926602d2ff6620f09commit hash: 8444d9a18c5babfa5e9361c926602d2ff6620f09commit hash: 8444d9a18c5babfa5e9361c926602d2ff6620f09 files touched by this commit
Robert Nagy (rnagy) search for other commits by this committer
security/vuxml: add www/*chromium < 119.0.6045.123

Obtained
from:	https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop.html
1.1_6
08 Nov 2023 16:13:42
commit hash: c1abd1ca56abe5bf00342282eb35dc985e04d50fcommit hash: c1abd1ca56abe5bf00342282eb35dc985e04d50fcommit hash: c1abd1ca56abe5bf00342282eb35dc985e04d50fcommit hash: c1abd1ca56abe5bf00342282eb35dc985e04d50f files touched by this commit
Bernard Spil (brnrd) search for other commits by this committer
security/vuxml: Document OpenSSL vulnerability
1.1_6
08 Nov 2023 07:05:29
commit hash: 3c5f96dd322c34c106e5c59587b375de97cf7504commit hash: 3c5f96dd322c34c106e5c59587b375de97cf7504commit hash: 3c5f96dd322c34c106e5c59587b375de97cf7504commit hash: 3c5f96dd322c34c106e5c59587b375de97cf7504 files touched by this commit
Philip Paeps (philip) search for other commits by this committer
security/vuxml: add FreeBSD SAs released on 2023-11-08

FreeBSD-SA-23:15.stdio affects 12.4 and 13.2
FreeBSD-SA-23:16.cap_net affects 13.2
1.1_6
05 Nov 2023 20:00:54
commit hash: 3308e6204714751e1e9a5021c3823a524cba69f1commit hash: 3308e6204714751e1e9a5021c3823a524cba69f1commit hash: 3308e6204714751e1e9a5021c3823a524cba69f1commit hash: 3308e6204714751e1e9a5021c3823a524cba69f1 files touched by this commit
Christian Weisgerber (naddy) search for other commits by this committer
security/vuxml: document vorbis-tools vulnerability

PR:		274900
Reported by:	diizzy
1.1_6
03 Nov 2023 21:16:08
commit hash: 058d72efccdaaff3cca0d5780fb3de61d64a5321commit hash: 058d72efccdaaff3cca0d5780fb3de61d64a5321commit hash: 058d72efccdaaff3cca0d5780fb3de61d64a5321commit hash: 058d72efccdaaff3cca0d5780fb3de61d64a5321 files touched by this commit
Robert Clausecker (fuz) search for other commits by this committer
security/vuxml: document optipng vulnerability

PR:		274822
Reported by:	Thomas Hurst <tom@hur.st>
1.1_6
03 Nov 2023 16:15:34
commit hash: f2cd1a1c48db56973e5696f879ad51eeb7704676commit hash: f2cd1a1c48db56973e5696f879ad51eeb7704676commit hash: f2cd1a1c48db56973e5696f879ad51eeb7704676commit hash: f2cd1a1c48db56973e5696f879ad51eeb7704676 files touched by this commit
Robert Nagy (rnagy) search for other commits by this committer
security/vuxml: add www/*chromium < 119.0.6045.105

Obtained
from:	https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html
1.1_6
02 Nov 2023 22:29:42
commit hash: 8dbabd04fd46ce5f68bb962db3fbdd3e7c605a63commit hash: 8dbabd04fd46ce5f68bb962db3fbdd3e7c605a63commit hash: 8dbabd04fd46ce5f68bb962db3fbdd3e7c605a63commit hash: 8dbabd04fd46ce5f68bb962db3fbdd3e7c605a63 files touched by this commit
Florian Smeets (flo) search for other commits by this committer
security/vuxml: add phpmyfaq < 3.2.2
1.1_6
01 Nov 2023 19:25:27
commit hash: 22940da8635c410dbf0d80051ebe1a7e9347a142commit hash: 22940da8635c410dbf0d80051ebe1a7e9347a142commit hash: 22940da8635c410dbf0d80051ebe1a7e9347a142commit hash: 22940da8635c410dbf0d80051ebe1a7e9347a142 files touched by this commit
Renato Botelho (garga) search for other commits by this committer
security/vuxml: Add open-vm-tools vulnerabilities

Sponsored by:	Rubicon Communications, LLC ("Netgate")
1.1_6
01 Nov 2023 07:53:32
commit hash: 39b205c80fce67b7d51c239420faaaf462922ef8commit hash: 39b205c80fce67b7d51c239420faaaf462922ef8commit hash: 39b205c80fce67b7d51c239420faaaf462922ef8commit hash: 39b205c80fce67b7d51c239420faaaf462922ef8 files touched by this commit
Matthias Fechner (mfechner) search for other commits by this committer
security/vuxml: added gitlab vulnerabilities
1.1_6
27 Oct 2023 22:25:39
commit hash: f85e384228a28b33a3bd9c076a2ad4d1f22d021dcommit hash: f85e384228a28b33a3bd9c076a2ad4d1f22d021dcommit hash: f85e384228a28b33a3bd9c076a2ad4d1f22d021dcommit hash: f85e384228a28b33a3bd9c076a2ad4d1f22d021d files touched by this commit
Craig Leres (leres) search for other commits by this committer
security/vuxml: Mark zeek < 6.0.2 as vulnerable as per:

    https://github.com/zeek/zeek/releases/tag/v6.0.2

This release fixes the following potential DoS vulnerabilities:

 - A specially-crafted SSL packet could cause Zeek to leak memory
   and potentially crash.

 - A specially-crafted series of FTP packets could cause Zeek to
   log entries for requests that have already been completed, using
   resources unnecessarily and potentially causing Zeek to lose
   other traffic.

 - A specially-crafted series of SSL packets could cause Zeek to
(Only the first 15 lines of the commit message are shown above View all of this commit message)
1.1_6
27 Oct 2023 18:38:43
commit hash: 545cc3c049d498620484ab78af622a81c93ccf38commit hash: 545cc3c049d498620484ab78af622a81c93ccf38commit hash: 545cc3c049d498620484ab78af622a81c93ccf38commit hash: 545cc3c049d498620484ab78af622a81c93ccf38 files touched by this commit
Robert Nagy (rnagy) search for other commits by this committer
security/vuxml: add www/*chromium < 118.0.5993.117

Obtained
from:	https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_24.html
1.1_6
25 Oct 2023 12:41:02
commit hash: b154d924c2fe8fc95ba53cdccae3f5d731182644commit hash: b154d924c2fe8fc95ba53cdccae3f5d731182644commit hash: b154d924c2fe8fc95ba53cdccae3f5d731182644commit hash: b154d924c2fe8fc95ba53cdccae3f5d731182644 files touched by this commit
Jan Beich (jbeich) search for other commits by this committer
security/vuxml: mark xorg-server < 21.1.9,1 as vulnerable
1.1_6
25 Oct 2023 08:21:59
commit hash: 74de9d47efa3d18466fdf05a9c52b7fcf8c121d3commit hash: 74de9d47efa3d18466fdf05a9c52b7fcf8c121d3commit hash: 74de9d47efa3d18466fdf05a9c52b7fcf8c121d3commit hash: 74de9d47efa3d18466fdf05a9c52b7fcf8c121d3 files touched by this commit
Fernando Apesteguía (fernape) search for other commits by this committer
security/vuxml: Register multiple www/squid vulnerabilities

Denial of Service in FTP
	Base Score:	8.6
	Vector:		CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Request/Response smuggling in HTTP/1.1 and ICAP
	Base Score:	9.3
	Vector:		CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N

Denial of Service in HTTP Digest Authentication
	Base Score: 9.9
	Vector:		CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H
1.1_6
24 Oct 2023 18:24:18
commit hash: c490d55ae936d02830ff8d186472a2a2e47988fecommit hash: c490d55ae936d02830ff8d186472a2a2e47988fecommit hash: c490d55ae936d02830ff8d186472a2a2e47988fecommit hash: c490d55ae936d02830ff8d186472a2a2e47988fe files touched by this commit
Bernard Spil (brnrd) search for other commits by this committer
security/vuxml: Document OpenSSL vulnerability
1.1_6
23 Oct 2023 18:08:48
commit hash: 3f3224feea965a2c2b80160c2e7604685880add7commit hash: 3f3224feea965a2c2b80160c2e7604685880add7commit hash: 3f3224feea965a2c2b80160c2e7604685880add7commit hash: 3f3224feea965a2c2b80160c2e7604685880add7 files touched by this commit
Bernard Spil (brnrd) search for other commits by this committer
security/vuxml: Document MySQL vulnerabilities
1.1_6
20 Oct 2023 06:08:18
commit hash: c88f964e36cee660af6a7e68f67be40c8e589384commit hash: c88f964e36cee660af6a7e68f67be40c8e589384commit hash: c88f964e36cee660af6a7e68f67be40c8e589384commit hash: c88f964e36cee660af6a7e68f67be40c8e589384 files touched by this commit
Mikael Urankar (mikael) search for other commits by this committer
security/vuxml: security/vuxml: Document www/rt44 and www/rt50 vulnerabilities
1.1_6
19 Oct 2023 21:29:28
commit hash: 96c239257860fd3a2459dc3ce194bf24b3b2148acommit hash: 96c239257860fd3a2459dc3ce194bf24b3b2148acommit hash: 96c239257860fd3a2459dc3ce194bf24b3b2148acommit hash: 96c239257860fd3a2459dc3ce194bf24b3b2148a files touched by this commit
Hiroki Tagato (tagattie) search for other commits by this committer
security/vuxml: document electron use after free in site isolation

Obtained from:	https://github.com/electron/electron/releases/tag/v25.9.2,
	 	https://github.com/electron/electron/releases/tag/v26.4.1
1.1_6
19 Oct 2023 10:10:55
commit hash: b17679979a6475e48bdd28f12e934ab6c1e1b37dcommit hash: b17679979a6475e48bdd28f12e934ab6c1e1b37dcommit hash: b17679979a6475e48bdd28f12e934ab6c1e1b37dcommit hash: b17679979a6475e48bdd28f12e934ab6c1e1b37d files touched by this commit
Bernard Spil (brnrd) search for other commits by this committer
security/vuxml: Document Apache httpd vulnerabilities
1.1_6
19 Oct 2023 07:07:25
commit hash: 243a85de6980a262b7e53e9290f4367f34a58fafcommit hash: 243a85de6980a262b7e53e9290f4367f34a58fafcommit hash: 243a85de6980a262b7e53e9290f4367f34a58fafcommit hash: 243a85de6980a262b7e53e9290f4367f34a58faf files touched by this commit
Robert Clausecker (fuz) search for other commits by this committer
security/vuxml: add games/moonlight-embedded vulnerability

PR:		274452
Reported by:	Armin Zhu <lisp_25689@163.com>
1.1_6
18 Oct 2023 17:28:52
commit hash: 85d0247840efeac180bbed56efcf3d9efce7dd86commit hash: 85d0247840efeac180bbed56efcf3d9efce7dd86commit hash: 85d0247840efeac180bbed56efcf3d9efce7dd86commit hash: 85d0247840efeac180bbed56efcf3d9efce7dd86 files touched by this commit
Li-Wen Hsu (lwhsu) search for other commits by this committer
security/vuxml: Document Jenkins Security Advisory 2023-10-18

Sponsored by:	The FreeBSD Foundation
1.1_6
18 Oct 2023 17:17:27
commit hash: 3bc2ff2e55dd4757d22971f9506baef865b9ecb9commit hash: 3bc2ff2e55dd4757d22971f9506baef865b9ecb9commit hash: 3bc2ff2e55dd4757d22971f9506baef865b9ecb9commit hash: 3bc2ff2e55dd4757d22971f9506baef865b9ecb9 files touched by this commit
Bernard Spil (brnrd) search for other commits by this committer
security/vuxml: Document Roundcube vulnerability
1.1_6
18 Oct 2023 14:08:38
commit hash: 0b85db4c72d52b254346fda84fe7ce12d3342869commit hash: 0b85db4c72d52b254346fda84fe7ce12d3342869commit hash: 0b85db4c72d52b254346fda84fe7ce12d3342869commit hash: 0b85db4c72d52b254346fda84fe7ce12d3342869 files touched by this commit
Yasuhiro Kimura (yasu) search for other commits by this committer
security/vuxml: Document possible bypassing Unix socket permissions in redis
1.1_6
14 Oct 2023 22:40:11
commit hash: bef6792d8cc647cd5bdf4cbbdb86b53e8f30285dcommit hash: bef6792d8cc647cd5bdf4cbbdb86b53e8f30285dcommit hash: bef6792d8cc647cd5bdf4cbbdb86b53e8f30285dcommit hash: bef6792d8cc647cd5bdf4cbbdb86b53e8f30285d files touched by this commit
Sergey A. Osokin (osa) search for other commits by this committer
security/vuxml: Document a vulnerability in textproc/libcue

PR:	274413
1.1_6
14 Oct 2023 12:17:23
commit hash: 8cab786461169648e8f3059386489966f79633e6commit hash: 8cab786461169648e8f3059386489966f79633e6commit hash: 8cab786461169648e8f3059386489966f79633e6commit hash: 8cab786461169648e8f3059386489966f79633e6 files touched by this commit
Thomas Zander (riggs) search for other commits by this committer
security/vuxml: Document HTTP/2 DoS vulnerability in net/traefik
1.1_6
13 Oct 2023 20:18:08
commit hash: 7494968ff838521e8fa52cbb0148ff5893450a6bcommit hash: 7494968ff838521e8fa52cbb0148ff5893450a6bcommit hash: 7494968ff838521e8fa52cbb0148ff5893450a6bcommit hash: 7494968ff838521e8fa52cbb0148ff5893450a6b files touched by this commit
Joseph Mingrone (jrm) search for other commits by this committer
security/vuxml: Update version range for samba413 vulnerabilities

Security fixes were back-ported from Samba 4.6.11 to samba413-4.13.17_6
in fe495574527e3f97cbb57438f8c468fad8842e9d.

PR:		273595
Sponsored by:	The FreeBSD Foundation
1.1_6
12 Oct 2023 14:48:21
commit hash: 93b4cdd20b09fa83cd4b43a2d100950a251b6527commit hash: 93b4cdd20b09fa83cd4b43a2d100950a251b6527commit hash: 93b4cdd20b09fa83cd4b43a2d100950a251b6527commit hash: 93b4cdd20b09fa83cd4b43a2d100950a251b6527 files touched by this commit
Emmanuel Vadot (manu) search for other commits by this committer
security/vuxml: Document libXpm recent CVEs

PR:	274266
1.1_6
12 Oct 2023 14:48:20
commit hash: e7ca9d32f979c2c954aacb095891544ae4e6c327commit hash: e7ca9d32f979c2c954aacb095891544ae4e6c327commit hash: e7ca9d32f979c2c954aacb095891544ae4e6c327commit hash: e7ca9d32f979c2c954aacb095891544ae4e6c327 files touched by this commit
Emmanuel Vadot (manu) search for other commits by this committer
security/vuxml: Document libX11 recent CVEs

PR:	274266
1.1_6
12 Oct 2023 11:24:57
commit hash: 2ddb8a80b19a83dac9aa57c5742c821ce1396fdccommit hash: 2ddb8a80b19a83dac9aa57c5742c821ce1396fdccommit hash: 2ddb8a80b19a83dac9aa57c5742c821ce1396fdccommit hash: 2ddb8a80b19a83dac9aa57c5742c821ce1396fdc files touched by this commit
Robert Nagy (rnagy) search for other commits by this committer
security/vuxml: add www/*chromium < 118.0.5993.70

Obtained
from:	https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html
1.1_6
12 Oct 2023 07:02:42
commit hash: 12ea8741d335717c753a4c362d42437d5fc8c900commit hash: 12ea8741d335717c753a4c362d42437d5fc8c900commit hash: 12ea8741d335717c753a4c362d42437d5fc8c900commit hash: 12ea8741d335717c753a4c362d42437d5fc8c900 files touched by this commit
Hiroki Tagato (tagattie) search for other commits by this committer
security/vuxml: document electron25 use after free in extensions

Obtained from:	https://github.com/electron/electron/releases/tag/v25.9.1
1.1_6
11 Oct 2023 22:22:51
commit hash: c06e206dffd44ca562f86fbf55c06e361881bf47commit hash: c06e206dffd44ca562f86fbf55c06e361881bf47commit hash: c06e206dffd44ca562f86fbf55c06e361881bf47commit hash: c06e206dffd44ca562f86fbf55c06e361881bf47 files touched by this commit
Po-Chuan Hsieh (sunpoet) search for other commits by this committer
security/vuxml: Fix bca498407bf9e529936ebb68e9ca257bdd1428de

The pkg audit result before the fix:
curl-8.4.0 is vulnerable:
  curl -- SOCKS5 heap buffer overflow
  CVE: CVE-2023-38545
  WWW:
https://vuxml.FreeBSD.org/freebsd/d6c19e8c-6806-11ee-9464-b42e991fc52e.html

1 problem(s) in 1 installed package(s) found.
1.1_6
11 Oct 2023 07:44:11
commit hash: 27b1250d59828d57dde36cb34a9fe5fbf51049c4commit hash: 27b1250d59828d57dde36cb34a9fe5fbf51049c4commit hash: 27b1250d59828d57dde36cb34a9fe5fbf51049c4commit hash: 27b1250d59828d57dde36cb34a9fe5fbf51049c4 files touched by this commit
Fernando Apesteguía (fernape) search for other commits by this committer
security/vuxml: Fix description body

Keep the original description body for "make newentry" without parameters.
1.1_6
11 Oct 2023 07:35:04
commit hash: bca498407bf9e529936ebb68e9ca257bdd1428decommit hash: bca498407bf9e529936ebb68e9ca257bdd1428decommit hash: bca498407bf9e529936ebb68e9ca257bdd1428decommit hash: bca498407bf9e529936ebb68e9ca257bdd1428de files touched by this commit
Fernando Apesteguía (fernape) search for other commits by this committer
security/vuxml: register ftp/curl heap buffer overflow

Severity: High
CVE-2023-38545 reserved:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545
1.1_6
10 Oct 2023 15:33:11
commit hash: e247a75c54ecc495c07d9dbabe274305e7d21dffcommit hash: e247a75c54ecc495c07d9dbabe274305e7d21dffcommit hash: e247a75c54ecc495c07d9dbabe274305e7d21dffcommit hash: e247a75c54ecc495c07d9dbabe274305e7d21dff files touched by this commit
Dave Cottlehuber (dch) search for other commits by this committer
security/vuxml: add h2o-devel vuln details

Security:	CVE-2023-44487
Sponsored by:	SkunkWerks, GmbH
1.1_6
05 Oct 2023 01:00:31
commit hash: ecb3f8a4918b93a8c6951cf932ecec87d10dd44dcommit hash: ecb3f8a4918b93a8c6951cf932ecec87d10dd44dcommit hash: ecb3f8a4918b93a8c6951cf932ecec87d10dd44dcommit hash: ecb3f8a4918b93a8c6951cf932ecec87d10dd44d files touched by this commit
Wen Heping (wen) search for other commits by this committer
security/vuxml: Document Django multiple vulnerabilities
1.1_6
04 Oct 2023 18:40:54
commit hash: 3c178fb0a6bb19511eaa55e27e2c5018ab1fd216commit hash: 3c178fb0a6bb19511eaa55e27e2c5018ab1fd216commit hash: 3c178fb0a6bb19511eaa55e27e2c5018ab1fd216commit hash: 3c178fb0a6bb19511eaa55e27e2c5018ab1fd216 files touched by this commit
Kurt Jaeger (pi) search for other commits by this committer
security/vuxml: add entry for recent libspf2 CVE-2023-42118

PR:	274215
1.1_6
04 Oct 2023 10:14:53
commit hash: 199a6d39f190e931e6df264096d168f9a0c062b5commit hash: 199a6d39f190e931e6df264096d168f9a0c062b5commit hash: 199a6d39f190e931e6df264096d168f9a0c062b5commit hash: 199a6d39f190e931e6df264096d168f9a0c062b5 files touched by this commit
Robert Nagy (rnagy) search for other commits by this committer
security/vuxml: add www/*chromium < 117.0.5938.149

Obtained
from:	https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop.html
1.1_6
04 Oct 2023 01:16:18
commit hash: f9be46acb25f8a721ded11bc8555daff037326bccommit hash: f9be46acb25f8a721ded11bc8555daff037326bccommit hash: f9be46acb25f8a721ded11bc8555daff037326bccommit hash: f9be46acb25f8a721ded11bc8555daff037326bc files touched by this commit
Philip Paeps (philip) search for other commits by this committer
security/vuxml: add FreeBSD SAs released on 2023-10-03

FreeBSD-SA-23:12.msdosfs affects 12.4 and 13.2
FreeBSD-SA-23:13.capsicum affects 13.2
FreeBSD-SA-23:14.smccc affects 13.2
1.1_6
04 Oct 2023 01:16:18
commit hash: 433216ab05d04f834b1cca92a57f57145f216a83commit hash: 433216ab05d04f834b1cca92a57f57145f216a83commit hash: 433216ab05d04f834b1cca92a57f57145f216a83commit hash: 433216ab05d04f834b1cca92a57f57145f216a83 files touched by this commit
Philip Paeps (philip) search for other commits by this committer
security/vuxml: fix validation errors

Fix whitespace errors in vid 6e0ebb4a-5e75-11ee-a365-001b217b3468
introduced by commit 36a838e202256d5a528abfc8ff6a66ca7ce4d148.
1.1_6
02 Oct 2023 05:10:57
commit hash: d6503d5a5a2e9b0207b100d4b859f5f6061c2e78commit hash: d6503d5a5a2e9b0207b100d4b859f5f6061c2e78commit hash: d6503d5a5a2e9b0207b100d4b859f5f6061c2e78commit hash: d6503d5a5a2e9b0207b100d4b859f5f6061c2e78 files touched by this commit
Wen Heping (wen) search for other commits by this committer
security/vuxml: Document mediawiki multiple vulnerabilities
1.1_6
30 Sep 2023 09:22:47
commit hash: 7764af1741b9efee05ec050cb99fe819ea9b307ccommit hash: 7764af1741b9efee05ec050cb99fe819ea9b307ccommit hash: 7764af1741b9efee05ec050cb99fe819ea9b307ccommit hash: 7764af1741b9efee05ec050cb99fe819ea9b307c files touched by this commit
Ronald Klop (ronald) search for other commits by this committer
security/vuxml: add libvpx to the entry

The libvpx port was already updated.
https://chromium.googlesource.com/webm/libvpx/+log/v1.13.0..v1.13.1

Security: CVE-2023-5217
1.1_6
29 Sep 2023 23:27:01
commit hash: 0e3c6e3e4496986ed1fb6a9ca7a7bfe684ad747fcommit hash: 0e3c6e3e4496986ed1fb6a9ca7a7bfe684ad747fcommit hash: 0e3c6e3e4496986ed1fb6a9ca7a7bfe684ad747fcommit hash: 0e3c6e3e4496986ed1fb6a9ca7a7bfe684ad747f files touched by this commit
Guido Falsi (madpilot) search for other commits by this committer
security/vuxml: Improve affected version ranges of composer vulnerability entry.
1.1_6
29 Sep 2023 20:56:19
commit hash: 04f4d5ba9b2a920d6fd52ebec4d8fdfb18de8adbcommit hash: 04f4d5ba9b2a920d6fd52ebec4d8fdfb18de8adbcommit hash: 04f4d5ba9b2a920d6fd52ebec4d8fdfb18de8adbcommit hash: 04f4d5ba9b2a920d6fd52ebec4d8fdfb18de8adb files touched by this commit
Guido Falsi (madpilot) search for other commits by this committer
security/vuxml: Add devel/php-composer* vulnerability
1.1_6
29 Sep 2023 10:20:58
commit hash: a35f4a147bbfe365f3ae65b4fcb33b2e77807b25commit hash: a35f4a147bbfe365f3ae65b4fcb33b2e77807b25commit hash: a35f4a147bbfe365f3ae65b4fcb33b2e77807b25commit hash: a35f4a147bbfe365f3ae65b4fcb33b2e77807b25 files touched by this commit
Robert Nagy (rnagy) search for other commits by this committer
security/vuxml: add www/*chromium < 117.0.5938.132

Obtained
from:	https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html
1.1_6
29 Sep 2023 09:32:20
commit hash: 176a45b870156d3edec9da0d169873e41f3b9bbecommit hash: 176a45b870156d3edec9da0d169873e41f3b9bbecommit hash: 176a45b870156d3edec9da0d169873e41f3b9bbecommit hash: 176a45b870156d3edec9da0d169873e41f3b9bbe files touched by this commit
Fernando Apesteguía (fernape) search for other commits by this committer
security/vuxml: fix long description warning

Eliminate an annoying warning from "make validate"

Modify entry 441e1e1a-27a5-11ee-a156-080027f5fec9 description and get rid of
empty lines and some expendable words. vuxml.freebsd.org prints all the lines
joined together.
1.1_6
29 Sep 2023 08:55:40
commit hash: a35cf532bc57fb60f2d94cdbf31a1e7066c8a485commit hash: a35cf532bc57fb60f2d94cdbf31a1e7066c8a485commit hash: a35cf532bc57fb60f2d94cdbf31a1e7066c8a485commit hash: a35cf532bc57fb60f2d94cdbf31a1e7066c8a485 files touched by this commit
Hiroki Tagato (tagattie) search for other commits by this committer
security/vuxml: document electron heap buffer overflow in vp8 encoding

Obtained from:	https://github.com/electron/electron/releases/tag/v22.3.25,
		https://github.com/electron/electron/releases/tag/v24.8.5,
		https://github.com/electron/electron/releases/tag/v25.8.4
1.1_6
29 Sep 2023 03:23:28
commit hash: 36a838e202256d5a528abfc8ff6a66ca7ce4d148commit hash: 36a838e202256d5a528abfc8ff6a66ca7ce4d148commit hash: 36a838e202256d5a528abfc8ff6a66ca7ce4d148commit hash: 36a838e202256d5a528abfc8ff6a66ca7ce4d148 files touched by this commit
Matthias Fechner (mfechner) search for other commits by this committer
security/vuxml: add gitlab vulnerabilities 2023-09-28
1.1_6
27 Sep 2023 18:43:41
commit hash: 4bed8aa9242e98d3a170d530de04af33f3a74295commit hash: 4bed8aa9242e98d3a170d530de04af33f3a74295commit hash: 4bed8aa9242e98d3a170d530de04af33f3a74295commit hash: 4bed8aa9242e98d3a170d530de04af33f3a74295 files touched by this commit
Koichiro Iwao (meta) search for other commits by this committer
security/vuxml: document multiple xrdp vulnerabilities
1.1_6
27 Sep 2023 11:06:35
commit hash: 44f47a95bd039e7e898fa87790bafdc0683e6bafcommit hash: 44f47a95bd039e7e898fa87790bafdc0683e6bafcommit hash: 44f47a95bd039e7e898fa87790bafdc0683e6bafcommit hash: 44f47a95bd039e7e898fa87790bafdc0683e6baf files touched by this commit
Fernando Apesteguía (fernape) search for other commits by this committer
security/vuxml: Fix name
1.1_6
27 Sep 2023 11:02:36
commit hash: 633698c493c70350263613dea0db2d7e00f9adbecommit hash: 633698c493c70350263613dea0db2d7e00f9adbecommit hash: 633698c493c70350263613dea0db2d7e00f9adbecommit hash: 633698c493c70350263613dea0db2d7e00f9adbe files touched by this commit
Fernando Apesteguía (fernape) search for other commits by this committer
security/vuxml: Record net/routinator vulnerability

CVE-2023-39916

	Base Score:	6.5 MEDIUM
	Vector:		CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

PR:	274105
1.1_6
27 Sep 2023 10:58:42
commit hash: 07217e578b9cc450f63caa2ed5cc3b8325999a8bcommit hash: 07217e578b9cc450f63caa2ed5cc3b8325999a8bcommit hash: 07217e578b9cc450f63caa2ed5cc3b8325999a8bcommit hash: 07217e578b9cc450f63caa2ed5cc3b8325999a8b files touched by this commit
Fernando Apesteguía (fernape) search for other commits by this committer
security/vuxml: Fix make newentry CVE_ID

Fix description body, broken when introducing SA_ID

Fixes:	e90a0b117fdc61d6d6bc4b02a4b7b5be5a878b2d
1.1_6
25 Sep 2023 11:25:55
commit hash: e90a0b117fdc61d6d6bc4b02a4b7b5be5a878b2dcommit hash: e90a0b117fdc61d6d6bc4b02a4b7b5be5a878b2dcommit hash: e90a0b117fdc61d6d6bc4b02a4b7b5be5a878b2dcommit hash: e90a0b117fdc61d6d6bc4b02a4b7b5be5a878b2d files touched by this commit
Fernando Apesteguía (fernape) search for other commits by this committer
security/vuxml: Add SA_ID to make newentry

Automate registration of FreeBSD Security Advisories.

It adds a new parameter for the newentry subcommand accepting a SA ID as present
in the FreeBSD Security Advisories web page
(https://www.freebsd.org/security/advisories/)

Fills an entry following the common structure for FreeBSD SAs and leaves some
"FIXME" strings in those places that need special care.
Developers should NOT blindly trust the output of the script.

`make newentry SA_ID=FreeBSD-SA-23:11.wifi.asc`
`make newentry SA_ID=FreeBSD-SA-22:01.vt`

Reviewed by:		philip@
Differential Revision: https://reviews.freebsd.org/D41966
1.1_6
25 Sep 2023 07:24:33
commit hash: 954eb9046510e2c826456a86fe3e4ca5b78b0901commit hash: 954eb9046510e2c826456a86fe3e4ca5b78b0901commit hash: 954eb9046510e2c826456a86fe3e4ca5b78b0901commit hash: 954eb9046510e2c826456a86fe3e4ca5b78b0901 files touched by this commit
Li-Wen Hsu (lwhsu) search for other commits by this committer
security/vuxml: Document Jenkins Security Advisory 2023-09-20

Sponsored by:	The FreeBSD Foundation
1.1_6
23 Sep 2023 13:03:41
commit hash: a44ae736ab9a908bad849490da755ee7535ea1ebcommit hash: a44ae736ab9a908bad849490da755ee7535ea1ebcommit hash: a44ae736ab9a908bad849490da755ee7535ea1ebcommit hash: a44ae736ab9a908bad849490da755ee7535ea1eb files touched by this commit
Guido Falsi (madpilot) search for other commits by this committer
security/vuxml: Add information about mail/mailpit vulnerability.
1.1_6
22 Sep 2023 10:39:05
commit hash: eb54bae70a84effe0d024cfd343c6698ad61fc86commit hash: eb54bae70a84effe0d024cfd343c6698ad61fc86commit hash: eb54bae70a84effe0d024cfd343c6698ad61fc86commit hash: eb54bae70a84effe0d024cfd343c6698ad61fc86 files touched by this commit
Fernando Apesteguía (fernape) search for other commits by this committer
security/vuxml: Remove spurious file

Fixes:	20c93ef1ae8f43a36f9b05e79e6531b6186f3a86
1.1_6
21 Sep 2023 09:31:22
commit hash: 57055cf99dd10c2029360eab869ecf0ba88e72adcommit hash: 57055cf99dd10c2029360eab869ecf0ba88e72adcommit hash: 57055cf99dd10c2029360eab869ecf0ba88e72adcommit hash: 57055cf99dd10c2029360eab869ecf0ba88e72ad files touched by this commit
Ronald Klop (ronald) search for other commits by this committer
security/vuxml: add graphics/webp heap buffer overflow

graphics/webp was updated to 1.3.2

PR:		273766
Security:	CVE-2023-4863
1.1_6
20 Sep 2023 12:21:30
commit hash: 2e8c97b9bc3f7c6c14c30676f3c32f32c464e97bcommit hash: 2e8c97b9bc3f7c6c14c30676f3c32f32c464e97bcommit hash: 2e8c97b9bc3f7c6c14c30676f3c32f32c464e97bcommit hash: 2e8c97b9bc3f7c6c14c30676f3c32f32c464e97b files touched by this commit
Fernando Apesteguía (fernape) search for other commits by this committer
security/vuxml: Add Tor browser libwebp vulnerability

CVE-2023-4863
	Base Score:  8.8 HIGH
	Vector:  CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

PR:		273416
Reported by:	kaltheat <kaltheat@gmail.com>
Security:	CVE-2023-4863
1.1_6
19 Sep 2023 10:53:14
commit hash: a239f58fad32ecabff98233da0bbe3d5f45dc4c7commit hash: a239f58fad32ecabff98233da0bbe3d5f45dc4c7commit hash: a239f58fad32ecabff98233da0bbe3d5f45dc4c7commit hash: a239f58fad32ecabff98233da0bbe3d5f45dc4c7 files touched by this commit
Matthias Fechner (mfechner) search for other commits by this committer
security/vuxml: document gitlab vulnerability
1.1_6
17 Sep 2023 15:26:40
commit hash: 6db214401ef3ad0f69259559e8a8fa7e1aa37c8acommit hash: 6db214401ef3ad0f69259559e8a8fa7e1aa37c8acommit hash: 6db214401ef3ad0f69259559e8a8fa7e1aa37c8acommit hash: 6db214401ef3ad0f69259559e8a8fa7e1aa37c8a files touched by this commit
Robert Clausecker (fuz) search for other commits by this committer
security/vuxml: document routinator vulnerabilities

Obtained from:	https://nlnetlabs.nl/news/2023/Sep/13/routinator-0.12.2-released/
1.1_6
16 Sep 2023 13:27:51
commit hash: a3dec5316c3e45a676eef22de283ad57ea6a3111commit hash: a3dec5316c3e45a676eef22de283ad57ea6a3111commit hash: a3dec5316c3e45a676eef22de283ad57ea6a3111commit hash: a3dec5316c3e45a676eef22de283ad57ea6a3111 files touched by this commit
Bernard Spil (brnrd) search for other commits by this committer
security/vuxml: Document cURL vulnerability

PR:		273764
Reported by:	yasu
1.1_6
16 Sep 2023 10:24:59
commit hash: 09190d4a57139890fe3e28d63c9ee5b774168307commit hash: 09190d4a57139890fe3e28d63c9ee5b774168307commit hash: 09190d4a57139890fe3e28d63c9ee5b774168307commit hash: 09190d4a57139890fe3e28d63c9ee5b774168307 files touched by this commit
Bernard Spil (brnrd) search for other commits by this committer
security/vuxml: Document Roundcube XSS vuln
1.1_6
13 Sep 2023 11:16:42
commit hash: f4a93f6c582c873ed51375ae6d04511ef4a4bfbfcommit hash: f4a93f6c582c873ed51375ae6d04511ef4a4bfbfcommit hash: f4a93f6c582c873ed51375ae6d04511ef4a4bfbfcommit hash: f4a93f6c582c873ed51375ae6d04511ef4a4bfbf files touched by this commit
Hiroki Tagato (tagattie) search for other commits by this committer
security/vuxml: remove unnecessary placeholder for cvename and url
1.1_6
13 Sep 2023 11:11:10
commit hash: d06dba90465b017749b15de03ce84266f0cb00f7commit hash: d06dba90465b017749b15de03ce84266f0cb00f7commit hash: d06dba90465b017749b15de03ce84266f0cb00f7commit hash: d06dba90465b017749b15de03ce84266f0cb00f7 files touched by this commit
Hiroki Tagato (tagattie) search for other commits by this committer
security/vuxml: document electron multiple vulnerabilities

Obtained from:	https://github.com/electron/electron/releases/tag/v22.3.24,
		https://github.com/electron/electron/releases/tag/v24.8.3,
		https://github.com/electron/electron/releases/tag/v25.8.1
1.1_6
13 Sep 2023 10:01:19
commit hash: 63dd9284768b249dccdebd90e35170603fcea51dcommit hash: 63dd9284768b249dccdebd90e35170603fcea51dcommit hash: 63dd9284768b249dccdebd90e35170603fcea51dcommit hash: 63dd9284768b249dccdebd90e35170603fcea51d files touched by this commit
Robert Nagy (rnagy) search for other commits by this committer
security/vuxml: add www/*chromium < 117.0.5938.62

Obtained
from:	https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_12.htm
1.1_6
13 Sep 2023 09:09:25
commit hash: 296cf69a5074b78f23d78d1224375340d126bdadcommit hash: 296cf69a5074b78f23d78d1224375340d126bdadcommit hash: 296cf69a5074b78f23d78d1224375340d126bdadcommit hash: 296cf69a5074b78f23d78d1224375340d126bdad files touched by this commit
Hiroki Tagato (tagattie) search for other commits by this committer
security/vuxml: document vscode remote code execution vulnerability

Obtained from:	https://github.com/microsoft/vscode/issues/192906
1.1_6
12 Sep 2023 21:26:02
commit hash: c729310c3535bd43845fb7fb4c94cc334ad05385commit hash: c729310c3535bd43845fb7fb4c94cc334ad05385commit hash: c729310c3535bd43845fb7fb4c94cc334ad05385commit hash: c729310c3535bd43845fb7fb4c94cc334ad05385 files touched by this commit
Craig Leres (leres) search for other commits by this committer
security/vuxml: Mark zeek < 6.0.1 as vulnerable as per:

    https://github.com/zeek/zeek/releases/tag/v6.0.1

This release fixes the following potential DoS vulnerabilities:

 - File extraction limits were not correctly enforced for files
   containing large amounts of missing bytes.

 - Sessions are sometimes not cleaned up completely within Zeek
   during shutdown,
   potentially causing a crash when using the -B dpd flag for debug logging.

 - A specially-crafted HTTP packet can cause Zeek's filename
   extraction code to take a long time to process the data.

 - A specially-crafted series of FTP packets made up of a CWD request
   followed by a large amount of ERPT requests may cause Zeek to
   spend a long time logging the commands.

 - A specially-crafted VLAN packet can cause Zeek to overflow memory
   and potentially crash.

Reported by:	Tim Wojtulewicz
1.1_6
10 Sep 2023 11:09:50
commit hash: e33f6b310aab885b72c8b8b84957d2300c980754commit hash: e33f6b310aab885b72c8b8b84957d2300c980754commit hash: e33f6b310aab885b72c8b8b84957d2300c980754commit hash: e33f6b310aab885b72c8b8b84957d2300c980754 files touched by this commit
Nuno Teixeira (eduardo) search for other commits by this committer
Author: Stefan Bethke
security/vuxml: Document Gitea vulnerabilities

PR:		273691
1.1_6
07 Sep 2023 13:54:16
commit hash: 94787841628f9485cae4fcdb8bc1586ff1132b21commit hash: 94787841628f9485cae4fcdb8bc1586ff1132b21commit hash: 94787841628f9485cae4fcdb8bc1586ff1132b21commit hash: 94787841628f9485cae4fcdb8bc1586ff1132b21 files touched by this commit
Wen Heping (wen) search for other commits by this committer
security/vuxml: Document Python multiple vulnerabilities
1.1_6
07 Sep 2023 12:14:26
commit hash: a2d8fbe03a2b95c5ada274e863967eee5f417e7fcommit hash: a2d8fbe03a2b95c5ada274e863967eee5f417e7fcommit hash: a2d8fbe03a2b95c5ada274e863967eee5f417e7fcommit hash: a2d8fbe03a2b95c5ada274e863967eee5f417e7f files touched by this commit
Dmitri Goutnik (dmgk) search for other commits by this committer
security/vuxml: Document Go vulnerabilities
1.1_6
07 Sep 2023 04:28:14
commit hash: 735c6710d8ae5598ce9dcd1faeec818ff035cd54commit hash: 735c6710d8ae5598ce9dcd1faeec818ff035cd54commit hash: 735c6710d8ae5598ce9dcd1faeec818ff035cd54commit hash: 735c6710d8ae5598ce9dcd1faeec818ff035cd54 files touched by this commit
Philip Paeps (philip) search for other commits by this committer
security/vuxml: add FreeBSD SA-2023:11.wifi
1.1_6
07 Sep 2023 04:28:13
commit hash: b0e33f822080ef8759968e0d54e64c73795556c9commit hash: b0e33f822080ef8759968e0d54e64c73795556c9commit hash: b0e33f822080ef8759968e0d54e64c73795556c9commit hash: b0e33f822080ef8759968e0d54e64c73795556c9 files touched by this commit
Philip Paeps (philip) search for other commits by this committer
security/vuxml: add FreeBSD SA-23:10.pf
1.1_6
07 Sep 2023 02:31:49
commit hash: 671903c512ce880406f336635629f2ed8c762e28commit hash: 671903c512ce880406f336635629f2ed8c762e28commit hash: 671903c512ce880406f336635629f2ed8c762e28commit hash: 671903c512ce880406f336635629f2ed8c762e28 files touched by this commit
Yasuhiro Kimura (yasu) search for other commits by this committer
security/vuxml: Document possible bypassing ACL configuration in redis

Number of commits found: 7212 (showing only 100 on this page)

[First Page]  «  1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11  »  [Last Page]