FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

I am looking for an LTO tape library. Do you have one to spare?
Port details
vuxml 1.1_1 security on this many watch lists=27 search for ports that depend on this port
Vulnerability and eXposure Markup Language DTD
Maintained by: ports-secteam@FreeBSD.org search for ports maintained by this maintainer
Port Added: 12 Feb 2004 14:24:23
Also Listed In: textproc
License: not specified in port


VuXML (the Vulnerability and eXposure Markup Language) is an XML
application for documenting security bugs and corrections within
a software package collection such as the FreeBSD Ports Collection.
This port installs the DTDs required for validating VuXML documents.
SVNWeb : Distfiles Availability : PortsMon

NOTE: FreshPorts displays only required dependencies information. Optional dependencies are not covered.

Required To Run:
  1. textproc/xmlcatmgr
  2. textproc/xhtml-modularization
  3. textproc/xhtml-basic
  4. lang/python27
There are no ports dependent upon this port

To install the port: cd /usr/ports/security/vuxml/ && make install clean
To add the package: pkg install security/vuxml


Configuration Options
     No options to configure

Master Sites:
  1. ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/vuxml/
  2. http://www.vuxml.org/dtd/vuxml-1/

Number of commits found: 3342 (showing only 100 on this page)

[First Page]  «  1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11  »  [Last Page]

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
03 Jan 2013 19:41:31
Original commit files touched by this commit  1.1_1
Revision:309903
flo search for other commits by this committer
- update net/asterisk to 1.8.19.1
- update net/asterisk10 to 10.11.1
- update net/asterisk11 to 10.1.2
- add vuln.xml entry

Security:	f7c87a8a-55d5-11e2-a255-c8600054b392
02 Jan 2013 12:28:47
Original commit files touched by this commit  1.1_1
Revision:309813
crees search for other commits by this committer
Note charybdis and ircd-ratbox vulnerabilities

PR:		ports/174878
Security:	http://www.ratbox.org/ASA-2012-12-31.txt
30 Dec 2012 23:13:04
Original commit files touched by this commit  1.1_1
Revision:309700
anders search for other commits by this committer
Separate entries for Puppet 2.6 and 2.7.
30 Dec 2012 20:10:42
Original commit files touched by this commit  1.1_1
Revision:309688
cs search for other commits by this committer
Add OTRS vulnerabilities
29 Dec 2012 19:53:47
Original commit files touched by this commit  1.1_1
Revision:309629
rea search for other commits by this committer
VuXML entries for Tomcat: split into three distinct ones

They affect different Tomcat versions from 7.x branch, so don't let
users of VuXML be fooled on the affected software for each vulnerability.

Feature safe:	yes
28 Dec 2012 18:17:22
Original commit files touched by this commit  1.1_1
Revision:309576
rea search for other commits by this committer
VuXML: add entry for DoS in Squid's cachemgr.cgi

Feature safe:	yes
Submitted by:	Thomas-Martin Seck <tmseck@web.de>
18 Dec 2012 16:34:14
Original commit files touched by this commit  1.1_1
Revision:309196
bdrewery search for other commits by this committer
Remove invalid entry
18 Dec 2012 16:28:57
Original commit files touched by this commit  1.1_1
Revision:309195
dinoex search for other commits by this committer
- add entry for opera 12.11
14 Dec 2012 09:09:16
Original commit files touched by this commit  1.1_1
Revision:308891
delphij search for other commits by this committer
Fix typo.

Noticed by:	mandree
14 Dec 2012 03:51:08
Original commit files touched by this commit  1.1_1
Revision:308880
jgh search for other commits by this committer
- add url block in references for 1657a3e6-4585-11e2-a396-10bf48230856
14 Dec 2012 00:41:42
Original commit files touched by this commit  1.1_1
Revision:308874
delphij search for other commits by this committer
Update linux-f10-flashpulgin11 to 11.2r202.258 to address multiple
vulnerabilities that could cause a crash and potentially allow an
attacker to take control of the affected system.

Submitted by:	Tsurutani Naoki <turutani scphys kyoto-u ac jp>
12 Dec 2012 11:33:17
Original commit files touched by this commit  1.1_1
Revision:308757
rene search for other commits by this committer
Document vulnerabilities in www/chromium < 23.0.1271.97

Obtained
from:	http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
05 Dec 2012 23:52:36
Original commit files touched by this commit  1.1_1
Revision:308355
zi search for other commits by this committer
- Fix recent vulnerability entry for www/tomcat[67]

Reported by:	Victor Balada Diaz <victor@bsdes.net>
Feature safe:	yes
05 Dec 2012 18:47:24
Original commit files touched by this commit  1.1_1
Revision:308343
zi search for other commits by this committer
- Document recent vulnerabilities in www/tomcat6 and www/tomcat7

Requested by:	Victor Balada Diaz <victor@bsdes.net>
Feature safe:	yes
05 Dec 2012 07:46:03
Original commit files touched by this commit  1.1_1
Revision:308317
erwin search for other commits by this committer
Update to the latest patch level from ISC:

  BIND 9 nameservers using the DNS64 IPv6 transition mechanism are
  vulnerable to a software defect that allows a crafted query to
  crash the server with a REQUIRE assertion failure.  Remote
  exploitation of this defect can be achieved without extensive
  effort, resulting in a denial-of-service (DoS) vector against
  affected servers.

Security:	2892a8e2-3d68-11e2-8e01-0800273fe665
		CVE-2012-5688
Feature safe:	yes
03 Dec 2012 22:49:43
Original commit files touched by this commit  1.1_1
Revision:308178
mandree search for other commits by this committer
Add URL for recent bogofilter heap vuln', CVE-2012-5468, aka. vuln vid=
f524d8e0-3d83-11e2-807a-080027ef73ec

Feature safe: yes
03 Dec 2012 20:16:21
Original commit files touched by this commit  1.1_1
Revision:308171
mandree search for other commits by this committer
Update bogofilter to new upstream release 1.2.3.
Security update to fix a heap corruption bug with invalid base64 input,
reported and fixed by Julius Plenz, FU Berlin, Germany.

Feature safe:   yes
Security:       CVE-2012-5468
Security:       f524d8e0-3d83-11e2-807a-080027ef73ec
30 Nov 2012 09:13:32
Original commit files touched by this commit  1.1_1
Revision:308000
rene search for other commits by this committer
Document vulnerabilities in www/chromium < 23.0.1271.95

Obtained
from:	http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
Feature safe:	yes
29 Nov 2012 20:33:20
Original commit files touched by this commit  1.1_1
Revision:307978
ohauer search for other commits by this committer
www/yahoo-ui
 - fix CVE-2012-5881

security/vuxml
 - adjust version (we have only 2.8.2 in the tree)

Feature safe: yes

Approved by:	glarkin (maintainer) explicit
28 Nov 2012 14:37:24
Original commit files touched by this commit  1.1_1
Revision:307907
wxs search for other commits by this committer
Fix date in yahoo-ui entry.

Noticed by:	dvl@
Feature safe:	yes
27 Nov 2012 20:09:35
Original commit files touched by this commit  1.1_1
Revision:307861
ohauer search for other commits by this committer
- document www/yahoo-ui security issue and mark port forbidden [1]
  pet portlint (maintainer is already notified)

- adjust CVE entries for bugzilla (CVE-2012-5475 was rejected) [2]

Feature safe: yes

Security:	CVE-2012-5881 [1][2]
		CVE-2012-5882 [1][2]
		CVE-2012-5883 [2]

Approved by:	glarkin (implicit) [1]
27 Nov 2012 10:02:25
Original commit files touched by this commit  1.1_1
Revision:307828
rene search for other commits by this committer
Describe new vulnerabilities in www/chromium < 23.0.1271.91

Obtained
from:	http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
Feature safe:	yes
25 Nov 2012 15:42:23
Original commit files touched by this commit  1.1_1
Revision:307747
flo search for other commits by this committer
- Update backports patch to 20121114
- Bump PORTREVISION

Changes:
- CVE-2006-7243
PHP before 5.3.4 accepts the \0 character in a pathname, which might allow
context-dependent attackers to bypass intended access restrictions by placing a
safe file extension after this character, as demonstrated by .php\0.jpg at the
end of the argument to the file_exists function

Secuity 3761df02-0f9c-11e0-becc-0022156e8794 fixed by check in fopen functions
for strlen(filename) != filename_len

- CVE-2012-4388
The sapi_header_op function in main/SAPI.c does not properly determine a pointer
(Only the first 15 lines of the commit message are shown above View all of this commit message)
25 Nov 2012 04:02:29
Original commit files touched by this commit  1.1_1
Revision:307733
wxs search for other commits by this committer
Add entries for the following advisories:

FreeBSD-SA-12:08.linux
FreeBSD-SA-12:07.hostapd
FreeBSD-SA-12:06.bind

Feature safe:	yes
22 Nov 2012 20:27:45
Original commit files touched by this commit  1.1_1
Revision:307666
dinoex search for other commits by this committer
- opera -- execution of arbitrary code
Feature safe: yes
21 Nov 2012 14:35:31
Original commit files touched by this commit  1.1_1
Revision:307616
mm search for other commits by this committer
Document new vulnerability in www/lighttpd 1.4.31

Feature safe:	yes
20 Nov 2012 23:01:15
Original commit files touched by this commit  1.1_1
Revision:307606
flo search for other commits by this committer
- Update firefox and thunderbird to 17.0
- Update seamonkey to 2.14
- Update ESR ports and libxul to 10.0.11
- support more h264 codecs when using GSTREAMER with YouTube
- Unbreak firefox-esr, thunderbird-esr and libxul on head >= 1000024 [1]
- Buildsystem is not python 3 aware, use python up to 2.7 [2]

PR:		ports/173679 [1]
Submitted by:	swills [1], demon [2]
In collaboration with:	Jan Beich <jbeich@tormail.org>
Security:	d23119df-335d-11e2-b64c-c8600054b392
Approved by:	portmgr (beat)
Feature safe:	yes
18 Nov 2012 12:51:26
Original commit files touched by this commit  1.1_1
Revision:307535
jase search for other commits by this committer
- Fix copy and paste error in latest weechat entry
  (81826d12-317a-11e2-9186-406186f3d89d)

Feature safe:	yes
18 Nov 2012 12:46:40
Original commit files touched by this commit  1.1_1
Revision:307534
jase search for other commits by this committer
- Document new vulnerability in irc/weechat and irc/weechat-devel

Feature safe:	yes
14 Nov 2012 19:29:42
Original commit files touched by this commit  1.1_1
Revision:307425
ohauer search for other commits by this committer
- bugzilla security updates to version(s)
  3.6.11, 4.0.8, 4.2.4

Summary
=======

The following security issues have been discovered in Bugzilla:

* Confidential product and component names can be disclosed to
  unauthorized users if they are used to control the visibility of
  a custom field.

* When calling the 'User.get' WebService method with a 'groups'
  argument, it is possible to check if the given group names exist
  or not.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
13 Nov 2012 18:17:13
Original commit files touched by this commit  1.1_1
Revision:307387
jase search for other commits by this committer
- Update recent weechat entry (e02c572f-2af0-11e2-bb44-003067b2972c)

- Document assigned CVE Identifier
- Document workaround for vulnerable versions

Feature safe:	yes
12 Nov 2012 21:47:27
Original commit files touched by this commit  1.1_1
Revision:307348
rene search for other commits by this committer
Document vulnerabilities in two typo3 components.

Obtained
from:	http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-005/
Feature safe:	yes
12 Nov 2012 13:07:31
Original commit files touched by this commit  1.1_1
Revision:307335
madpilot search for other commits by this committer
Fix typo.

Feature safe:	yes
12 Nov 2012 13:04:37
Original commit files touched by this commit  1.1_1
Revision:307334
madpilot search for other commits by this committer
- Update to 2.7.1
- Convert to new options framework
- Document US-CERT VU#268267
- Trim Makefile headers

PR:		ports/173226
Submitted by:	Hirohisa Yamaguchi <umq@ueo.co.jp> (maintainer)
Feature safe:	yes
10 Nov 2012 15:17:31
Original commit files touched by this commit  1.1_1
Revision:307286
swills search for other commits by this committer
- Improve latest ruby entry slightly

Feature safe:	yes
10 Nov 2012 14:45:55
Original commit files touched by this commit  1.1_1
Revision:307282
jase search for other commits by this committer
- Modify recent e02c572f-2af0-11e2-bb44-003067b2972c entry

- Add constraints to vulnerable versions
- Add additional references
- Improve topic
- Correct description

Feature safe:	yes
10 Nov 2012 04:55:47
Original commit files touched by this commit  1.1_1
Revision:307263
eadler search for other commits by this committer
Apply an upstream patch that fixes a security hole
when receiving a special colored message.

The maintainer was contacted but due to the nature of
the issue apply the patch ASAP.

Approved by:	secteam-ports (swills)
Security:	e02c572f-2af0-11e2-bb44-003067b2972c
Feature safe:	yes
10 Nov 2012 04:00:41
Original commit files touched by this commit  1.1_1
Revision:307261
swills search for other commits by this committer
- Update lang/ruby19 to 1.9.3p327
- Document security issue in earlier versions

Security:	5e647ca3-2aea-11e2-b745-001fd0af1a4c
Feature safe:	yes
09 Nov 2012 23:02:15
Original commit files touched by this commit  1.1_1
Revision:307259
jgh search for other commits by this committer
- clarification that ASF reported issue for:
 - 152e4c7e-2a2e-11e2-99c7-00a0d181e71d
 - 4ca26574-2a2c-11e2-99c7-00a0d181e71d

Feature safe:	yes
09 Nov 2012 19:09:32
Original commit files touched by this commit  1.1_1
Revision:307247
jgh search for other commits by this committer
- document tomcat vulnerabilities

Feature safe:	yes
09 Nov 2012 04:31:14
Original commit files touched by this commit  1.1_1
Revision:307221
eadler search for other commits by this committer
Update latest version and document security issues

PR:	ports/173487
Submitted by:	 Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>
Security:	4b8b748e-2a24-11e2-bb44-003067b2972c
Feature safe:	yes
07 Nov 2012 10:15:19
Original commit files touched by this commit  1.1_1
Revision:307128
rene search for other commits by this committer
Document new vulnerabilities in www/chromium < 23.0.1271.64

Obtained
from:	http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
Feature safe:	yes
06 Nov 2012 20:45:14
Original commit files touched by this commit  1.1_1
Revision:307094
crees search for other commits by this committer
Document opera vulnerabilities

Feature safe:	yes
05 Nov 2012 17:55:45
Original commit files touched by this commit  1.1_1
Revision:307020
eadler search for other commits by this committer
Fix minor typo

Feature safe:	yes
05 Nov 2012 17:53:51
Original commit files touched by this commit  1.1_1
Revision:307018
eadler search for other commits by this committer
Update latest version and document security issues

PR:	ports/172619
Submitted by:	tijl
Security:	36533a59-2770-11e2-bb44-003067b2972c
Feature safe:	yes
03 Nov 2012 11:59:52
Original commit files touched by this commit  1.1_1
Revision:306911
crees search for other commits by this committer
Correct plural of "vulnerability"

Feature safe:	yes
02 Nov 2012 18:45:32
Original commit files touched by this commit  1.1_1
Revision:306878
ohauer search for other commits by this committer
- update apache22 to version 2.22.23
- trim vuxml/Makefile header

with hat apache@

Feature safe: yes

Security:       CVE-2012-2687
02 Nov 2012 18:08:19
Original commit files touched by this commit  1.1_1
Revision:306877
olgeni search for other commits by this committer
Add entry for webmin < 1.600_1 (potential XSS attack).

Feature safe:	yes
02 Nov 2012 03:17:18
Original commit files touched by this commit  1.1_1
Revision:306834
bdrewery search for other commits by this committer
- Document ruby vulnerabilities:
 * CVE-2012-4464 + CVE-2012-4466
   $SAFE escaping vulnerability about Exception#to_s / NameError#to_s
 * CVE-2012-4522
   Unintentional file creation caused by inserting an illegal NUL character

Reviewed by:	eadler
Feature safe:	yes
01 Nov 2012 14:10:55
Original commit files touched by this commit  1.1_1
Revision:306803
flo search for other commits by this committer
Update to 3.8.15

Security:	4b738d54-2427-11e2-9817-c8600054b392
Feature safe:	yes
30 Oct 2012 21:01:17
Original commit files touched by this commit  1.1_1
Revision:306716
rm search for other commits by this committer
- update to 7.16 [1]

while here:
- trim Makefile header
- remove indefinite article in COMMENT
- remove IGNORE_WITH_PHP and IGNORE_WITH_PGSQL since
  we have not this versions in the tree anymore
- fix pkg-plist
- add vuxml entry

PR:		173211
Submitted by:	Rick van der Zwet <info at rickvanderzwet dot nl> [1]
Approved by:	Nick Hilliard <nick at foobar dot org> (maintainer)
Security:	2adc3e78-22d1-11e2-b9f0-d0df9acfd7e5
Feature safe:   yes
28 Oct 2012 17:03:29
Original commit files touched by this commit  1.1_1
Revision:306558
flo search for other commits by this committer
- Update www/firefox{,-i18n} to 16.0.2
- Update seamonkey to 2.13.2
- Update ESR ports and libxul to 10.0.10
- Update nspr to 4.9.3
- Update nss to 3.14
- with GNOMEVFS2 option build its extension, too [1]
- make heap-committed and heap-dirty reporters work in about:memory
- properly mark QT4 as experimental (needs love upstream)
- *miscellaneous cleanups and fixups*

mail/thunderbird will be updated once the tarballs are available.

PR:		ports/173052 [1]
Security:	6b3b1b97-207c-11e2-a03f-c8600054b392
Feature safe:	yes
In collaboration with:	Jan Beich <jbeich@tormail.org>
26 Oct 2012 08:46:40
Original commit files touched by this commit  1.1_1
Revision:306428
rea search for other commits by this committer
mail/exim: upgrade to 4.80.1

This is bugfix-only release, it eliminates remote code execution
in the DKIM code.

Security: http://www.vuxml.org/freebsd/b0f3ab1f-1f3b-11e2-8fe9-0022156e8794.html
QA page: http://codelabs.ru/fbsd/ports/qa/mail/exim/4.80.1
Feature safe: yes
25 Oct 2012 19:31:50
Original commit files touched by this commit  1.1_1
Revision:306393
rm search for other commits by this committer
- add CVE reference (still in reserved state) for recent django vulnerabilty

Feature safe:	yes
25 Oct 2012 10:12:42
Original commit files touched by this commit  1.1_1
Revision:306376
rm search for other commits by this committer
- update django ports to 1.3.4 and 1.4.2, that fixing couple of security issues.
  All users are encouraged to upgrade immediately.
- add vuxml entry

changes common for both ports:
- trim Makefile header
- strict python version to 2.x only
- utilize options framework multiple choice feature to let user to choose
  database backends needed. Make SQLITE option default
- shorten description of HTMLDOCS_DESC to make it fit into dialog screen
- SITELIBDIR -> PKGNAMEPREFIX change in dependencies
- convert NOPORTDOCS condition to optionsng
- tab -> space change in pkg-descr

PR:		173017
Submitted by:	rm (myself)
Approved by:	lwhsu (maintainer, by mail)
Security:	5f326d75-1db9-11e2-bc8f-d0df9acfd7e5
Feature safe:   yes
22 Oct 2012 02:37:08
Original commit files touched by this commit  1.1_1
Revision:306252
wxs search for other commits by this committer
Document multiple wireshark vulnerabilities.

Feature safe:	yes
18 Oct 2012 04:13:28
Original commit files touched by this commit  1.1_1
Revision:306051
jgh search for other commits by this committer
- clarify end-user impact for 57652765-18aa-11e2-8382-00a0d181e71d
Suggested by:	simon@
Feature safe:	yes
17 Oct 2012 23:47:28
Original commit files touched by this commit  1.1_1
Revision:306041
jgh search for other commits by this committer
- document xlockmore issue, 57652765-18aa-11e2-8382-00a0d181e71d, CVE-2012-4524
Feature safe:	yes
17 Oct 2012 17:22:51
Original commit files touched by this commit  1.1_1
Revision:306024
sem search for other commits by this committer
- xinetd vulnerability

Feature safe:	yes
16 Oct 2012 14:37:50
Original commit files touched by this commit  1.1_1
Revision:305978
glarkin search for other commits by this committer
- Updated ZF advisory to include similar XEE vulnerability

Feature safe:	yes
16 Oct 2012 14:26:07
Original commit files touched by this commit  1.1_1
Revision:305974
glarkin search for other commits by this committer
- Document Zend Framework XXE injection vulnerability

Feature safe:	yes
15 Oct 2012 22:31:39
Original commit files touched by this commit  1.1_1
Revision:305941
eadler search for other commits by this committer
Update the distinfo as upstream has changed.

I verfied this to be same content as the old version modulo the copyright.

Approved by:	secteam (implicit)
Feature safe:	yes
15 Oct 2012 16:31:40
Original commit files touched by this commit  1.1_1
Revision:305922
eadler search for other commits by this committer
Add the CVE for the gitolite vuln.

Feature safe:	yes
15 Oct 2012 16:02:13
Original commit files touched by this commit  1.1_1
Revision:305918
swills search for other commits by this committer
- Actually commit the VuXML entry

PR:		ports/172565
Feature safe:	yes
Pointyhat to:	swills
14 Oct 2012 21:05:33
Original commit files touched by this commit  1.1_1
Revision:305894
matthew search for other commits by this committer
Document the latest security vulnerabilities for phpMyAdmin.
Fix was already committed to the port 6 days ago.

Feature safe:	yes
14 Oct 2012 15:30:47
Original commit files touched by this commit  1.1_1
Revision:305882
zi search for other commits by this committer
- Add in additional package names for recent bind vulnerability

Feature safe:	yes
11 Oct 2012 19:15:12
Original commit files touched by this commit  1.1_1
Revision:305736
flo search for other commits by this committer
- update to 16.0.1
- update vuln.xml entry

Feature safe:   yes
10 Oct 2012 22:07:00
Original commit files touched by this commit  1.1_1
Revision:305692
rene search for other commits by this committer
Document a new vulnerability in www/chromium < 22.0.1229.94

Obtained
from:	http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
Feature safe:	yes
10 Oct 2012 21:13:07
Original commit files touched by this commit  1.1_1
Revision:305684
flo search for other commits by this committer
- Update firefox-esr, thunderbird-esr, linux-firefox and linux-thunderbird to
10.0.8
- Update firefox and thunderbird to 16.0
- Update seamonkey to 2.13
- Update all -i18n ports respectively
- switch firefox 16.0 and seamonkey 2.13 to ALSA by default for better
  latency during pause and seeking with HTML5 video
- remove fedisableexcept() hacks, obsolete since FreeBSD 4.0
- support system hunspell dictionaries [1]
- unbreak -esr ports with clang3.2 [2]
- unbreak nss build when CC contains full path [3]
- remove GNOME option grouping [4]
- integrate enigmail into thunderbird/seamonkey as an option [5]
- remove mail/enigmail* [6]
- enable ENIGMAIL, LIGHTNING and GIO options by default
- add more reporters in about:memory: page-faults-hard, page-faults-soft,
(Only the first 15 lines of the commit message are shown above View all of this commit message)
10 Oct 2012 11:54:44
Original commit files touched by this commit  1.1_1
Revision:305645
erwin search for other commits by this committer
Upgrade to the latest BIND patch level:

A deliberately constructed combination of records could cause named
to hang while populating the additional section of a response.

Security:	 
http://www.vuxml.org/freebsd/57a700f9-12c0-11e2-9f86-001d923933b6.html
03 Oct 2012 12:51:12
Original commit files touched by this commit  1.1_1
Revision:305201
rm search for other commits by this committer
- correct the range in last entry (le/lt typo)
03 Oct 2012 12:33:39
Original commit files touched by this commit  1.1_1
Revision:305200
rm search for other commits by this committer
- update to 2.8.10
- add vuxml entry

This release fixes SQL injection vulnerability.

PR:		172114
Submitted by:	rm (myself)
Approved by:	ports-secteam (eadler)
Security:	dee44ba9-08ab-11e2-a044-d0df9acfd7e5
27 Sep 2012 17:01:15
Original commit files touched by this commit  1.1_1
Revision:304967
danfe search for other commits by this committer
Mark nvidia-driver-173.14.35_1 as not vulnerable.
26 Sep 2012 21:49:34
Original commit files touched by this commit  1.1_1
Revision:304933
rene search for other commits by this committer
Document vulnerabilities in www/chromium < 22.0.1229.79

Obtained
from:	http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
26 Sep 2012 15:37:59
Original commit files touched by this commit  1.1_1
Revision:304919
glarkin search for other commits by this committer
- Document remote code execution in ePerl (all versions)
- Deprecate and schedule removal in month - no upstream fix available and
  no active development since 1998

Security:	73efb1b7-07ec-11e2-a391-000c29033c32
Security:	CVE-2001-0733
Security:	http://www.shmoo.com/mail/bugtraq/jun01/msg00286.shtml
25 Sep 2012 21:41:51
Original commit files touched by this commit  1.1_1
Revision:304862
glarkin search for other commits by this committer
- Documented PNG file DoS vulnerability in ImageMagick and GraphicsMagick
- Added -nox11 suffixes to various ImageMagick entries
23 Sep 2012 12:27:22
Original commit files touched by this commit  1.1_1
Revision:304735
eadler search for other commits by this committer
Update vuxml to indicate which versions are vulnerable.
20 Sep 2012 03:02:43
Original commit files touched by this commit  1.1_1
Revision:304559
bdrewery search for other commits by this committer
- Update php52 backports patch to 20120911
- Add and update relevant vuxml entries

Changes:
  - CVE-2011-1398 - The sapi_header_op function in main/SAPI.c in PHP
    before 5.3.11 does not properly handle %0D sequences
  - CVE-2012-0789 - Memory leak in the timezone functionality in PHP
    before 5.3.9 allows remote attackers to cause a denial of service
    (memory consumption) by triggering many strtotime function calls,
    which are not properly handled by the php_date_parse_tzfile cache.
  - CVE-2012-3365 - The SQLite functionality in PHP before 5.3.15 allows
    remote attackers to bypass the open_basedir protection mechanism via
     unspecified vectors
  - Timezone database updated to version 2012.5 (2012e) (from 2011.13 (2011m))
  - Minor improvements (CVE-2012-2688, compilation issues with old GCC)

PR:		ports/171583
Submitted by:	Svyatoslav Lempert <svyatoslav.lempert@gmail.com>
Approved by:	Alex Keda <admin@lissyara.su> (maintainer)
20 Sep 2012 01:09:57
Original commit files touched by this commit  1.1_1
Revision:304558
bdrewery search for other commits by this committer
- CVE-2012-2688 was addressed by php52-5.2.17_10

PR:		ports/170063
PR:		ports/171583
Reported by:	Svyatoslav Lempert <svyatoslav.lempert@gmail.com>
Security:	bdab0acd-d4cd-11e1-8a1c-14dae9ebcf89
19 Sep 2012 03:46:36
Original commit files touched by this commit  1.1_1
Revision:304476
dougb search for other commits by this committer
Upgrade to the latest BIND patch level:

Prevents a crash when queried for a record whose RDATA exceeds
65535 bytes.

Prevents a crash when validating caused by using "Bad cache" data
before it has been initialized.

ISC_QUEUE handling for recursive clients was updated to address
a race condition that could cause a memory leak. This rarely
occurred with UDP clients, but could be a significant problem
for a server handling a steady rate of TCP queries.

A condition has been corrected where improper handling of
zero-length RDATA could cause undesirable behavior, including
termination of the named process.

For more information: https://kb.isc.org/article/AA-00788
17 Sep 2012 18:46:52
Original commit files touched by this commit  1.1_1
Revision:304415
lwhsu search for other commits by this committer
Document Jenkins Security Advisory 2012-09-17
15 Sep 2012 21:25:33
Original commit files touched by this commit  1.1_1
Revision:304327
eadler search for other commits by this committer
include newly 'awarded' CVE
15 Sep 2012 17:22:33
Original commit files touched by this commit  1.1_1
Revision:304320
nox search for other commits by this committer
Add vuxml for older versions of multimedia/vlc .

PR:		ports/169985
Submitted by:	"Anders N." <wicked@baot.se>
15 Sep 2012 02:19:37
Original commit files touched by this commit  1.1_1
Revision:304305
eadler search for other commits by this committer
Tell the world about the recent bacula vuln
13 Sep 2012 03:35:09
Original commit files touched by this commit  1.1_1
Revision:304170
swills search for other commits by this committer
- Update to 0.10.22.6 which fixes two security issues
- Document security issues in vuxml [1]

Reviewed by:	bdrewery [1]
Security:	178ba4ea-fd40-11e1-b2ae-001fd0af1a4c
12 Sep 2012 07:31:22
Original commit files touched by this commit  1.1_1
Revision:304136
danfe search for other commits by this committer
Update NVIDIA arbitrary memory access vulnerability with CVE-2012-4225.
11 Sep 2012 11:38:53
Original commit files touched by this commit  1.1_1
Revision:304088
zi search for other commits by this committer
- Update entry for net/freeradius2 to reflect local patch to address
cve-2012-3547
11 Sep 2012 08:46:31
Original commit files touched by this commit  1.1_1
Revision:304085
rea search for other commits by this committer
VuXML: document remote code execution in freeRADIUS
11 Sep 2012 07:51:07
Original commit files touched by this commit  1.1_1
Revision:304084
rea search for other commits by this committer
www/moinmoin: fix CVE-2012-4404, wrong processing of group ACLs

Using upstream patch from
  http://hg.moinmo.in/moin/1.9/raw-rev/7b9f39289e16

PR:		171346
QA page:	http://codelabs.ru/fbsd/ports/qa/www/moinmoin/1.9.4_1
Approved by:	khsing.cn@gmail.com (maintainer)
Security:	http://www.vuxml.org/freebsd/4f99e2ef-f725-11e1-8bd8-0022156e8794.html
08 Sep 2012 02:37:32
Original commit files touched by this commit  1.1_1
Revision:303851
eadler search for other commits by this committer
Add vim specific modeline to help users write correct vuxml

Submitted by:	bdrewery
07 Sep 2012 23:07:15
Original commit files touched by this commit  1.1_1
Revision:303835
rakuco search for other commits by this committer
Document the vulnerability that led to emacs 24.2
07 Sep 2012 21:34:03
Original commit files touched by this commit  1.1_1
Revision:303830
eadler search for other commits by this committer
Add a sanity check to ensure vuxml is actually installed prior to performing
the tidy step in validate. This step actually requires just the dependancies
but the full validate requires that vuxml be installed.

Reviewed by:	simon
Approved by:	secteam (implicit)
07 Sep 2012 20:25:41
Original commit files touched by this commit  1.1_1
Revision:303824
swills search for other commits by this committer
- Update to 3.4.2 [1] [2] [3]
- Document security issue [4]

PR:		ports/171397 [1]
PR:		ports/171404 [2]
PR:		ports/171405 [3]
Submitted by:	Yuan-Chung Hsiao <ychsiao@ychsiao.org> (maintainer) [1]
Submitted by:	Joe Horn <joehorn@gmail.com> (maintainer) [2] [3]
Reviewed by:	eadler [4]
Security:	30149157-f926-11e1-95cd-001fd0af1a4c
06 Sep 2012 06:10:42
Original commit files touched by this commit  1.1_1
Revision:303744
rea search for other commits by this committer
VuXML: add <modified> tag for Wireshark's entry for CVE-2012-3548
05 Sep 2012 16:02:11
Original commit files touched by this commit  1.1_1
Revision:303712
marcus search for other commits by this committer
Change the wireshark version for the DRDA fix.
05 Sep 2012 10:42:38
Original commit files touched by this commit  1.1_1
Revision:303700
rea search for other commits by this committer
VuXML: document XSS in MoinMoin before 1.9.4 via RST parser
05 Sep 2012 09:47:35
Original commit files touched by this commit  1.1_1
Revision:303695
rea search for other commits by this committer
VuXML: document wrong group ACL processing in MoinMoin
05 Sep 2012 06:29:39
Original commit files touched by this commit  1.1_1
Revision:303685
rea search for other commits by this committer
PHP 5.x: document header splitting vulnerability

There is a related CVE number (CVE-2012-4388), but there is no current
consensus about it:
  http://article.gmane.org/gmane.comp.security.oss.general/8303
04 Sep 2012 21:05:15
Original commit files touched by this commit  1.1_1
Revision:303672
mandree search for other commits by this committer
Modify fetchmail vuln' URLs to established site.
While at it, adjust the two oldest topics to current format, for uniformity,
on, for instance, http://www.vuxml.org/freebsd/pkg-fetchmail.html.
04 Sep 2012 13:45:28
Original commit files touched by this commit  1.1_1
Revision:303652
rea search for other commits by this committer
security/squidclamav: fix DoS and XSS vulnerabilities

Apply upstream patches for CVE-2012-3501 and CVE-2012-4667.

Security:	http://www.vuxml.org/freebsd/ce680f0a-eea6-11e1-8bd8-0022156e8794.html
Security:	http://www.vuxml.org/freebsd/8defa0f9-ee8a-11e1-8bd8-0022156e8794.html
PR:		171022
QA page:	http://codelabs.ru/fbsd/ports/qa/security/squidclamav/5.7_1
Approved by:	maintainer timeout (1 week)

Number of commits found: 3342 (showing only 100 on this page)

[First Page]  «  1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11  »  [Last Page]

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
curlApr 11
dbus-glibApr 11
libaudiofileApr 11
linux-f10-curlApr 11
linux-f10-dbus-glibApr 11
linux-f10-libaudiofileApr 11
linux-f10-nas-libsApr 11
linux-f10-openldapApr 11
mingw32-openssl*Apr 11
mingw32-opensslApr 11
nasApr 11
openssl*Apr 11
opensslApr 11
linux-f10-openssl*Apr 10
linux-f10-openssl*Apr 10

13 vulnerabilities affecting 34 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds


Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 24391
Broken 175
Deprecated 120
Ignore 527
Forbidden 4
Restricted 266
No CDROM 108
Vulnerable 27
Expired 40
Set to expire 105
Interactive 22
new 24 hours 1
new 48 hours3
new 7 days16
new fortnight38
new month149

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.