| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
1.1_1
14 Dec 2012 09:09:16
   |
delphij  |
Fix typo.
Noticed by: mandree |
1.1_1
14 Dec 2012 03:51:08
|
jgh |
- add url block in references for 1657a3e6-4585-11e2-a396-10bf48230856 |
1.1_1
14 Dec 2012 00:41:42
|
delphij |
Update linux-f10-flashpulgin11 to 11.2r202.258 to address multiple
vulnerabilities that could cause a crash and potentially allow an
attacker to take control of the affected system.
Submitted by: Tsurutani Naoki <turutani scphys kyoto-u ac jp> |
1.1_1
12 Dec 2012 11:33:17
|
rene |
Document vulnerabilities in www/chromium < 23.0.1271.97
Obtained
from: http://googlechromereleases.blogspot.nl/search/label/Stable%20updates |
1.1_1
05 Dec 2012 23:52:36
|
zi |
- Fix recent vulnerability entry for www/tomcat[67]
Reported by: Victor Balada Diaz <victor@bsdes.net>
Feature safe: yes |
1.1_1
05 Dec 2012 18:47:24
|
zi |
- Document recent vulnerabilities in www/tomcat6 and www/tomcat7
Requested by: Victor Balada Diaz <victor@bsdes.net>
Feature safe: yes |
1.1_1
05 Dec 2012 07:46:03
|
erwin |
Update to the latest patch level from ISC:
BIND 9 nameservers using the DNS64 IPv6 transition mechanism are
vulnerable to a software defect that allows a crafted query to
crash the server with a REQUIRE assertion failure. Remote
exploitation of this defect can be achieved without extensive
effort, resulting in a denial-of-service (DoS) vector against
affected servers.
Security: 2892a8e2-3d68-11e2-8e01-0800273fe665
CVE-2012-5688
Feature safe: yes |
1.1_1
03 Dec 2012 22:49:43
|
mandree |
Add URL for recent bogofilter heap vuln', CVE-2012-5468, aka. vuln vid=
f524d8e0-3d83-11e2-807a-080027ef73ec
Feature safe: yes |
1.1_1
03 Dec 2012 20:16:21
|
mandree |
Update bogofilter to new upstream release 1.2.3.
Security update to fix a heap corruption bug with invalid base64 input,
reported and fixed by Julius Plenz, FU Berlin, Germany.
Feature safe: yes
Security: CVE-2012-5468
Security: f524d8e0-3d83-11e2-807a-080027ef73ec |
1.1_1
30 Nov 2012 09:13:32
|
rene |
Document vulnerabilities in www/chromium < 23.0.1271.95
Obtained
from: http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
Feature safe: yes |
1.1_1
29 Nov 2012 20:33:20
|
ohauer |
www/yahoo-ui
- fix CVE-2012-5881
security/vuxml
- adjust version (we have only 2.8.2 in the tree)
Feature safe: yes
Approved by: glarkin (maintainer) explicit |
1.1_1
28 Nov 2012 14:37:24
|
wxs |
Fix date in yahoo-ui entry.
Noticed by: dvl@
Feature safe: yes |
1.1_1
27 Nov 2012 20:09:35
|
ohauer |
- document www/yahoo-ui security issue and mark port forbidden [1]
pet portlint (maintainer is already notified)
- adjust CVE entries for bugzilla (CVE-2012-5475 was rejected) [2]
Feature safe: yes
Security: CVE-2012-5881 [1][2]
CVE-2012-5882 [1][2]
CVE-2012-5883 [2]
Approved by: glarkin (implicit) [1] |
1.1_1
27 Nov 2012 10:02:25
|
rene |
Describe new vulnerabilities in www/chromium < 23.0.1271.91
Obtained
from: http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
Feature safe: yes |
1.1_1
25 Nov 2012 15:42:23
|
flo |
- Update backports patch to 20121114
- Bump PORTREVISION
Changes:
- CVE-2006-7243
PHP before 5.3.4 accepts the \0 character in a pathname, which might allow
context-dependent attackers to bypass intended access restrictions by placing a
safe file extension after this character, as demonstrated by .php\0.jpg at the
end of the argument to the file_exists function
Secuity 3761df02-0f9c-11e0-becc-0022156e8794 fixed by check in fopen functions
for strlen(filename) != filename_len
- CVE-2012-4388
The sapi_header_op function in main/SAPI.c does not properly determine a pointer (Only the first 15 lines of the commit message are shown above  ) |
1.1_1
25 Nov 2012 04:02:29
|
wxs |
Add entries for the following advisories:
FreeBSD-SA-12:08.linux
FreeBSD-SA-12:07.hostapd
FreeBSD-SA-12:06.bind
Feature safe: yes |
1.1_1
22 Nov 2012 20:27:45
|
dinoex |
- opera -- execution of arbitrary code
Feature safe: yes |
1.1_1
21 Nov 2012 14:35:31
|
mm |
Document new vulnerability in www/lighttpd 1.4.31
Feature safe: yes |
1.1_1
20 Nov 2012 23:01:15
|
flo |
- Update firefox and thunderbird to 17.0
- Update seamonkey to 2.14
- Update ESR ports and libxul to 10.0.11
- support more h264 codecs when using GSTREAMER with YouTube
- Unbreak firefox-esr, thunderbird-esr and libxul on head >= 1000024 [1]
- Buildsystem is not python 3 aware, use python up to 2.7 [2]
PR: ports/173679 [1]
Submitted by: swills [1], demon [2]
In collaboration with: Jan Beich <jbeich@tormail.org>
Security: d23119df-335d-11e2-b64c-c8600054b392
Approved by: portmgr (beat)
Feature safe: yes |
1.1_1
18 Nov 2012 12:51:26
|
jase |
- Fix copy and paste error in latest weechat entry
(81826d12-317a-11e2-9186-406186f3d89d)
Feature safe: yes |
1.1_1
18 Nov 2012 12:46:40
|
jase |
- Document new vulnerability in irc/weechat and irc/weechat-devel
Feature safe: yes |
1.1_1
14 Nov 2012 19:29:42
|
ohauer |
- bugzilla security updates to version(s)
3.6.11, 4.0.8, 4.2.4
Summary
=======
The following security issues have been discovered in Bugzilla:
* Confidential product and component names can be disclosed to
unauthorized users if they are used to control the visibility of
a custom field.
* When calling the 'User.get' WebService method with a 'groups'
argument, it is possible to check if the given group names exist
or not. (Only the first 15 lines of the commit message are shown above ) |
1.1_1
13 Nov 2012 18:17:13
|
jase |
- Update recent weechat entry (e02c572f-2af0-11e2-bb44-003067b2972c)
- Document assigned CVE Identifier
- Document workaround for vulnerable versions
Feature safe: yes |
1.1_1
12 Nov 2012 21:47:27
|
rene |
Document vulnerabilities in two typo3 components.
Obtained
from: http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-005/
Feature safe: yes |
1.1_1
12 Nov 2012 13:07:31
|
madpilot |
Fix typo.
Feature safe: yes |
1.1_1
12 Nov 2012 13:04:37
|
madpilot |
- Update to 2.7.1
- Convert to new options framework
- Document US-CERT VU#268267
- Trim Makefile headers
PR: ports/173226
Submitted by: Hirohisa Yamaguchi <umq@ueo.co.jp> (maintainer)
Feature safe: yes |
1.1_1
10 Nov 2012 15:17:31
|
swills |
- Improve latest ruby entry slightly
Feature safe: yes |
1.1_1
10 Nov 2012 14:45:55
|
jase |
- Modify recent e02c572f-2af0-11e2-bb44-003067b2972c entry
- Add constraints to vulnerable versions
- Add additional references
- Improve topic
- Correct description
Feature safe: yes |
1.1_1
10 Nov 2012 04:55:47
|
eadler |
Apply an upstream patch that fixes a security hole
when receiving a special colored message.
The maintainer was contacted but due to the nature of
the issue apply the patch ASAP.
Approved by: secteam-ports (swills)
Security: e02c572f-2af0-11e2-bb44-003067b2972c
Feature safe: yes |
1.1_1
10 Nov 2012 04:00:41
|
swills |
- Update lang/ruby19 to 1.9.3p327
- Document security issue in earlier versions
Security: 5e647ca3-2aea-11e2-b745-001fd0af1a4c
Feature safe: yes |
1.1_1
09 Nov 2012 23:02:15
|
jgh |
- clarification that ASF reported issue for:
- 152e4c7e-2a2e-11e2-99c7-00a0d181e71d
- 4ca26574-2a2c-11e2-99c7-00a0d181e71d
Feature safe: yes |
1.1_1
09 Nov 2012 19:09:32
|
jgh |
- document tomcat vulnerabilities
Feature safe: yes |
1.1_1
09 Nov 2012 04:31:14
|
eadler |
Update latest version and document security issues
PR: ports/173487
Submitted by: Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>
Security: 4b8b748e-2a24-11e2-bb44-003067b2972c
Feature safe: yes |
1.1_1
07 Nov 2012 10:15:19
|
rene |
Document new vulnerabilities in www/chromium < 23.0.1271.64
Obtained
from: http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
Feature safe: yes |
1.1_1
06 Nov 2012 20:45:14
|
crees |
Document opera vulnerabilities
Feature safe: yes |
1.1_1
05 Nov 2012 17:55:45
|
eadler |
Fix minor typo
Feature safe: yes |
1.1_1
05 Nov 2012 17:53:51
|
eadler |
Update latest version and document security issues
PR: ports/172619
Submitted by: tijl
Security: 36533a59-2770-11e2-bb44-003067b2972c
Feature safe: yes |
1.1_1
03 Nov 2012 11:59:52
|
crees |
Correct plural of "vulnerability"
Feature safe: yes |
1.1_1
02 Nov 2012 18:45:32
|
ohauer |
- update apache22 to version 2.22.23
- trim vuxml/Makefile header
with hat apache@
Feature safe: yes
Security: CVE-2012-2687 |
1.1_1
02 Nov 2012 18:08:19
|
olgeni |
Add entry for webmin < 1.600_1 (potential XSS attack).
Feature safe: yes |
1.1_1
02 Nov 2012 03:17:18
|
bdrewery |
- Document ruby vulnerabilities:
* CVE-2012-4464 + CVE-2012-4466
$SAFE escaping vulnerability about Exception#to_s / NameError#to_s
* CVE-2012-4522
Unintentional file creation caused by inserting an illegal NUL character
Reviewed by: eadler
Feature safe: yes |
1.1_1
01 Nov 2012 14:10:55
|
flo |
Update to 3.8.15
Security: 4b738d54-2427-11e2-9817-c8600054b392
Feature safe: yes |
1.1_1
30 Oct 2012 21:01:17
|
rm |
- update to 7.16 [1]
while here:
- trim Makefile header
- remove indefinite article in COMMENT
- remove IGNORE_WITH_PHP and IGNORE_WITH_PGSQL since
we have not this versions in the tree anymore
- fix pkg-plist
- add vuxml entry
PR: 173211
Submitted by: Rick van der Zwet <info at rickvanderzwet dot nl> [1]
Approved by: Nick Hilliard <nick at foobar dot org> (maintainer)
Security: 2adc3e78-22d1-11e2-b9f0-d0df9acfd7e5
Feature safe: yes |
1.1_1
28 Oct 2012 17:03:29
|
flo |
- Update www/firefox{,-i18n} to 16.0.2
- Update seamonkey to 2.13.2
- Update ESR ports and libxul to 10.0.10
- Update nspr to 4.9.3
- Update nss to 3.14
- with GNOMEVFS2 option build its extension, too [1]
- make heap-committed and heap-dirty reporters work in about:memory
- properly mark QT4 as experimental (needs love upstream)
- *miscellaneous cleanups and fixups*
mail/thunderbird will be updated once the tarballs are available.
PR: ports/173052 [1]
Security: 6b3b1b97-207c-11e2-a03f-c8600054b392
Feature safe: yes
In collaboration with: Jan Beich <jbeich@tormail.org> |
1.1_1
26 Oct 2012 08:46:40
|
rea |
mail/exim: upgrade to 4.80.1
This is bugfix-only release, it eliminates remote code execution
in the DKIM code.
Security: http://www.vuxml.org/freebsd/b0f3ab1f-1f3b-11e2-8fe9-0022156e8794.html
QA page: http://codelabs.ru/fbsd/ports/qa/mail/exim/4.80.1
Feature safe: yes |
1.1_1
25 Oct 2012 19:31:50
|
rm |
- add CVE reference (still in reserved state) for recent django vulnerabilty
Feature safe: yes |
1.1_1
25 Oct 2012 10:12:42
|
rm |
- update django ports to 1.3.4 and 1.4.2, that fixing couple of security issues.
All users are encouraged to upgrade immediately.
- add vuxml entry
changes common for both ports:
- trim Makefile header
- strict python version to 2.x only
- utilize options framework multiple choice feature to let user to choose
database backends needed. Make SQLITE option default
- shorten description of HTMLDOCS_DESC to make it fit into dialog screen
- SITELIBDIR -> PKGNAMEPREFIX change in dependencies
- convert NOPORTDOCS condition to optionsng
- tab -> space change in pkg-descr
PR: 173017
Submitted by: rm (myself)
Approved by: lwhsu (maintainer, by mail)
Security: 5f326d75-1db9-11e2-bc8f-d0df9acfd7e5
Feature safe: yes |
1.1_1
22 Oct 2012 02:37:08
|
wxs |
Document multiple wireshark vulnerabilities.
Feature safe: yes |
1.1_1
18 Oct 2012 04:13:28
|
jgh |
- clarify end-user impact for 57652765-18aa-11e2-8382-00a0d181e71d
Suggested by: simon@
Feature safe: yes |
1.1_1
17 Oct 2012 23:47:28
|
jgh |
- document xlockmore issue, 57652765-18aa-11e2-8382-00a0d181e71d, CVE-2012-4524
Feature safe: yes |
1.1_1
17 Oct 2012 17:22:51
|
sem |
- xinetd vulnerability
Feature safe: yes |
1.1_1
16 Oct 2012 14:37:50
|
glarkin |
- Updated ZF advisory to include similar XEE vulnerability
Feature safe: yes |
1.1_1
16 Oct 2012 14:26:07
|
glarkin |
- Document Zend Framework XXE injection vulnerability
Feature safe: yes |
1.1_1
15 Oct 2012 22:31:39
|
eadler |
Update the distinfo as upstream has changed.
I verfied this to be same content as the old version modulo the copyright.
Approved by: secteam (implicit)
Feature safe: yes |
1.1_1
15 Oct 2012 16:31:40
|
eadler |
Add the CVE for the gitolite vuln.
Feature safe: yes |
1.1_1
15 Oct 2012 16:02:13
|
swills |
- Actually commit the VuXML entry
PR: ports/172565
Feature safe: yes
Pointyhat to: swills |
1.1_1
14 Oct 2012 21:05:33
|
matthew |
Document the latest security vulnerabilities for phpMyAdmin.
Fix was already committed to the port 6 days ago.
Feature safe: yes |
1.1_1
14 Oct 2012 15:30:47
|
zi |
- Add in additional package names for recent bind vulnerability
Feature safe: yes |
1.1_1
11 Oct 2012 19:15:12
|
flo |
- update to 16.0.1
- update vuln.xml entry
Feature safe: yes |
1.1_1
10 Oct 2012 22:07:00
|
rene |
Document a new vulnerability in www/chromium < 22.0.1229.94
Obtained
from: http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
Feature safe: yes |
1.1_1
10 Oct 2012 21:13:07
|
flo |
- Update firefox-esr, thunderbird-esr, linux-firefox and linux-thunderbird to
10.0.8
- Update firefox and thunderbird to 16.0
- Update seamonkey to 2.13
- Update all -i18n ports respectively
- switch firefox 16.0 and seamonkey 2.13 to ALSA by default for better
latency during pause and seeking with HTML5 video
- remove fedisableexcept() hacks, obsolete since FreeBSD 4.0
- support system hunspell dictionaries [1]
- unbreak -esr ports with clang3.2 [2]
- unbreak nss build when CC contains full path [3]
- remove GNOME option grouping [4]
- integrate enigmail into thunderbird/seamonkey as an option [5]
- remove mail/enigmail* [6]
- enable ENIGMAIL, LIGHTNING and GIO options by default
- add more reporters in about:memory: page-faults-hard, page-faults-soft, (Only the first 15 lines of the commit message are shown above ) |
1.1_1
10 Oct 2012 11:54:44
|
erwin |
Upgrade to the latest BIND patch level:
A deliberately constructed combination of records could cause named
to hang while populating the additional section of a response.
Security:
http://www.vuxml.org/freebsd/57a700f9-12c0-11e2-9f86-001d923933b6.html |
1.1_1
03 Oct 2012 12:51:12
|
rm |
- correct the range in last entry (le/lt typo) |
1.1_1
03 Oct 2012 12:33:39
|
rm |
- update to 2.8.10
- add vuxml entry
This release fixes SQL injection vulnerability.
PR: 172114
Submitted by: rm (myself)
Approved by: ports-secteam (eadler)
Security: dee44ba9-08ab-11e2-a044-d0df9acfd7e5 |
1.1_1
27 Sep 2012 17:01:15
|
danfe |
Mark nvidia-driver-173.14.35_1 as not vulnerable. |
1.1_1
26 Sep 2012 21:49:34
|
rene |
Document vulnerabilities in www/chromium < 22.0.1229.79
Obtained
from: http://googlechromereleases.blogspot.nl/search/label/Stable%20updates |
1.1_1
26 Sep 2012 15:37:59
|
glarkin |
- Document remote code execution in ePerl (all versions)
- Deprecate and schedule removal in month - no upstream fix available and
no active development since 1998
Security: 73efb1b7-07ec-11e2-a391-000c29033c32
Security: CVE-2001-0733
Security: http://www.shmoo.com/mail/bugtraq/jun01/msg00286.shtml |
1.1_1
25 Sep 2012 21:41:51
|
glarkin |
- Documented PNG file DoS vulnerability in ImageMagick and GraphicsMagick
- Added -nox11 suffixes to various ImageMagick entries |
1.1_1
23 Sep 2012 12:27:22
|
eadler |
Update vuxml to indicate which versions are vulnerable. |
1.1_1
20 Sep 2012 03:02:43
|
bdrewery |
- Update php52 backports patch to 20120911
- Add and update relevant vuxml entries
Changes:
- CVE-2011-1398 - The sapi_header_op function in main/SAPI.c in PHP
before 5.3.11 does not properly handle %0D sequences
- CVE-2012-0789 - Memory leak in the timezone functionality in PHP
before 5.3.9 allows remote attackers to cause a denial of service
(memory consumption) by triggering many strtotime function calls,
which are not properly handled by the php_date_parse_tzfile cache.
- CVE-2012-3365 - The SQLite functionality in PHP before 5.3.15 allows
remote attackers to bypass the open_basedir protection mechanism via
unspecified vectors
- Timezone database updated to version 2012.5 (2012e) (from 2011.13 (2011m))
- Minor improvements (CVE-2012-2688, compilation issues with old GCC)
PR: ports/171583
Submitted by: Svyatoslav Lempert <svyatoslav.lempert@gmail.com>
Approved by: Alex Keda <admin@lissyara.su> (maintainer) |
1.1_1
20 Sep 2012 01:09:57
|
bdrewery |
- CVE-2012-2688 was addressed by php52-5.2.17_10
PR: ports/170063
PR: ports/171583
Reported by: Svyatoslav Lempert <svyatoslav.lempert@gmail.com>
Security: bdab0acd-d4cd-11e1-8a1c-14dae9ebcf89 |
1.1_1
19 Sep 2012 03:46:36
|
dougb |
Upgrade to the latest BIND patch level:
Prevents a crash when queried for a record whose RDATA exceeds
65535 bytes.
Prevents a crash when validating caused by using "Bad cache" data
before it has been initialized.
ISC_QUEUE handling for recursive clients was updated to address
a race condition that could cause a memory leak. This rarely
occurred with UDP clients, but could be a significant problem
for a server handling a steady rate of TCP queries.
A condition has been corrected where improper handling of
zero-length RDATA could cause undesirable behavior, including
termination of the named process.
For more information: https://kb.isc.org/article/AA-00788 |
1.1_1
17 Sep 2012 18:46:52
|
lwhsu |
Document Jenkins Security Advisory 2012-09-17 |
1.1_1
15 Sep 2012 21:25:33
|
eadler |
include newly 'awarded' CVE |
1.1_1
15 Sep 2012 17:22:33
|
nox |
Add vuxml for older versions of multimedia/vlc .
PR: ports/169985
Submitted by: "Anders N." <wicked@baot.se> |
1.1_1
15 Sep 2012 02:19:37
|
eadler |
Tell the world about the recent bacula vuln |
1.1_1
13 Sep 2012 03:35:09
|
swills |
- Update to 0.10.22.6 which fixes two security issues
- Document security issues in vuxml [1]
Reviewed by: bdrewery [1]
Security: 178ba4ea-fd40-11e1-b2ae-001fd0af1a4c |
1.1_1
12 Sep 2012 07:31:22
|
danfe |
Update NVIDIA arbitrary memory access vulnerability with CVE-2012-4225. |
1.1_1
11 Sep 2012 11:38:53
|
zi |
- Update entry for net/freeradius2 to reflect local patch to address
cve-2012-3547 |
1.1_1
11 Sep 2012 08:46:31
|
rea |
VuXML: document remote code execution in freeRADIUS |
1.1_1
11 Sep 2012 07:51:07
|
rea |
www/moinmoin: fix CVE-2012-4404, wrong processing of group ACLs
Using upstream patch from
http://hg.moinmo.in/moin/1.9/raw-rev/7b9f39289e16
PR: 171346
QA page: http://codelabs.ru/fbsd/ports/qa/www/moinmoin/1.9.4_1
Approved by: khsing.cn@gmail.com (maintainer)
Security: http://www.vuxml.org/freebsd/4f99e2ef-f725-11e1-8bd8-0022156e8794.html |
1.1_1
08 Sep 2012 02:37:32
|
eadler |
Add vim specific modeline to help users write correct vuxml
Submitted by: bdrewery |
1.1_1
07 Sep 2012 23:07:15
|
rakuco |
Document the vulnerability that led to emacs 24.2 |
1.1_1
07 Sep 2012 21:34:03
|
eadler |
Add a sanity check to ensure vuxml is actually installed prior to performing
the tidy step in validate. This step actually requires just the dependancies
but the full validate requires that vuxml be installed.
Reviewed by: simon
Approved by: secteam (implicit) |
1.1_1
07 Sep 2012 20:25:41
|
swills |
- Update to 3.4.2 [1] [2] [3]
- Document security issue [4]
PR: ports/171397 [1]
PR: ports/171404 [2]
PR: ports/171405 [3]
Submitted by: Yuan-Chung Hsiao <ychsiao@ychsiao.org> (maintainer) [1]
Submitted by: Joe Horn <joehorn@gmail.com> (maintainer) [2] [3]
Reviewed by: eadler [4]
Security: 30149157-f926-11e1-95cd-001fd0af1a4c |
1.1_1
06 Sep 2012 06:10:42
|
rea |
VuXML: add <modified> tag for Wireshark's entry for CVE-2012-3548 |
1.1_1
05 Sep 2012 16:02:11
|
marcus |
Change the wireshark version for the DRDA fix. |
1.1_1
05 Sep 2012 10:42:38
|
rea |
VuXML: document XSS in MoinMoin before 1.9.4 via RST parser |
1.1_1
05 Sep 2012 09:47:35
|
rea |
VuXML: document wrong group ACL processing in MoinMoin |
1.1_1
05 Sep 2012 06:29:39
|
rea |
PHP 5.x: document header splitting vulnerability
There is a related CVE number (CVE-2012-4388), but there is no current
consensus about it:
http://article.gmane.org/gmane.comp.security.oss.general/8303 |
1.1_1
04 Sep 2012 21:05:15
|
mandree |
Modify fetchmail vuln' URLs to established site.
While at it, adjust the two oldest topics to current format, for uniformity,
on, for instance, http://www.vuxml.org/freebsd/pkg-fetchmail.html. |
1.1_1
04 Sep 2012 13:45:28
|
rea |
security/squidclamav: fix DoS and XSS vulnerabilities
Apply upstream patches for CVE-2012-3501 and CVE-2012-4667.
Security: http://www.vuxml.org/freebsd/ce680f0a-eea6-11e1-8bd8-0022156e8794.html
Security: http://www.vuxml.org/freebsd/8defa0f9-ee8a-11e1-8bd8-0022156e8794.html
PR: 171022
QA page: http://codelabs.ru/fbsd/ports/qa/security/squidclamav/5.7_1
Approved by: maintainer timeout (1 week) |
1.1_1
02 Sep 2012 02:57:38
|
eadler |
Inform the community about a recent bitcoin DoS vuln.
Reviewed by: swills |
1.1_1
01 Sep 2012 20:16:06
|
ohauer |
- update bugzilla bugzilla3 and bugzilla42
- use new bugzilla@ address (members skv@, tota@, ohauer@)
- patch russian/japanese/german bugzilla and bugzilla templates
so the reflect the security updates in the original templates
- patch german/bugzilla42 templates
- adopt new Makefile header
vuxml: 6ad18fe5-f469-11e1-920d-20cf30e32f6d
CVE: CVE-2012-3981
https://bugzilla.mozilla.org/show_bug.cgi?id=785470
https://bugzilla.mozilla.org/show_bug.cgi?id=785522
https://bugzilla.mozilla.org/show_bug.cgi?id=785511 |
1.1_1
01 Sep 2012 18:50:14
|
rea |
VuXML: document CVE-2012-3534, DoS via large number of connections |
1.1_1
01 Sep 2012 17:40:16
|
eadler |
vuxml matches on PKGNAME, not on the port directory.
mediawiki118 has PKGNAME mediawiki-1.18.4 |
1.1_1
01 Sep 2012 17:16:50
|
rea |
Add "modified" tag to the Java 7 entry
Forgot to do it at r303435.
Spotted by: wxs
Pointyhat to: rea |
1.1_1
01 Sep 2012 12:44:33
|
wen |
- Update www/mediawiki to 1.19.2
- Update www/mediawiki118 to 1.18.5
- Document the security bugs |
1.1_1
31 Aug 2012 16:58:42
|
rea |
VuXML: update Java 7 entry with Oracle-provided details
Oracle's Java 7 update 7 fixes CVE-2012-4681. |
1.1_1
31 Aug 2012 15:17:13
|
mandree |
Tidy up paragraph formatting (it passed "make validate" before).
Suggested by: wxs |
As an Amazon Associate I earn from qualifying purchases.
