FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

I am looking for an LTO tape library. Do you have one to spare?
Port details
vuxml 1.1_2 security on this many watch lists=28 search for ports that depend on this port
Vulnerability and eXposure Markup Language DTD
Maintained by: ports-secteam@FreeBSD.org search for ports maintained by this maintainer
Port Added: 12 Feb 2004 14:24:23
Also Listed In: textproc
License: BSD2CLAUSE


VuXML (the Vulnerability and eXposure Markup Language) is an XML
application for documenting security bugs and corrections within
a software package collection such as the FreeBSD Ports Collection.
This port installs the DTDs required for validating VuXML documents.
SVNWeb : Distfiles Availability : PortsMon

NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Required To Run:
  1. textproc/xmlcatmgr
  2. textproc/xhtml-modularization
  3. textproc/xhtml-basic
  4. lang/python27
There are no ports dependent upon this port

To install the port: cd /usr/ports/security/vuxml/ && make install clean
To add the package: pkg install security/vuxml


Configuration Options
     No options to configure

Master Sites:
  1. http://distcache.FreeBSD.org/ports-distfiles/vuxml/
  2. http://www.vuxml.org/dtd/vuxml-1/

Number of commits found: 3446 (showing only 100 on this page)

[First Page]  «  1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11  »  [Last Page]

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
26 Jul 2013 23:22:36
Original commit files touched by this commit  1.1_1
Revision:323760
delphij search for other commits by this committer
Document BIND denial of service vulnerability
26 Jul 2013 11:06:45
Original commit files touched by this commit  1.1_1
Revision:323712
remko (src,doc committer) search for other commits by this committer
Cleanup last entry. Properly indent the entry and
make sure that after a period on the end of a line
we follow with two spaces.

hat:	    secteam
25 Jul 2013 22:56:06
Original commit files touched by this commit  1.1_1
Revision:323675
kuriyama search for other commits by this committer
Add an entry for security/gnupg1.
25 Jul 2013 18:29:27
Original commit files touched by this commit  1.1_1
Revision:323659
bjk (doc committer) search for other commits by this committer
Update to 1.6.5

This is a security release by upstream, and requires configuration changes
in addition to the software update.  See UPDATING.

Reviewed by:	ports-security (zi, remko)
Approved by:	hrs (mentor, ports committer)
24 Jul 2013 20:59:28
Original commit files touched by this commit  1.1_1
Revision:323617
lev search for other commits by this committer
  Add <url></url> to references.

Submitted by:	Remko Lodder <remko@FreeBSD.org>
24 Jul 2013 17:18:50
Original commit files touched by this commit  1.1_1
Revision:323611
lev search for other commits by this committer
 Update:
   devel/subversion to 1.8.1
   devel/subversion16 to 1.7.11

 These releases fix CVE-2013-4131
 http://subversion.apache.org/security/CVE-2013-4131-advisory.txt

Approved by:	Olli Hauer <ohauer@FreeBSD.org> for devel/subversion17
Security:	CVE-2013-4131
23 Jul 2013 10:32:23
Original commit files touched by this commit  1.1_1
Revision:323525
bdrewery search for other commits by this committer
- Update whitespace for 2fbfd455-f2d0-11e2-8a46-000d601460a4

Requested by:	remko
22 Jul 2013 13:24:05
Original commit files touched by this commit  1.1_1
Revision:323445
bdrewery search for other commits by this committer
- Update suPHP to 0.7.2
- Document possible privilege escalation

Approved by:	maintainer timeout
Security:	2fbfd455-f2d0-11e2-8a46-000d601460a4
21 Jul 2013 18:54:51
Original commit files touched by this commit  1.1_1
Revision:323410
ohauer search for other commits by this committer
- change apache24 version from 2.4.5 to 2.4.6 (2.4.5 was not released)
- add http://www.apache.org/dist/httpd/Announcement2.4.html as reference

requested by remko@
20 Jul 2013 17:11:54
Original commit files touched by this commit  1.1_1
Revision:323351
ohauer search for other commits by this committer
- update to apache24-2.4.6
 - new modules: mod_cache_socache, mod_macro and mod_proxy_wstunnel

- add enty to vuxml

SECURITY: CVE-2013-1896 (cve.mitre.org)
 mod_dav: Sending a MERGE request against a URI handled by mod_dav_svn with
 the source href (sent as part of the request body as XML) pointing to a
 URI that is not configured for DAV will trigger a segfault.

SECURITY: CVE-2013-2249 (cve.mitre.org)
 mod_session_dbd: Make sure that dirty flag is respected when saving
 sessions, and ensure the session ID is changed each time the session
 changes. This changes the format of the updatesession SQL statement.
 Existing configurations must be changed.

Changelog:
http://www.apache.org/dist/httpd/CHANGES_2.4.6

with hat apache@

Security:	ca4d63fb-f15c-11e2-b183-20cf30e32f6d
17 Jul 2013 22:09:58
Original commit files touched by this commit  1.1_1
Revision:323190
delphij search for other commits by this committer
Document gallery3 multiple vulnerabilities.
17 Jul 2013 22:07:22
Original commit files touched by this commit  1.1_1
Revision:323189
eadler search for other commits by this committer
Add missing citation

Requested by:	remko
16 Jul 2013 18:10:12
Original commit files touched by this commit  1.1_1
Revision:323118
des search for other commits by this committer
Add two more PHP entries for issues which have already been fixed.
15 Jul 2013 21:06:36
Original commit files touched by this commit  1.1_1
Revision:323080
eadler search for other commits by this committer
Update to 11.2r202.291

PR:		ports/179502
Submitted by:	Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>
15 Jul 2013 18:25:19
Original commit files touched by this commit  1.1_1
Revision:323071
delphij search for other commits by this committer
Document squid 3.x denial of service vulnerability.
15 Jul 2013 09:26:37
Original commit files touched by this commit  1.1_1
Revision:323026
cs search for other commits by this committer
Adjust version numbers for OTRS vulnerabilities
14 Jul 2013 22:03:55
Original commit files touched by this commit  1.1_1
Revision:323009
eadler search for other commits by this committer
Add missing modified dates from r321329.

I had this sitting for a bit, but forgot to test & commit.

Requested by:	remko
11 Jul 2013 21:28:39
Original commit files touched by this commit  1.1_1
Revision:322798
delphij search for other commits by this committer
Wrap long lines.  No content change.
11 Jul 2013 20:35:20
Original commit files touched by this commit  1.1_1
Revision:322797
cs search for other commits by this committer
Security vulnerabilities in libzrtp

Security:	04320e7d-ea66-11e2-a96e-60a44c524f57
11 Jul 2013 20:17:34
Original commit files touched by this commit  1.1_1
Revision:322795
swills search for other commits by this committer
- Document ruby vulnerability
11 Jul 2013 07:50:27
Original commit files touched by this commit  1.1_1
Revision:322757
cs search for other commits by this committer
Add vulnerability on otrs

Security:	e3e788aa-e9fd-11e2-a96e-60a44c524f57
10 Jul 2013 19:01:44
Original commit files touched by this commit  1.1_1
Revision:322728
ohauer search for other commits by this committer
- update to apache-2.2.25
- update vuxml with additional CVE-2013-1896 entry

Changes with Apache 2.2.25
  http://www.apache.org/dist/httpd/CHANGES_2.2.25

  *) SECURITY: CVE-2013-1896 (cve.mitre.org)
     mod_dav: Sending a MERGE request against a URI handled by mod_dav_svn with
     the source href (sent as part of the request body as XML) pointing to a
     URI that is not configured for DAV will trigger a segfault. [Ben Reser
     <ben reser.org>]

  *) SECURITY: CVE-2013-1862 (cve.mitre.org)
     mod_rewrite: Ensure that client data written to the RewriteLog is
     escaped to prevent terminal escape sequences from entering the
(Only the first 15 lines of the commit message are shown above View all of this commit message)
10 Jul 2013 14:35:58
Original commit files touched by this commit  1.1_1
Revision:322699
rene search for other commits by this committer
Add new vulnerabilities for www/chromium < 28.0.1500.71

Obtained from:	http://googlechromereleases.blogspot.nl/
06 Jul 2013 08:46:40
Original commit files touched by this commit  1.1_1
Revision:322368
ohauer search for other commits by this committer
- add fix for CVE-2013-1862
- adjust vuxml
05 Jul 2013 21:06:16
Original commit files touched by this commit  1.1_1
Revision:322357
ohauer search for other commits by this committer
- document apache22 CVE-2013-1862 (mod_rewrite)

Update to apache22-2.2.25 is ready to commit.
Until now there is no official announcement from apache.org
so we hold the update back until we have official checksums.
02 Jul 2013 07:43:03
Original commit files touched by this commit  1.1_1
Revision:322159
delphij search for other commits by this committer
Fix CVE-2013-2174 for ftp/curl with a patch from vendor for
now so that users can build the port, per popular demands
on mailing list.

The upgrade patch found in ports/172325 is currently under
exp-run.  The changes in this commit against ftp/curl can be
safely reverted before applying that patch, as it's shipped
with new curl release.

Approved by:	portmgr (miwi)
30 Jun 2013 20:49:33
Original commit files touched by this commit  1.1_1
Revision:322099
matthew search for other commits by this committer
Security update to 4.0.4.1

ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.0.4.1/phpMyAdmin-4.0.4.1-notes.html/view

Advisory: http://www.phpmyadmin.net/home_page/security/PMASA-2013-7.php

Security:	1b93f6fe-e1c1-11e2-948d-6805ca0b3d42
28 Jun 2013 11:07:49
Original commit files touched by this commit  1.1_1
Revision:321955
girgen search for other commits by this committer
Security update for apache-xml-security-c

URL:	http://santuario.apache.org/secadv.data/CVE-2013-2210.txt
Security:	81da673e-dfe1-11e2-9389-08002798f6ff
Security:	CVE-2013-2210
26 Jun 2013 11:01:35
Original commit files touched by this commit  1.1_1
Revision:321792
flo search for other commits by this committer
- update firefox to 22.0
- update firefox-esr, thunderbird and libxul to 17.0.7
- update nspr to 4.10
- OSS support was removed upstream, only ALSA and PulseAudio are supported
  from now on.

Security:	b3fcb387-de4b-11e2-b1c6-0025905a4771
In collaboration with:	Jan Beich <jbeich@tormail.org>
23 Jun 2013 20:14:01
Original commit files touched by this commit  1.1_1
Revision:321649
rea search for other commits by this committer
VuXML: document CVE-2013-2174, heap corruption in cURL library
22 Jun 2013 12:49:29
Original commit files touched by this commit  1.1_1
Revision:321570
swills search for other commits by this committer
- Update puppet to 3.2.2 which fixes CVE-2013-3567 [1]
- Update puppet27 to 2.7.22 which fixes CVE-2013-3567
- Document security issue

PR:		ports/179816 [1]
Submitted by:	mat [1]
Security:	b162b218-c547-4ba2-ae31-6fdcb61bc763
22 Jun 2013 09:36:10
Original commit files touched by this commit  1.1_1
Revision:321558
bf search for other commits by this committer
Correct the CVE-2013-0131 entry, so that the most recent revision of
x11/nvidia-driver-304 is not mistakenly flagged as vulnerable
19 Jun 2013 21:56:57
Original commit files touched by this commit  1.1_1
Revision:321338
jgh search for other commits by this committer
- fix formating of 8b97d289-d8cf-11e2-a1f5-60a44c524f57

With Hat:	ports-secteam
19 Jun 2013 21:20:50
Original commit files touched by this commit  1.1_1
Revision:321330
eadler search for other commits by this committer
Add extra-validation to the validation target.

While here, test with python2 and permit the script to run with either 2 or 3.

Requested by:	delphij
With Hat:	ports-secteam
19 Jun 2013 21:14:51
Original commit files touched by this commit  1.1_1
Revision:321329
eadler search for other commits by this committer
- Fix entry dates for some 'insane' dates.  In some cases a best effort was made
to guess what was meant due to either destroyed svn logs (formatting 'fixes') or
lost to time reports.

With Hat:	ports-secteam
19 Jun 2013 20:46:23
Original commit files touched by this commit  1.1_1
Revision:321322
eadler search for other commits by this committer
Add an additional validation script to the vuxml port.
At this point it is not tied to the validate: target because validation fails.

Reviewed by:	simon, delphij
With Hat:	ports-secteam
19 Jun 2013 11:08:02
Original commit files touched by this commit  1.1_1
Revision:321237
cs search for other commits by this committer
Fix typo soccat -> socat
19 Jun 2013 11:07:36
Original commit files touched by this commit  1.1_1
Revision:321236
cs search for other commits by this committer
Add vulnerability on OTRS
18 Jun 2013 15:50:05
Original commit files touched by this commit  1.1_1
Revision:321198
delphij search for other commits by this committer
Fix date for flashpluginwrapper.
18 Jun 2013 15:45:03
Original commit files touched by this commit  1.1_1
Revision:321196
delphij search for other commits by this committer
Add entry for SA-13:06.mmap.
18 Jun 2013 15:15:48
Original commit files touched by this commit  1.1_1
Revision:321194
girgen search for other commits by this committer
Security update for apache-xml-security-c.
Dependant ports, especially shibboleth2-sp, opensaml2, xmltooling
and log4shib should all be updated.

Security: CVE-2013-2156
17 Jun 2013 03:23:53
Original commit files touched by this commit  1.1_1
Revision:321084
bf search for other commits by this committer
Document Tor bug 9072
14 Jun 2013 06:21:14
Original commit files touched by this commit  1.1_1
Revision:320884
ak search for other commits by this committer
- Fix typo in dbus entry

Reported by:	Christoph Mallon <christoph.mallon@gmx.de>
13 Jun 2013 19:54:25
Original commit files touched by this commit  1.1_1
Revision:320834
kwm search for other commits by this committer
Update to 1.6.12.

I'm not completly sure this affects us, but beter safe then sorry.
While here wordsmith Options description to try to make it clearer.

Security:	CVE-2013-2168
11 Jun 2013 22:44:39
Original commit files touched by this commit  1.1_1
Revision:320654
eadler search for other commits by this committer
Update to 11.2r202.291

PR:		ports/179502
Submitted by:	Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>
11 Jun 2013 21:03:38
Original commit files touched by this commit  1.1_1
Revision:320642
culot search for other commits by this committer
- Document vulnerabilities in www/owncloud

Security:	d7a43ee6-d2d5-11e2-9894-002590082ac6
Obtained from:	http://owncloud.org/about/security/advisories/
07 Jun 2013 15:19:27
Original commit files touched by this commit  1.1_1
Revision:320210
flo search for other commits by this committer
Update to 5.3.26

Security:	59e7163c-cf84-11e2-907b-0025905a4770
07 Jun 2013 06:30:39
Original commit files touched by this commit  1.1_1
Revision:320151
erwin search for other commits by this committer
Match only the most recent Bind9* version in the latest vulnerability,
older versions are not affected.
06 Jun 2013 10:59:35
Original commit files touched by this commit  1.1_1
Revision:320080
erwin search for other commits by this committer
Fix typo in previous revision.
06 Jun 2013 08:36:34
Original commit files touched by this commit  1.1_1
Revision:320060
erwin search for other commits by this committer
Add entry for the latest Bind vulnerabilities in CVE-2013-3919.
05 Jun 2013 22:02:14
Original commit files touched by this commit  1.1_1
Revision:320032
matthew search for other commits by this committer
Security upgrade to 4.0.3

Advisory: http://www.phpmyadmin.net/home_page/security/PMASA-2013-6.php

ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.0.3/phpMyAdmin-4.0.3-notes.html/view

Security:	6b97436c-ce1e-11e2-9cb2-6805ca0b3d42
05 Jun 2013 09:02:47
Original commit files touched by this commit  1.1_1
Revision:319965
kwm search for other commits by this committer
Update to 0.16.6.

Obtained from:	GNOME dev repo
Security:	CVE-2013-1431
04 Jun 2013 22:30:28
Original commit files touched by this commit  1.1_1
Revision:319933
rene search for other commits by this committer
Document vulnerabilities in www/chromium < 27.0.1453.110

Obtained from:	http://googlechromereleases.blogspot.nl/
04 Jun 2013 21:52:40
Original commit files touched by this commit  1.1_1
Revision:319919
eadler search for other commits by this committer
- Fix build
- Ensure validation
04 Jun 2013 19:31:30
Original commit files touched by this commit  1.1_1
Revision:319899
zeising search for other commits by this committer
Fix security issues in xorg client libraries.
Most libraries were updated to newer versions, in some cases patches
were backported instead.

Most notably, x11/libX11 was updated to 1.6.0

Security:	CVE-2013-1981
		CVE-2013-1982
		CVE-2013-1983
		CVE-2013-1984
		CVE-2013-1985
		CVE-2013-1986
		CVE-2013-1987
		CVE-2013-1988
		CVE-2013-1989
(Only the first 15 lines of the commit message are shown above View all of this commit message)
04 Jun 2013 04:45:23
Original commit files touched by this commit  1.1_1
Revision:319823
cy search for other commits by this committer
Update krb5 1.11.2 --> 1.11.3.

This is a bugfix release.

* Fix a UDP ping-pong vulnerability in the kpasswd (password changing)
  service.  [CVE-2002-2443]

* Improve interoperability with some Windows native PKINIT clients.

Security:	CVE-2002-2443
03 Jun 2013 18:29:51
Original commit files touched by this commit  1.1_1
Revision:319798
crees search for other commits by this committer
Update to 1.6.2

* Fix buffer overflows in fileserver and ptserver.
* Fix rare file corruption during background sync (Gerrit 8796).
* Fix corrupting clients' metadata cache during certain errors (Gerrit 6957).
* Fix cache corruption when reading from a file another client is simultaneously
writing to (Gerrit 7994).
* Fix fileservers to properly report >2 TiB partitions.

and some other less serious changes.

PR:		ports/179259
Submitted by:	Adam Nowacki <nowak@tepeserwery.pl>
Submitted by:	bjk (maintainer)
Security:	CVE-2013-1794
03 Jun 2013 06:51:43
Original commit files touched by this commit  1.1_1
Revision:319757
araujo search for other commits by this committer
- Update to 2.7.4.

More info:
https://github.com/SpiderLabs/ModSecurity/blob/master/CHANGES

PR:		ports/179167
Submitted by:	ohauer@
Security:	9dfb63b8-8f36-11e2-b34d-000c2957946c
01 Jun 2013 19:22:39
Original commit files touched by this commit  1.1_1
Revision:319586
rakuco search for other commits by this committer
Remove duplicate optipng vulnerability.

It was separately committed in r315254, so remove the version I added
in r318453.

Reported by:	Alexander Milanov <a@amilanov.com>
01 Jun 2013 16:49:14
Original commit files touched by this commit  1.1_1
Revision:319581
mandree search for other commits by this committer
Add two more URLs to openvpn's vulnerability from March 2013 (CVE-2013-2061)

Security: 92f30415-9935-11e2-ad4c-080027ef73ec
01 Jun 2013 16:47:41
Original commit files touched by this commit  1.1_1
Revision:319579
mandree search for other commits by this committer
- Backport fix for CVE-2013-2061 to openvpn22 and openvpn20;
  while it is unclear whether it affects OpenSSL-builds at all.
  Let's play it safe.
- Reference CVE-2013-2061 name in OpenVPN's VuXML entry
- Mark 2.0.9_4 <= openvpn < 2.1.0 and 2.2.2_2 < openvpn < 2.3.0 not vulnerable
- Mark openvpn22 deprecated and to expire 2013-09-01.
  (openvpn20 is already marked to expire 2013-07-11.)

Security:	CVE-2013-2061
Security:	92f30415-9935-11e2-ad4c-080027ef73ec
01 Jun 2013 08:08:56
Original commit files touched by this commit  1.1_1
Revision:319558
osa search for other commits by this committer
Document passenger vulnerability.
31 May 2013 21:41:56
Original commit files touched by this commit  1.1_1
Revision:319544
lev search for other commits by this committer
  Update subversion ports to 1.7.10 and 1.6.23.
  It fixes 3 security issues:

    CVE-2013-1968: fsfs repository corruption caused by newline characters in
filenames
    CVE-2013-2088: contrib hook-scripts can allow arbitrary code execution
    CVE-2013-2112: svnserve remotely triggerable DoS.

Security:	CVE-2013-1968
Security:	CVE-2013-2088
Security:	CVE-2013-2112
31 May 2013 11:33:41
Original commit files touched by this commit  1.1_1
Revision:319486
crees search for other commits by this committer
Actually remove bitchx-devel and add a VuXML entry.

Security:	CVE-2007-4584
Security:	CVE-2007-5839
Security:	CVE-2007-5922
28 May 2013 14:23:30
Original commit files touched by this commit  1.1_1
Revision:319314
jase search for other commits by this committer
- Document znc null pointer dereference vulnerability.
27 May 2013 00:41:56
Original commit files touched by this commit  1.1_1
Revision:319144
ehaupt search for other commits by this committer
Adjust range for socat entry.
26 May 2013 22:01:38
Original commit files touched by this commit  1.1_1
Revision:319138
ehaupt search for other commits by this committer
Document socat FD leak vulnerability.

Security:	CVE-2013-3571
26 May 2013 20:34:16
Original commit files touched by this commit  1.1_1
Revision:319136
swills search for other commits by this committer
- Add entry for ruby 1.9.3p429
26 May 2013 08:38:26
Original commit files touched by this commit  1.1_1
Revision:319098
delphij search for other commits by this committer
Document couchdb XSS vulnerability.

PR:		ports/178985
Submitted by:	wollman
23 May 2013 15:30:08
Original commit files touched by this commit  1.1_1
Revision:318877
flo search for other commits by this committer
Update to 2.17.1 as the 2.18 release was postponed / cancelled
23 May 2013 08:20:48
Original commit files touched by this commit  1.1_1
Revision:318853
cs search for other commits by this committer
Fix entry date, wrongly entered in revision 318453
23 May 2013 08:02:57
Original commit files touched by this commit  1.1_1
Revision:318851
cs search for other commits by this committer
fix typo in recent otrs vulnerability
23 May 2013 07:58:58
Original commit files touched by this commit  1.1_1
Revision:318850
cs search for other commits by this committer
Add vulnerabilities

Security:	CVE-2013-2637
		CVE-2013-3551
23 May 2013 07:24:40
Original commit files touched by this commit  1.1_1
Revision:318848
matthew search for other commits by this committer
Security Updates

   - www/rt40 to 4.0.13
   - www/rt38 to 3.8.17 [1]

This is a security fix addressing a number of CVEs:

    CVE-2012-4733
    CVE-2013-3368
    CVE-2013-3369
    CVE-2013-3370
    CVE-2013-3371
    CVE-2013-3372
    CVE-2013-3373
    CVE-2013-3374

Users will need to update their database schemas as described in
pkg-message

Approved by:	flo [1]
Security:	3a429192-c36a-11e2-97a9-6805ca0b3d42
22 May 2013 09:14:17
Original commit files touched by this commit  1.1_1
Revision:318751
rene search for other commits by this committer
Fix vuxml by using the correct format for CVE names.

Prodded by:	bz on IRC
22 May 2013 08:45:11
Original commit files touched by this commit  1.1_1
Revision:318748
rene search for other commits by this committer
List vulnerabilities fixed in www/chromium 27.0.1453.93 (which is the
current version in the Ports Collection).
19 May 2013 14:06:36
Original commit files touched by this commit  1.1_1
Revision:318524
rakuco search for other commits by this committer
Patch multiple vulnerabilities in x11-toolkits/plib.

PR:		ports/178710
Submitted by:	Denny Lin <dennylin93@hs.ntnu.edu.tw>
18 May 2013 20:35:07
Original commit files touched by this commit  1.1_1
Revision:318453
rakuco search for other commits by this committer
- Update to 0.7.4
- Add VuXML entry
- Trim Makefile header
- Add LICENSE

PR:		ports/177206
Submitted by:	Alexander Milanov <a@amilanov.com>
Approved by:	Thomas Hurst <tom@hur.st> (maintainer)
Security:	a8818f7f-9182-11e2-9bdf-d48564727302
16 May 2013 22:46:39
Original commit files touched by this commit  1.1_1
Revision:318342
delphij search for other commits by this committer
Update the recent nginx entry to cover the exact version range and include
information for CVE-2013-2070.
16 May 2013 04:14:31
Original commit files touched by this commit  1.1_1
Revision:318273
eadler search for other commits by this committer
Update to the latest version of Adobe Flash
16 May 2013 02:00:38
Original commit files touched by this commit  1.1_1
Revision:318268
flo search for other commits by this committer
- update firefox to 21.0
- update firefox-esr and thunderbird to 17.0.6
- WEBRTC now supports PULSEAUDIO
- make linux-firefox work with plugins again (e.g. quakelive)

Security:		4a1ca8a4-bd82-11e2-b7a0-d43d7e0c7c02
In collaboration with:	Jan Beich <jbeich@tormail.org>
14 May 2013 07:15:24
Original commit files touched by this commit  1.1_1
Revision:318140
osa search for other commits by this committer
Update ranges according latest available information.

Source:	http://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html
13 May 2013 00:08:14
Original commit files touched by this commit  1.1_1
Revision:317985
ashish search for other commits by this committer
- Update emacs entry to correct the version ranges for CVE-2012-3479
07 May 2013 18:58:55
Original commit files touched by this commit  1.1_1
Revision:317627
delphij search for other commits by this committer
Update nginx entry to reflect the right version ranges for CVE-2013-2028.

Note that we don't really have nginx 1.3.9 in the ports collection, due
to the recent ports freeze.  The version 1.3.9 is used here just to
better match the original advisory.
07 May 2013 13:32:03
Original commit files touched by this commit  1.1_1
Revision:317606
osa search for other commits by this committer
Fix typo.

Found by:	ru
07 May 2013 11:35:19
Original commit files touched by this commit  1.1_1
Revision:317599
osa search for other commits by this committer
Document nginx -- a stack-base buffer overflow.
03 May 2013 18:20:43
Original commit files touched by this commit  1.1_1
Revision:317230
ohauer search for other commits by this committer
- fix strongSwan discovery date /2013-05-03/2013-04-30/
03 May 2013 18:16:36
Original commit files touched by this commit  1.1_1
Revision:317229
ohauer search for other commits by this committer
- update to version 5.0.4 which fixes CVE-2013-2944.
- add entry to vuxml
- add CVE references to jankins vuxml entry

while I'm here remove .sh from rc script

PR:		ports/178266
Submitted by:	David Shane Holden <dpejesh@yahoo.com>
Approved by:	strongswan@nanoteq.com (maintainer)
03 May 2013 16:26:20
Original commit files touched by this commit  1.1_1
Revision:317217
lwhsu search for other commits by this committer
Document Jenkins Security Advisory 2013-05-02
02 May 2013 19:41:07
Original commit files touched by this commit  1.1_1
Revision:317143
tmseck search for other commits by this committer
- Add the vendor patch for SQUID-2012:1 (CVE-2012-5643) and update VuXML
  information accordingly
- Bump PORTREVISION

PR:		ports/177773
Submitted by:	Kan Sasaki
Approved by:	flo (mentor)
Security:	c37de843-488e-11e2-a5c9-0019996bc1f7
29 Apr 2013 22:41:58
Original commit files touched by this commit  1.1_1
Revision:316854
des search for other commits by this committer
Add entry for SA-13:05.nfsserver
27 Apr 2013 20:58:01
Original commit files touched by this commit  1.1_1
Revision:316694
nivit search for other commits by this committer
- Document multiple XSS and DDoS vulnerabilities for Joomla!
(2.5.0 <= version < 2.5.10)
24 Apr 2013 20:23:16
Original commit files touched by this commit  1.1_1
Revision:316477
matthew search for other commits by this committer
Security updae to 3.5.8.1

Four new serious security alerts were issued today by the phpMyAdmin
them: PMASA-2013-2 and PMASA-2013-3 are documented in this commit to
vuln.xml.

 - Remote code execution via preg_replace().

 - Locally Saved SQL Dump File Multiple File Extension Remote Code
   Execution.

The other two: PMASA-2013-4 and PMASA-2013-5 only affect PMA 4.0.0
pre-releases earlier than 4.0.0-rc3, which are not available through
the ports.
22 Apr 2013 20:57:03
Original commit files touched by this commit  1.1_1
Revision:316276
dinoex search for other commits by this committer
- Security update to 1.0.21
Security: CVE-2013-1428
20 Apr 2013 16:01:56
Original commit files touched by this commit  1.1_1
Revision:316157
dinoex search for other commits by this committer
- Security fix
Security: CVE-2011-4517 execute arbitrary code on decodes images
Submitted by:   naddy (Christian Weisgerber)
Obtained from:  Fedora
Feature safe: yes
20 Apr 2013 09:24:30
Original commit files touched by this commit  1.1_1
Revision:316134
matthew search for other commits by this committer
Document PMASA-2013-1

It turns out that release 3.5.8 (recently updated in ports) was the
cure to an XSS vulnerability.

Feature safe:  yes
19 Apr 2013 18:03:18
Original commit files touched by this commit  1.1_1
Revision:316114
delphij search for other commits by this committer
Document roundcube arbitrary file disclosure vulnerability.

Reported by:	Marcelo Gondim <gondim bsdinfo com br>
Feature safe:	yes
18 Apr 2013 04:03:08
Original commit files touched by this commit  1.1_1
Revision:316016
dinoex search for other commits by this committer
- add jasper
Feature safe: yes
16 Apr 2013 10:58:16
Original commit files touched by this commit  1.1_1
Revision:315811
araujo search for other commits by this committer
- Update to 2.7.3 due a vulnerability that affect all versions 2.x. [1]
- Update MASTER_SITES.
- Convert to optionsNG.
- Trim header.

More info:
https://github.com/SpiderLabs/ModSecurity/blob/master/CHANGES

Reported by:    olli hauer <ohauer@gmx.de> [1]
Approved by:    portmgr (bdrewery)
Security:       2070c79a-8e1e-11e2-b34d-000c2957946c
15 Apr 2013 12:28:58
Original commit files touched by this commit  1.1_1
Revision:315802
bdrewery search for other commits by this committer
- Update to 0.85
- Convert to new options framework

sieve-connect was not actually verifying TLS certificate identities matched
the expected hostname. Changes with new version:

Fix TLS verification; find server by own hostname & SRV.

* TLS hostname verification was not actually happening.

* IO::Socket::SSL requirement bumped to 1.14 (was 0.97).

* By default, if no server specified, before falling back to localhost try to
use the current hostname and SRV records in DNS to figure out if Sieve is
available. Checks for sieve, imaps & imap protocol SRV records and honours
(Only the first 15 lines of the commit message are shown above View all of this commit message)

Number of commits found: 3446 (showing only 100 on this page)

[First Page]  «  1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11  »  [Last Page]

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
fishSep 29
bash*Sep 25
bash-static*Sep 25
chromiumSep 25
krfbSep 25
linux-c6-nssSep 25
linux-firefoxSep 25
linux-seamonkeySep 25
linux-thunderbirdSep 25
linux_base-c6*Sep 25
nssSep 25
asterisk11Sep 18
squidSep 18
squid33Sep 18
dbusSep 17

9 vulnerabilities affecting 24 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds


Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 24159
Broken 107
Deprecated 27
Ignore 362
Forbidden 3
Restricted 205
No CDROM 93
Vulnerable 20
Expired 1
Set to expire 22
Interactive 0
new 24 hours 8
new 48 hours11
new 7 days51
new fortnight144
new month292

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.