| Commit History - (may be incomplete: see SVNWeb link above for full details) |
| Date | By | Description |
12 Aug 2004 18:56:10
  1.1
|
nectar  |
Under certain configurations of POPfile may allow an attacker to
retrieve files from the victim's machine.
Reported by: Daniel Grund <mail@dgrund.de> |
12 Aug 2004 18:43:01
1.1
|
nectar |
Correct version information syntax in a number of entries. VuXML-using
tools are expected only to understand actual package names and version
numbers, not globs such as `foo-{bar,baz}' or `1.*'. |
12 Aug 2004 11:58:18
1.1
|
eik |
give the ImageMagick png vulnerability an own entry |
11 Aug 2004 22:57:51
1.1
|
eik |
f72ccf7c-e607-11d8-9b0a-000347a4fa7d is a duplicate of
6f955451-ba54-11d8-b88c-000d610a3b12, move references |
10 Aug 2004 11:00:48
1.1
|
eik |
add a reference for linux-png-1.0.x to 3a408f6f-9c52-11d8-9366-0020ed76ef5a |
09 Aug 2004 15:10:03
1.1
|
eik |
add ImageMagick to the list of png-vulnerable ports |
07 Aug 2004 08:33:00
1.1
|
eik |
correct typo |
06 Aug 2004 21:51:24
1.1
|
marcus |
Add an entry for Thunderbird to the libpng vulnerability. |
05 Aug 2004 23:35:33
1.1
|
eik |
move abe47a5a-e23c-11d8-9b0a-000347a4fa7d to vuxml, add mozilla to the list of
vulnerable ports |
05 Aug 2004 14:27:36
1.1
|
eik |
move f9e3e60b-e650-11d8-9b0a-000347a4fa7d to vuxml, add mozilla to the list of
vulnerable ports |
30 Jul 2004 11:19:37
1.1
|
eik |
Mozilla / Firefox user interface spoofing vulnerability |
27 Jul 2004 11:46:15
1.1
|
des |
Use & instead of naked &. |
27 Jul 2004 11:45:05
1.1
|
des |
Add CVE name and correct URL to iDEFENSE advisory for the SSLtelnet issue. |
22 Jul 2004 23:30:11
1.1
|
eik |
- add some references
- correctly match samba 3.0
- add ja-samba |
22 Jul 2004 15:45:05
1.1
|
trhodes |
Fix an XML tag. |
22 Jul 2004 15:22:43
1.1
|
trhodes |
Mark the 2.2.x series of Samba as vulnerable. |
22 Jul 2004 14:43:13
1.1
|
trhodes |
Recently announced Samba issue. |
16 Jul 2004 07:31:22
1.1
|
eik |
fix courier-imap version number |
15 Jul 2004 08:01:25
1.1
|
eik |
PHP memory_limit and strip_tags() vulnerabilities. |
11 Jul 2004 00:59:46
1.1
|
eik |
ethereal |
08 Jul 2004 14:24:07
1.1
|
eik |
move e5e2883d-ceb9-11d8-8898-000d6111a684 to vuln.xml |
05 Jul 2004 21:27:12
1.1
|
eik |
XSS vulnerability affecting other webmail systems |
05 Jul 2004 17:24:44
1.1
|
nectar |
Add missing mandatory <body> element for SSLtelnet issue. |
05 Jul 2004 12:03:53
1.1
|
des |
Add an entry for the SSLtelnet format string vulnerability. |
03 Jul 2004 15:27:22
1.1
|
naddy |
Pavuk HTTP Location header overflow |
03 Jul 2004 06:48:34
1.1
|
trhodes |
Move phpnuke vulnerabilities to VuXML. |
02 Jul 2004 14:24:04
1.1
|
eik |
GNATS local privilege elevation (corrected PORTREVISION) |
02 Jul 2004 13:31:45
1.1
|
eik |
GNATS local privilege elevation |
02 Jul 2004 09:13:07
1.1
|
des |
Whitespace cleanup. |
02 Jul 2004 09:12:52
1.1
|
des |
Add SA-04:13.linux |
02 Jul 2004 00:48:56
1.1
|
eik |
move "phpMyAdmin code injection" to vuxml |
01 Jul 2004 23:55:39
1.1
|
pav |
- Add phpMyAdmin 2.5.7 vulnerability.
I hope I got XML right. |
28 Jun 2004 22:49:17
1.1
|
trhodes |
Use the equal '=' sign as only the current version was affected. |
28 Jun 2004 21:27:16
1.1
|
eik |
add a reference to ISC DHCP overflows |
28 Jun 2004 21:20:00
1.1
|
trhodes |
Add xorg-clients due to xdm socket vuln. |
28 Jun 2004 03:58:47
1.1
|
trhodes |
Move MoinMoin entry to VuXML. |
27 Jun 2004 19:26:14
1.1
|
eik |
reference cleanup |
26 Jun 2004 00:45:08
1.1
|
trhodes |
Fix the previous entry; it had an incorrect port range. |
25 Jun 2004 20:01:28
1.1
|
trhodes |
Add an entry for recent isc-dhcp3-server buffer overflows.
Remove the one in portaudit.txt. |
25 Jun 2004 17:18:57
1.1
|
trhodes |
Move giFT-FastTrack to VuXML. |
25 Jun 2004 02:04:08
1.1
|
trhodes |
Fix an older entry which ends with "buffer overflows vuxml".
Fill in a date on my previous entry. |
25 Jun 2004 01:35:18
1.1
|
trhodes |
Move the Gallery entry to VuXML. |
25 Jun 2004 00:36:12
1.1
|
eik |
www/sitecopy uses the included libneon version 0.24.0 |
21 Jun 2004 22:03:48
1.1
|
eik |
I believe that linux-png-1.2.2 still contains the vulnerability.
Add some references that support this opinion. |
21 Jun 2004 20:04:18
1.1
|
pav |
- Extend png entry to cover it's linux-png variant
Requested by: eik |
14 Jun 2004 21:05:16
1.1
|
fjoe |
Midnight Commander security vulnerabilities
CAN-2004-0226, CAN-2004-0231, CAN-2004-0232
fixed in mc-4.6.0_10. |
12 Jun 2004 12:22:23
1.1
|
eik |
add a $FreeBSD$ tag |
09 Jun 2004 20:38:33
1.1
|
des |
Add CAN-2004-0541 (buffer overflow in Squid NTLM authentication helper) |
08 Jun 2004 12:42:09
1.1
|
eik |
Fix for CAN-2004-0097
Forgotten by: sobomax |
07 Jun 2004 21:21:06
1.1
|
des |
Correction: FreeBSD-SA-04:12.jailroute does not apply to 4.7 and older. |
07 Jun 2004 21:17:33
1.1
|
des |
Whitespace cleanup |
07 Jun 2004 21:17:02
1.1
|
des |
Add FreeBSD-SA-04:12.jailroute. |
26 May 2004 11:32:29
1.1
|
des |
FreeBSD-SA-04:11 |
24 May 2004 11:49:54
1.1
|
ale |
Update modified date for mysql bug after fixing typo.
Requested by: nectar |
21 May 2004 12:42:01
1.1
|
nectar |
Add CVE name for one of the leafnode issues. |
21 May 2004 12:39:46
1.1
|
nectar |
Edit the topics to distinguish a bit better between the different
leafnode DoS issues. |
21 May 2004 12:13:52
1.1
|
nectar |
Document several issues in leafnode.
Submitted by: Matthias Andree <matthias.andree@gmx.de> |
21 May 2004 07:57:39
1.1
|
ale |
Fix typo.
Spotted by: eik |
19 May 2004 21:06:20
1.1
|
nectar |
Correct a typo (s/Jon/Joe/) |
19 May 2004 20:21:32
1.1
|
nectar |
Add subversion and neon date parsing vulnerabilities. |
19 May 2004 12:57:14
1.1
|
des |
make tidy |
19 May 2004 12:55:35
1.1
|
des |
Add an entry for the cvs pserver heap overflow. |
18 May 2004 14:53:33
1.1
|
nectar |
Add CVE name and CERT Vulnerability Note references for old Cyrus bug. |
18 May 2004 14:43:04
1.1
|
nectar |
make tidy |
18 May 2004 14:40:22
1.1
|
nectar |
Forced commit to note that the content of the previous revision was
Reported by: Ion-Mihai Tetcu <itetcu@apropo.ro> |
18 May 2004 14:39:03
1.1
|
nectar |
Add URI handling issue that affects Opera and KDE, at least. |
18 May 2004 11:50:58
1.1
|
ale |
Note that the mysqlbug has been fixed. |
17 May 2004 13:20:30
1.1
|
nectar |
Update version number for fspd, now that it has been corrected.
Reported by: Radim Kolar <hsn@netmag.cz> |
15 May 2004 13:20:04
1.1
|
eik |
&, not | |
15 May 2004 13:13:50
1.1
|
eik |
ProFTPD vulnerability is fixed in
<http://www.proftpd.org/docs/NEWS-1.2.10rc1>
Submitted by: Koop Mast <kwm@rainbow-runner.nl> |
12 May 2004 16:01:25
1.1
|
nectar |
Add Cyrus IMSPd security release.
Reported by: eik |
12 May 2004 15:28:50
1.1
|
nectar |
Add old Cyrus IMAP server heap buffer overflow.
Reported by: eik |
09 May 2004 22:26:05
1.1
|
nobutaka |
The security issue of multimedia/xine (insecure temporary file creation in
xine-check, xine-bugreport) has been fixed in 0.9.23_3. |
06 May 2004 21:11:00
1.1
|
nectar |
Only one <modified> is allowed per entry. |
06 May 2004 20:40:19
1.1
|
des |
Correct the discovery date for the proftpd issue. |
06 May 2004 16:26:28
1.1
|
nectar |
Oops. s/2005-05-05/2004-05-05/ :-) |
06 May 2004 16:12:55
1.1
|
nectar |
Second-guess Oliver and correct the affected entry for exim
in order to unbreak this file. |
06 May 2004 15:43:53
1.1
|
eik |
exim buffer overflow when verify = header_syntax is used |
06 May 2004 15:33:57
1.1
|
nectar |
Add phpBB session table exhaustion issue.
Submitted by: Xin LI <delphij@frontfree.net> |
05 May 2004 21:49:49
1.1
|
nectar |
Add the issues covered in FreeBSD-SA-04:08.heimdal and
FreeBSD-SA-04:09.kadmind. |
05 May 2004 14:57:33
1.1
|
nectar |
make tidy |
05 May 2004 14:57:02
1.1
|
nectar |
Use PORTVERSION conventions for FreeBSD version numbers, so that
5.2.1-RELEASE-p5 becomes 5.2.1_5 (not 5.2.1p5, as it would have been
previously).
This is necessary because e.g. 5.2p1 > 5.2.1p5 using existing version
comparison tools. |
03 May 2004 20:15:32
1.1
|
nectar |
Correct package name for xchat Socks5 vulnerability (xchat -> xchat2).
Note that the issue is fixed in version 2.0.8_2 (thanks marcus!). |
03 May 2004 18:23:43
1.1
|
nectar |
Correct the fixed version for lha. |
03 May 2004 14:42:39
1.1
|
nectar |
png issue was fixed in png-1.2.5_4 |
02 May 2004 16:55:28
1.1
|
nectar |
Add a vulnerability in www/pound.
Submitted by: clement
Add a security-related regression in ftp/proftpd.
Add several security issues in misc/mc.
Add a DoS issue in graphics/png.
Add a security issues in archivers/lha.
Add recent advisories for xine.
Add rsync path traversal issue. |
30 Apr 2004 16:04:55
1.1
|
nectar |
tla is also affected by libneon issue.
PR: ports/65754
Submitted by: Frank Ruell <stoerte@dreamwarrior.net>
Additional reference for mysql issue.
Submitted by: Daniel Harris <dannyboy@FreeBSD.org> |
23 Apr 2004 23:07:28
1.1
|
nectar |
Added CVE name for ident2 issue.
Added the ``new'' TCP DoS issue.
Added phpBB issue. (1)
Added XChat Socks5 issue.
Submitted by: (1) Frankye - ML <listsucker@ipv5.net> |
16 Apr 2004 16:29:01
1.1
|
nectar |
Add mysqlbug temporary file handling vulnerability.
Add ident2 vulnerability.
make tidy (sorry, I meant to do this in a separate commit) |
16 Apr 2004 14:44:09
1.1
|
nectar |
Additional CVE name for recent CVS vulnerability. |
16 Apr 2004 00:49:15
1.1
|
nectar |
Add kdepim vulnerability |
16 Apr 2004 00:26:36
1.1
|
nectar |
Add neon vulnerability
Correct the version range for openh323 |
14 Apr 2004 17:18:52
1.1
|
nectar |
Add CVS vulnerabilities. |
14 Apr 2004 15:10:12
1.1
|
nectar |
Document another racoon DoS vulnerability.
Note that racoon was also affected by the tcpdump ISAKMP vulnerability. |
13 Apr 2004 20:39:27
1.1
|
nectar |
make tidy |
13 Apr 2004 20:38:39
1.1
|
nectar |
Add CVE name for racoon DoS vulnerability. |
13 Apr 2004 17:56:43
1.1
|
nectar |
Correct modified date in previous commit: format is YYYY-MM-DD and
timezone is UTC. |
13 Apr 2004 17:31:13
1.1
|
fjoe |
Midnight Commander vulnerability CAN-2003-1023 was fixed in version 4.6.0_9. |
07 Apr 2004 17:13:05
1.1
|
nectar |
make tidy |
07 Apr 2004 16:27:57
1.1
|
nectar |
Add new affected version of gaim.
Add year 2004 FreeBSD security advisories. |
If you buy from Amazon USA, please support us by using this link.