FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

I am looking for an LTO tape library. Do you have one to spare?
Port details
vuxml 1.1_1 security on this many watch lists=27 search for ports that depend on this port
Vulnerability and eXposure Markup Language DTD
Maintained by: ports-secteam@FreeBSD.org search for ports maintained by this maintainer
Port Added: 12 Feb 2004 14:24:23
Also Listed In: textproc
License: not specified in port


VuXML (the Vulnerability and eXposure Markup Language) is an XML
application for documenting security bugs and corrections within
a software package collection such as the FreeBSD Ports Collection.
This port installs the DTDs required for validating VuXML documents.
SVNWeb : Distfiles Availability : PortsMon

NOTE: FreshPorts displays only required dependencies information. Optional dependencies are not covered.

Required To Run:
  1. textproc/xmlcatmgr
  2. textproc/xhtml-modularization
  3. textproc/xhtml-basic
  4. lang/python27
There are no ports dependent upon this port

To install the port: cd /usr/ports/security/vuxml/ && make install clean
To add the package: pkg install security/vuxml


Configuration Options
     No options to configure

Master Sites:
  1. ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/vuxml/
  2. http://www.vuxml.org/dtd/vuxml-1/

Number of commits found: 3342 (showing only 100 on this page)

[First Page]  «  1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11  »  [Last Page]

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
10 Dec 2013 19:45:12
Original commit files touched by this commit  1.1_1
Revision:336101
sunpoet search for other commits by this committer
- Group affected packages
- Sort CVE
- Fix indent

Notified by:	remko
10 Dec 2013 04:57:36
Original commit files touched by this commit  1.1_1
Revision:336047
timur search for other commits by this committer
Add entry for net/samba* CVE-2012-6150 and CVE-2013-4408
08 Dec 2013 14:19:02
Original commit files touched by this commit  1.1_1
Revision:335897
sunpoet search for other commits by this committer
- Document Rails vulnerability
06 Dec 2013 00:38:50
Original commit files touched by this commit  1.1_1
Revision:335721
delphij search for other commits by this committer
Document drupal multiple vulnerabilities.
05 Dec 2013 12:07:00
Original commit files touched by this commit  1.1_1
Revision:335662
rene search for other commits by this committer
Document new vulnerabilities in www/chromium < 31.0.1650.63

Obtained from:	http://googlechromereleases.blogspot.nl/
05 Dec 2013 00:00:11
Original commit files touched by this commit  1.1_1
Revision:335649
nivit search for other commits by this committer
- Document multiple XSS core vulnerabilities for Joomla!
  (2.5.0 <= version <= 2.5.14, 3.0.0 <= version <= 3.1.5)
03 Dec 2013 06:28:04
Original commit files touched by this commit  1.1_1
Revision:335546
danfe search for other commits by this committer
Update to version 1.3.3, which fixes an important crashy bug: denial of
service (server) using forcefully crashed aircrafts.

While here, reduce the diffs between other OpenTTD's VuXML entries; and
limit build logs verbosity to bulk package builders (or batch builds).

PR:		ports/184434, ports/184435
Submitted by:	Ilya A. Arkhipov
Security:	CVE-2013-6411
01 Dec 2013 15:10:19
Original commit files touched by this commit  1.1_1
Revision:335393
ohauer search for other commits by this committer
- security update to 3.3.1

This is a maintenance release that fixes a serious bug in the built-in HTTP
server. It was discovered that the handle_request() routine did not properly
perform input sanitization which led into a number of security
vulnerabilities.

An unauthenticated, remote attacker could exploit this flaw to execute
arbitrary commands on the remote host.

All users still using older versions are advised to upgrade to this version,
which resolves this issue.

Approved by:	crees (maintainer, per PM)
Security:	620cf713-5a99-11e3-878d-20cf30e32f6d
25 Nov 2013 19:52:24
Original commit files touched by this commit  1.1_1
Revision:334888
ohauer search for other commits by this committer
- security update subversion-1.8.5 / 1.7.14 [1]
- add vuxml entry
- let bindings ports load options file [2]

[1]
Version 1.8.5
(25 November 2013, from /branches/1.8.x)
http://svn.apache.org/repos/asf/subversion/tags/1.8.5

 User-visible changes:
  - Client-side bugfixes:
    * fix externals that point at redirected locations (issues #4428, #4429)
    * diff: fix assertion with move inside a copy (issue #4444)

  - Server-side bugfixes:
(Only the first 15 lines of the commit message are shown above View all of this commit message)
25 Nov 2013 06:56:08
Original commit files touched by this commit  1.1_1
Revision:334815
remko (src,doc committer) search for other commits by this committer
Make it more clear that "SAME URL" is actually the blockquote
url.

hat:	secteam
24 Nov 2013 05:36:29
Original commit files touched by this commit  1.1_1
Revision:334705
swills search for other commits by this committer
- Update devel/ruby-gems to 1.8.28
- Document security issues with 1.8.26 and 1.8.27 (CVE-2013-4287 and
CVE-2013-4363)

Security:	742eb9e4-e3cb-4f5a-b94e-0e9a39420600
Security:	54237182-9635-4a8b-92d7-33bfaeed84cd
23 Nov 2013 03:10:04
Original commit files touched by this commit  1.1_1
Revision:334630
swills search for other commits by this committer
- Fix and report heap overflow in floating point parsing issue in ruby

Security:	cc9043cf-7f7a-426e-b2cc-8d1980618113
19 Nov 2013 23:11:40
Original commit files touched by this commit  1.1_1
Revision:334362
timur search for other commits by this committer
Add entries about CVE-2013-4475 and CVE-2013-4476 for net/samba* ports.
19 Nov 2013 17:54:54
Original commit files touched by this commit  1.1_1
Revision:334335
osa search for other commits by this committer
Document new vulnerability in www/nginx (< 1.4.4) and www/nginx-devel (< 1.5.7).
17 Nov 2013 02:25:24
Original commit files touched by this commit  1.1_1
Revision:334047
eadler search for other commits by this committer
Add back NO_STAGE which snuck away during testing.
17 Nov 2013 02:12:32
Original commit files touched by this commit  1.1_1
Revision:334046
eadler search for other commits by this committer
Minor tweak to standard template in order to fit with convention
15 Nov 2013 12:57:27
Original commit files touched by this commit  1.1_1
Revision:333862
rene search for other commits by this committer
Document new vulnerability in www/chromium < 31.0.1650.57

Obtained from:	http://googlechromereleases.blogspot.nl/
13 Nov 2013 14:07:04
Original commit files touched by this commit  1.1_1
Revision:333686
remko (src,doc committer) search for other commits by this committer
Fix the OpenSSH entry, a version entry should be marked
on a per rule basis, and not on it's own lines, because
that would bogusly match other versions then intended.

When in doubt, please let me review your changes!!

hat:	secteam
13 Nov 2013 05:55:57
Original commit files touched by this commit  1.1_1
Revision:333651
eadler search for other commits by this committer
Update to latest flash and mark the old one as vulnerable.

PR:		ports/183911
Submitted by:	Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>
12 Nov 2013 19:08:37
Original commit files touched by this commit  1.1_1
Revision:333601
rene search for other commits by this committer
Document new vulnerabilities in www/chromium < 31.0.1650.48

Obtained from:	http://googlechromereleases.blogspot.nl/
12 Nov 2013 13:09:18
Original commit files touched by this commit  1.1_1
Revision:333567
zi search for other commits by this committer
- Set MAINTAINER to ports-secteam

Requested by:	des@
With hat:	ports-secteam@
11 Nov 2013 12:34:18
Original commit files touched by this commit  1.1_1
Revision:333489
bdrewery search for other commits by this committer
- Fix versions for entry 5709d244-4873-11e3-8a46-000d601460a4
08 Nov 2013 12:50:29
Original commit files touched by this commit  1.1_1
Revision:333217
bdrewery search for other commits by this committer
- Document memory corruption in security/openssh-portable
06 Nov 2013 16:24:34
Original commit files touched by this commit  1.1_1
Revision:333011
makc search for other commits by this committer
Document vulnerability in irc/quassel
01 Nov 2013 12:37:11
Original commit files touched by this commit  1.1_1
Revision:332362
wg search for other commits by this committer
security/vuxml: add modified date for gnutls

Reported by:	kwm
01 Nov 2013 11:16:16
Original commit files touched by this commit  1.1_1
Revision:332356
wg search for other commits by this committer
gnutls3 3.1.15 is affected by the same vulnerability
31 Oct 2013 15:42:13
Original commit files touched by this commit  1.1_1
Revision:332257
flo search for other commits by this committer
Thunderbird is only at version 24.1.0, not 25.0
30 Oct 2013 20:59:23
Original commit files touched by this commit  1.1_1
Revision:332173
flo search for other commits by this committer
Add an entry for the recent mozilla vulnerabilities
28 Oct 2013 18:48:22
Original commit files touched by this commit  1.1_1
Revision:331887
swills search for other commits by this committer
- Update www/mod_pagespeed to 1.2.24.2,1
- Document security issue in mod_pagespeed
28 Oct 2013 07:04:10
Original commit files touched by this commit  1.1_1
Revision:331834
sunpoet search for other commits by this committer
- Cancel the vuxml entry correctly

Notified by:	remko
27 Oct 2013 18:19:16
Original commit files touched by this commit  1.1_1
Revision:331796
sunpoet search for other commits by this committer
- Revert previous commit
27 Oct 2013 17:53:20
Original commit files touched by this commit  1.1_1
Revision:331789
sunpoet search for other commits by this committer
- Document WordPress XSS vulnerability
25 Oct 2013 16:52:51
Original commit files touched by this commit  1.1_1
Revision:331612
jgh search for other commits by this committer
- Add url reference to 9065b930-3d8b-11e3-bd1a-e840f2096bd0

With Hat: ports-secteam
25 Oct 2013 16:07:27
Original commit files touched by this commit  1.1_1
Revision:331605
wg search for other commits by this committer
- Remove report url as it is a default CVE

Reported by:	ak
25 Oct 2013 15:55:41
Original commit files touched by this commit  1.1_1
Revision:331604
wg search for other commits by this committer
- Document gnutls3 denial of service CVE
24 Oct 2013 13:05:10
Original commit files touched by this commit  1.1_1
Revision:331484
kwm search for other commits by this committer
Document xorg-server use after free CVE.

Reviewed by:	zeising@
19 Oct 2013 08:27:56
Original commit files touched by this commit  1.1_1
Revision:330854
delphij search for other commits by this committer
Document pycrypto PRNG reseed race condition.
19 Oct 2013 03:54:52
Original commit files touched by this commit  1.1_1
Revision:330844
swills search for other commits by this committer
- Add CVE references to WordPress 3.6.1 entry
19 Oct 2013 03:40:48
Original commit files touched by this commit  1.1_1
Revision:330843
swills search for other commits by this committer
- Note issues with WordPress before 3.6.1
19 Oct 2013 03:22:32
Original commit files touched by this commit  1.1_1
Revision:330842
swills search for other commits by this committer
- node-devel packages is vulnerable too, guessing this is going to be fixed in
  0.11.7, but if not, I'll update further.
19 Oct 2013 02:48:02
Original commit files touched by this commit  1.1_1
Revision:330834
swills search for other commits by this committer
- Update to 0.10.21 to address a security issue

PR:		ports/183092
Submitted by:	Kenji Rikitake <kenji.rikitake@acm.org>
Security:	206f9826-a06d-4927-9a85-771c37010b32
17 Oct 2013 19:35:22
Refresh Original commit files touched by this commit
Revision:330666  Sanity Test Failure
ohauer search for other commits by this committer
- update to latest release [1]
- use PKGNAMESUFFIX instead LATEST_LINK
- whitespace cleanup
- svn mv */bugzilla to */bugzilla40
- add vuxml entry

4.4.1, 4.2.7, and 4.0.11 Security Advisory
Wednesday Oct 16th, 2013

Summary
=======

Bugzilla is a Web-based bug-tracking system used by a large number of
software projects. The following security issues have been discovered
in Bugzilla:
(Only the first 15 lines of the commit message are shown above View all of this commit message)
17 Oct 2013 12:43:19
Original commit files touched by this commit  1.1_1
Revision:330634
des search for other commits by this committer
Fix build by commenting out the most recent of the two discovery
dates.
17 Oct 2013 10:56:57
Original commit files touched by this commit  1.1_1
Revision:330627
ak search for other commits by this committer
- Fix year, move entry up
17 Oct 2013 10:46:54
Original commit files touched by this commit  1.1_1
Revision:330626
ak search for other commits by this committer
- Document new vulnerabilities in security/dropbear
15 Oct 2013 19:04:28
Original commit files touched by this commit  1.1_1
Revision:330429
rene search for other commits by this committer
Document new vulnerabilities in www/chromium < 30.0.1599.101

Obtained from:	http://googlechromereleases.blogspot.nl/
10 Oct 2013 20:02:42
Original commit files touched by this commit  1.1_1
Revision:330031
ohauer search for other commits by this committer
- update mod_fcgid to version 2.3.9
- add stage support
- add vuxml entry

PR:		ports/182878
Submitted by:	Fabiano Sidler <freebsd.ports@webstyle.ch> (maintainer)
Security:	CVE-2013-4365
05 Oct 2013 09:44:24
Original commit files touched by this commit  1.1_1
Revision:329431
kuriyama search for other commits by this committer
Add recent gnupg1/gnupg vuln.
03 Oct 2013 13:05:49
Original commit files touched by this commit  1.1_1
Revision:329177
sem search for other commits by this committer
Document the last xinetd vulnerability
01 Oct 2013 23:47:14
Original commit files touched by this commit  1.1_1
Revision:329009
jase search for other commits by this committer
- Update to 1.2.9
- Add vuxml entry
- Prevent install target from copying patch backup files

Changes:	https://raw.github.com/polarssl/polarssl/60ad84f43f46b0d3673eaca8b9847d7e01b83c5e/ChangeLog
Security:	ccefac3e-2aed-11e3-af10-000c29789cb5
Security:	CVE-2013-5915
01 Oct 2013 21:30:23
Original commit files touched by this commit  1.1_1
Revision:328998
rene search for other commits by this committer
Document new vulnerabilities for www/chromium < 30.0.1599.66

Obtained from:	http://googlechromereleases.blogspot.nl/
30 Sep 2013 20:55:51
Original commit files touched by this commit  1.1_1
Revision:328873
delphij search for other commits by this committer
Our "package" can have multiple "name" elements.  Since these packages are
from the same origin, they can be collapased into one entry.
30 Sep 2013 19:40:29
Original commit files touched by this commit  1.1_1
Revision:328853
brd (doc committer) search for other commits by this committer
- Add a low version to the graphite-web vuln

Approved by:	swills@
30 Sep 2013 19:31:32
Original commit files touched by this commit  1.1_1
Revision:328851
swills search for other commits by this committer
- Document graphite issue
24 Sep 2013 13:55:56
Original commit files touched by this commit  1.1_1
Revision:328135
tabthorpe search for other commits by this committer
- ebd877b9-7ef4-4375-b1fd-c67780581898 also applies to our ruby18

Reviewed by:	swills
22 Sep 2013 10:36:32
Original commit files touched by this commit  1.1_1
Revision:327862
lwhsu search for other commits by this committer
Document CVE-2013-1443 for www/py-django{,14,-devel}
22 Sep 2013 10:09:42
Original commit files touched by this commit  1.1_1
Revision:327861
lwhsu search for other commits by this committer
- Split names for different packages

Notified by:	remko
20 Sep 2013 22:55:26
Original commit files touched by this commit  1.1_1
Revision:327769
bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
security)
19 Sep 2013 08:29:16
Original commit files touched by this commit  1.1_1
Revision:327604
rm search for other commits by this committer
- add modification date to mozilla entry, that I forgot about
19 Sep 2013 07:50:30
Original commit files touched by this commit  1.1_1
Revision:327600
rm search for other commits by this committer
- correct thunderbird version in recent mozilla entry
19 Sep 2013 05:44:02
Original commit files touched by this commit  1.1_1
Revision:327595
remko (src,doc committer) search for other commits by this committer
Add the latest two FreeBSD Security Advisories that have impact
on -RELEASE versions. (RC's are not documented).

Hat:	secteam
18 Sep 2013 22:40:58
Original commit files touched by this commit  1.1_1
Revision:327587
flo search for other commits by this committer
- update firefox, thunderbird and libxul to 24.0
- update seamonkey to 2.21
- update firefox-esr to 17.0.9
- enable GSTREAMER by default for html5 with h264/aac/mp3
- WEBRTC is now always built
- add PROFILE and TESTS options

Security:		7dfed67b-20aa-11e3-b8d8-0025905a4771
In collaboration with:	Jan Beich <jbeich@tormail.org>
13 Sep 2013 13:13:36
Original commit files touched by this commit  1.1_1
Revision:327145
eadler search for other commits by this committer
Update flash to version 11.2.202.310

PR:		ports/182013
Submitted by:	Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>
Security:	http://www.vuxml.org/freebsd/5bd6811f-1c75-11e3-ba72-98fc11cdc4f5
12 Sep 2013 16:03:45
Original commit files touched by this commit  1.1_1
Revision:327080
lwhsu search for other commits by this committer
Document CVE-2013-4315 for www/py-django{,14,-devel}
02 Sep 2013 19:04:21
Original commit files touched by this commit  1.1_1
Revision:326057
ohauer search for other commits by this committer
- update devel/subversion to 1.8.3	[1]
- update devel/subversion17 to 1.7.13	[1]
- add vuxml entry

Version 1.7.13
(29 Aug 2013, from /branches/1.7.x)
http://svn.apache.org/repos/asf/subversion/tags/1.7.13/CHANGES

User-visible changes:
 - General
   * merge: fix bogus mergeinfo with conflicting file merges (issue #4306)
   * diff: fix duplicated path component in '--summarize' output (issue #4408)
   * ra_serf: ignore case when checking certificate common names (r1514763)

 - Server-side bugfixes:
(Only the first 15 lines of the commit message are shown above View all of this commit message)
29 Aug 2013 10:56:24
Original commit files touched by this commit  1.1_1
Revision:325582
sem search for other commits by this committer
- Document the last cacti vulnerabilities

PR:		ports/181606 (based on)
Submitted by:	Rodrigo (ros) OSORIO <rodrigo@bebik.net>
29 Aug 2013 06:15:52
Original commit files touched by this commit  1.1_1
Revision:325565
remko (src,doc committer) search for other commits by this committer
Add CVE entries to latest entry for Asterisk.
Add "The" in who reports the issue.
Bump modified date
28 Aug 2013 20:51:32
Original commit files touched by this commit  1.1_1
Revision:325551
flo search for other commits by this committer
Update net/asterisk to 1.8.23.1
Update net/asterisk10 to 10.12.3
Update net/asterisk11 to 11.5.1

Security:	fd2bf3b5-1001-11e3-ba94-0025905a4771
21 Aug 2013 09:29:44
Original commit files touched by this commit  1.1_1
Revision:325102
rene search for other commits by this committer
Document new vulnerabilities in www/chromium < 29.0.1547.57

Obtained from:	http://googlechromereleases.blogspot.nl/
20 Aug 2013 15:36:43
Original commit files touched by this commit  1.1_1
Revision:325059
kwm search for other commits by this committer
Fix multiple security issues in the bundled libav version by replacing it
with a newer version.

Reported by:	Jan Beich <jbeich@tormail.org>
19 Aug 2013 08:07:02
Original commit files touched by this commit  1.1_1
Revision:324952
stas (src committer) search for other commits by this committer
- Correct lcms2 VuXML entry: only versions before 2.5 are vulnerable.

PR:		ports/181384
Reported by:	Derek Schrock <dereks@lifeofadishwasher.com>
18 Aug 2013 10:41:11
Original commit files touched by this commit  1.1_1
Revision:324899
ashish search for other commits by this committer
- Update modified date of VuXML entry which was missed in r317985

Reported by:	remko
17 Aug 2013 08:36:30
Original commit files touched by this commit  1.1_1
Revision:324834
remko (src,doc committer) search for other commits by this committer
Correct latest entry, properly indent the paragraphs
and sort the url list alphabetically.
17 Aug 2013 08:24:35
Original commit files touched by this commit  1.1_1
Revision:324831
bf search for other commits by this committer
Amend 689c2bf7-0701-11e3-9a25-002590860428 so that it doesn't overlap with
80771b89-f57b-11e2-bf21-b499baab0cbe, but keep both entries rather than
augmenting the old one, because I've cited the new one in a commit message.
17 Aug 2013 07:56:12
Original commit files touched by this commit  1.1_1
Revision:324830
bf search for other commits by this committer
Update security/libgcrypt to 1.5.3 [1], and document the latest gnupg
and libgcrypt vulnerability

PR:		181231
Submitted by:	Hirohisa Yamaguchi (maintainer) [1]
Security:	http://www.vuxml.org/freebsd/689c2bf7-0701-11e3-9a25-002590860428.html
16 Aug 2013 17:54:42
Original commit files touched by this commit  1.1_1
Revision:324808
brd (doc committer) search for other commits by this committer
- Update puppet to 3.2.4 which fixes CVE-2013-4761 and CVE-2013-4956

Approved by:	swills@
Security:	2b2f6092-0694-11e3-9e8e-000c29f6ae42
16 Aug 2013 05:35:00
Original commit files touched by this commit  1.1_1
Revision:324791
remko (src,doc committer) search for other commits by this committer
Correct polarssl entry, the lines were way to long, indentation was
incorrect, and the topic description does not need too many details
since that is explained in the description itself.

Also correct the url's since c comes before u ;-)

Prodded by:	stas
15 Aug 2013 19:54:23
Original commit files touched by this commit  1.1_1
Revision:324783
stas (src committer) search for other commits by this committer
- Fix ordering of references.

Reported by:	remko
15 Aug 2013 19:02:34
Original commit files touched by this commit  1.1_1
Revision:324781
stas (src committer) search for other commits by this committer
- Add lcms2 DoS vulnerability entry.

Hat: secteam
13 Aug 2013 06:20:27
Original commit files touched by this commit  1.1_1
Revision:324652
mandree search for other commits by this committer
Add CVE Id, which was not in the advisory,
but on <https://polarssl.org/security>.
13 Aug 2013 06:17:33
Original commit files touched by this commit  1.1_1
Revision:324651
mandree search for other commits by this committer
Record PolarSSL < 1.2.8 infinite loop denial of service.

Note: the port has not yet been upgraded, and the fix then needs to be merged
to the 9.2 ports branch before release.
09 Aug 2013 20:52:29
Original commit files touched by this commit  1.1_1
Revision:324462
delphij search for other commits by this committer
Add a link to the advisory.

Submitted by:	remko
09 Aug 2013 17:22:17
Original commit files touched by this commit  1.1_1
Revision:324452
delphij search for other commits by this committer
Document Samba DoS vulnerability.
08 Aug 2013 18:42:03
Original commit files touched by this commit  1.1_1
Revision:324409
flo search for other commits by this committer
- update firefox to 23.0
- update firefox-esr, thunderbird and libxul to 17.0.8
- update seamonkey to 2.20
- fix plist for *-i18n

Security:		0998e79d-0055-11e3-905b-0025905a4771
In collaboration with:	Jan Beich <jbeich@tormail.org>
07 Aug 2013 16:26:13
Original commit files touched by this commit  1.1_1
Revision:324359
mandree search for other commits by this committer
Add one more reference for PuTTY 0.59-0.61 vuln CVE-2011-4607.
07 Aug 2013 16:22:30
Original commit files touched by this commit  1.1_1
Revision:324358
mandree search for other commits by this committer
More references for PuTTY < 0.63 vulnerabilities.
07 Aug 2013 16:11:18
Original commit files touched by this commit  1.1_1
Revision:324357
mandree search for other commits by this committer
Upgrade PuTTY to new 0.63 beta upstream release, adding vulnerability info.

Quoting the upstream's change log:

- Security fix: prevent a nefarious SSH server or network attacker from
  crashing PuTTY at startup in three different ways by presenting a maliciously
  constructed public key and signature.
- Security fix: PuTTY no longer retains the private half of users' keys in
  memory by mistake after authenticating with them.
- Revamped the internal configuration storage system to remove all fixed
  arbitrary limits on string lengths. In particular, there should now no longer
  be an unreasonably small limit on the number of port forwardings PuTTY can
  store.
- Port-forwarded TCP connections which close one direction before the other
  should now be reliably supported, with EOF propagated independently in the
(Only the first 15 lines of the commit message are shown above View all of this commit message)
07 Aug 2013 08:41:51
Original commit files touched by this commit  1.1_1
Revision:324336
danfe search for other commits by this committer
Adjust NVidia driver version ranges after r304966 to remedy false positives.
05 Aug 2013 21:56:57
Original commit files touched by this commit  1.1_1
Revision:324294
ohauer search for other commits by this committer
- secuity update for typo3 ports
- some small Makefile cleanups
- add vuxml entry

Vulnerability Types: Cross-Site Scripting, Remote Code Execution
 Overall Severity: Critical

Vulnerable subcomponent: Third Party Libraries used for audio and video playback
 Affected Versions: All versions from 4.5.0 up to the development branch of 6.2
 Vulnerability Type: Cross-Site Scripting
 Severity: Medium

Vulnerable subcomponent: Backend File Upload / File Abstraction Layer
 Vulnerability Type: Remote Code Execution by arbitrary file creation
 Affected Versions: All versions from 6.0.0 up to the development branch of 6.2
 Severity: Critical

PR:		ports/180951
		ports/180952
		ports/180953
Submitted by:	Helmut Ritter <freebsd-ports@charlieroot.de> (maintainer)
Security:	http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-002/
		CVE-2011-3642
		CVE-2013-1464
04 Aug 2013 12:13:51
Original commit files touched by this commit  1.1_1
Revision:324220
matthew search for other commits by this committer
- Security update of databases/phpmyadmin to 4.0.5

ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.0.5/phpMyAdmin-4.0.5-notes.html/download
SecurityAdvisory: http://www.phpmyadmin.net/home_page/security/PMASA-2013-10.php

- Deprecate databases/phpmyadmin35

This version is vulnerable to the 'clickjacking protection bypass'
problem fixed in 4.0.5, but the development team will not be
publishing a fix. "We have no solution for 3.5.x, due to the proposed
solution requiring JavaScript. We don't want to introduce a dependency
to JavaScript in the 3.5.x family."

Therefore deprecate this port and set expiry for one month.  Please
upgrade to 4.0.5 instead.

Security:	17326fd5-fcfb-11e2-9bb9-6805ca0b3d42
03 Aug 2013 14:56:42
Original commit files touched by this commit  1.1_1
Revision:324196
rene search for other commits by this committer
Add new vulnerabilities for www/chromium < 28.0.1500.95

Obtained from:	http://googlechromereleases.blogspot.nl/
01 Aug 2013 18:43:49
Original commit files touched by this commit  1.1_1
Revision:324117
remko (src,doc committer) search for other commits by this committer
Modify the latest puppet entry. Because the matching of the version everything
below 3.2.2 was a match, including all 2.7.x versions. It also appears that
there is no puppet27 version, just puppet-2.7.x and puppet-3.2.x instead.

Bump modification date.

PR:		180958
Submitted by:	Kan Sasaki <sasaki@fcc.ad.jp>
29 Jul 2013 19:17:27
Original commit files touched by this commit  1.1_1
Revision:323898
matthew search for other commits by this committer
Now that PMSA-2013-{9,11-15} have been published, borrow from them to
expand on the original rather sketchy entries.

Sort URL references[1]

Submitted by:	remko [1]
28 Jul 2013 15:38:45
Original commit files touched by this commit  1.1_1
Revision:323835
matthew search for other commits by this committer
Security update: multiple vulnerabilities in databases/phpmyadmin and
databases/phpmyadmin35

 - update phpmyadmin to 4.0.4.2

ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.0.4.2/phpMyAdmin-4.0.4.2-notes.html/view

 - update phpmyadmin35 to 3.5.8.2

ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.5.8.2/phpMyAdmin-3.5.8.2-notes.html/view

 - vuxml

The PMSA references shown have not been published yet, hence no CVE
numbers and a lack of detail in the descriptions.  Yes, PMSA-2013-10
is missing from the sequence.  According to the security alert e-mail:

   "For more details, see the upcoming PMASA-2013-8 to PMASA-2013-15 (minus
    PMASA-2013-10 which is reserved for a future advisory)."
27 Jul 2013 17:36:20
Original commit files touched by this commit  1.1_1
Revision:323801
remko (src,doc committer) search for other commits by this committer
Add entry for wordpress < 3.5.2

Requested by:	Patrick Oonk
27 Jul 2013 13:24:18
Original commit files touched by this commit  1.1_1
Revision:323783
remko (src,doc committer) search for other commits by this committer
Add additional reference, bump modified date.
26 Jul 2013 23:22:36
Original commit files touched by this commit  1.1_1
Revision:323760
delphij search for other commits by this committer
Document BIND denial of service vulnerability
26 Jul 2013 11:06:45
Original commit files touched by this commit  1.1_1
Revision:323712
remko (src,doc committer) search for other commits by this committer
Cleanup last entry. Properly indent the entry and
make sure that after a period on the end of a line
we follow with two spaces.

hat:	    secteam
25 Jul 2013 22:56:06
Original commit files touched by this commit  1.1_1
Revision:323675
kuriyama search for other commits by this committer
Add an entry for security/gnupg1.
25 Jul 2013 18:29:27
Original commit files touched by this commit  1.1_1
Revision:323659
bjk (doc committer) search for other commits by this committer
Update to 1.6.5

This is a security release by upstream, and requires configuration changes
in addition to the software update.  See UPDATING.

Reviewed by:	ports-security (zi, remko)
Approved by:	hrs (mentor, ports committer)

Number of commits found: 3342 (showing only 100 on this page)

[First Page]  «  1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11  »  [Last Page]

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
curlApr 11
dbus-glibApr 11
libaudiofileApr 11
linux-f10-curlApr 11
linux-f10-dbus-glibApr 11
linux-f10-libaudiofileApr 11
linux-f10-nas-libsApr 11
linux-f10-openldapApr 11
mingw32-openssl*Apr 11
mingw32-opensslApr 11
nasApr 11
openssl*Apr 11
opensslApr 11
linux-f10-openssl*Apr 10
linux-f10-openssl*Apr 10

13 vulnerabilities affecting 34 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds


Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 24391
Broken 175
Deprecated 120
Ignore 527
Forbidden 4
Restricted 266
No CDROM 108
Vulnerable 27
Expired 8
Set to expire 105
Interactive 22
new 24 hours 2
new 48 hours4
new 7 days16
new fortnight39
new month149

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.