FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

I am looking for an LTO tape library. Do you have one to spare?
Port details
vuxml Vulnerability and eXposure Markup Language DTD
1.1_2 security on this many watch lists=28 search for ports that depend on this port
Maintained by: ports-secteam@FreeBSD.org search for ports maintained by this maintainer
Port Added: 12 Feb 2004 14:24:23
Also Listed In: textproc
License: BSD2CLAUSE


VuXML (the Vulnerability and eXposure Markup Language) is an XML
application for documenting security bugs and corrections within
a software package collection such as the FreeBSD Ports Collection.
This port installs the DTDs required for validating VuXML documents.
SVNWeb : Distfiles Availability : PortsMon

NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Required To Run:
  1. textproc/xmlcatmgr
  2. textproc/xhtml-modularization
  3. textproc/xhtml-basic
  4. lang/python27
There are no ports dependent upon this port

To install the port: cd /usr/ports/security/vuxml/ && make install clean
To add the package: pkg install security/vuxml


Configuration Options
     No options to configure

Master Sites:
  1. http://distcache.FreeBSD.org/ports-distfiles/vuxml/
  2. http://www.vuxml.org/dtd/vuxml-1/

Number of commits found: 3489 (showing only 100 on this page)

[First Page]  «  2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12  »  [Last Page]

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
25 Oct 2012 19:31:50
Original commit files touched by this commit  1.1_1
Revision:306393
rm search for other commits by this committer
- add CVE reference (still in reserved state) for recent django vulnerabilty

Feature safe:	yes
25 Oct 2012 10:12:42
Original commit files touched by this commit  1.1_1
Revision:306376
rm search for other commits by this committer
- update django ports to 1.3.4 and 1.4.2, that fixing couple of security issues.
  All users are encouraged to upgrade immediately.
- add vuxml entry

changes common for both ports:
- trim Makefile header
- strict python version to 2.x only
- utilize options framework multiple choice feature to let user to choose
  database backends needed. Make SQLITE option default
- shorten description of HTMLDOCS_DESC to make it fit into dialog screen
- SITELIBDIR -> PKGNAMEPREFIX change in dependencies
- convert NOPORTDOCS condition to optionsng
- tab -> space change in pkg-descr

PR:		173017
Submitted by:	rm (myself)
Approved by:	lwhsu (maintainer, by mail)
Security:	5f326d75-1db9-11e2-bc8f-d0df9acfd7e5
Feature safe:   yes
22 Oct 2012 02:37:08
Original commit files touched by this commit  1.1_1
Revision:306252
wxs search for other commits by this committer
Document multiple wireshark vulnerabilities.

Feature safe:	yes
18 Oct 2012 04:13:28
Original commit files touched by this commit  1.1_1
Revision:306051
jgh search for other commits by this committer
- clarify end-user impact for 57652765-18aa-11e2-8382-00a0d181e71d
Suggested by:	simon@
Feature safe:	yes
17 Oct 2012 23:47:28
Original commit files touched by this commit  1.1_1
Revision:306041
jgh search for other commits by this committer
- document xlockmore issue, 57652765-18aa-11e2-8382-00a0d181e71d, CVE-2012-4524
Feature safe:	yes
17 Oct 2012 17:22:51
Original commit files touched by this commit  1.1_1
Revision:306024
sem search for other commits by this committer
- xinetd vulnerability

Feature safe:	yes
16 Oct 2012 14:37:50
Original commit files touched by this commit  1.1_1
Revision:305978
glarkin search for other commits by this committer
- Updated ZF advisory to include similar XEE vulnerability

Feature safe:	yes
16 Oct 2012 14:26:07
Original commit files touched by this commit  1.1_1
Revision:305974
glarkin search for other commits by this committer
- Document Zend Framework XXE injection vulnerability

Feature safe:	yes
15 Oct 2012 22:31:39
Original commit files touched by this commit  1.1_1
Revision:305941
eadler search for other commits by this committer
Update the distinfo as upstream has changed.

I verfied this to be same content as the old version modulo the copyright.

Approved by:	secteam (implicit)
Feature safe:	yes
15 Oct 2012 16:31:40
Original commit files touched by this commit  1.1_1
Revision:305922
eadler search for other commits by this committer
Add the CVE for the gitolite vuln.

Feature safe:	yes
15 Oct 2012 16:02:13
Original commit files touched by this commit  1.1_1
Revision:305918
swills search for other commits by this committer
- Actually commit the VuXML entry

PR:		ports/172565
Feature safe:	yes
Pointyhat to:	swills
14 Oct 2012 21:05:33
Original commit files touched by this commit  1.1_1
Revision:305894
matthew search for other commits by this committer
Document the latest security vulnerabilities for phpMyAdmin.
Fix was already committed to the port 6 days ago.

Feature safe:	yes
14 Oct 2012 15:30:47
Original commit files touched by this commit  1.1_1
Revision:305882
zi search for other commits by this committer
- Add in additional package names for recent bind vulnerability

Feature safe:	yes
11 Oct 2012 19:15:12
Original commit files touched by this commit  1.1_1
Revision:305736
flo search for other commits by this committer
- update to 16.0.1
- update vuln.xml entry

Feature safe:   yes
10 Oct 2012 22:07:00
Original commit files touched by this commit  1.1_1
Revision:305692
rene search for other commits by this committer
Document a new vulnerability in www/chromium < 22.0.1229.94

Obtained
from:	http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
Feature safe:	yes
10 Oct 2012 21:13:07
Original commit files touched by this commit  1.1_1
Revision:305684
flo search for other commits by this committer
- Update firefox-esr, thunderbird-esr, linux-firefox and linux-thunderbird to
10.0.8
- Update firefox and thunderbird to 16.0
- Update seamonkey to 2.13
- Update all -i18n ports respectively
- switch firefox 16.0 and seamonkey 2.13 to ALSA by default for better
  latency during pause and seeking with HTML5 video
- remove fedisableexcept() hacks, obsolete since FreeBSD 4.0
- support system hunspell dictionaries [1]
- unbreak -esr ports with clang3.2 [2]
- unbreak nss build when CC contains full path [3]
- remove GNOME option grouping [4]
- integrate enigmail into thunderbird/seamonkey as an option [5]
- remove mail/enigmail* [6]
- enable ENIGMAIL, LIGHTNING and GIO options by default
- add more reporters in about:memory: page-faults-hard, page-faults-soft,
(Only the first 15 lines of the commit message are shown above View all of this commit message)
10 Oct 2012 11:54:44
Original commit files touched by this commit  1.1_1
Revision:305645
erwin search for other commits by this committer
Upgrade to the latest BIND patch level:

A deliberately constructed combination of records could cause named
to hang while populating the additional section of a response.

Security:	 
http://www.vuxml.org/freebsd/57a700f9-12c0-11e2-9f86-001d923933b6.html
03 Oct 2012 12:51:12
Original commit files touched by this commit  1.1_1
Revision:305201
rm search for other commits by this committer
- correct the range in last entry (le/lt typo)
03 Oct 2012 12:33:39
Original commit files touched by this commit  1.1_1
Revision:305200
rm search for other commits by this committer
- update to 2.8.10
- add vuxml entry

This release fixes SQL injection vulnerability.

PR:		172114
Submitted by:	rm (myself)
Approved by:	ports-secteam (eadler)
Security:	dee44ba9-08ab-11e2-a044-d0df9acfd7e5
27 Sep 2012 17:01:15
Original commit files touched by this commit  1.1_1
Revision:304967
danfe search for other commits by this committer
Mark nvidia-driver-173.14.35_1 as not vulnerable.
26 Sep 2012 21:49:34
Original commit files touched by this commit  1.1_1
Revision:304933
rene search for other commits by this committer
Document vulnerabilities in www/chromium < 22.0.1229.79

Obtained
from:	http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
26 Sep 2012 15:37:59
Original commit files touched by this commit  1.1_1
Revision:304919
glarkin search for other commits by this committer
- Document remote code execution in ePerl (all versions)
- Deprecate and schedule removal in month - no upstream fix available and
  no active development since 1998

Security:	73efb1b7-07ec-11e2-a391-000c29033c32
Security:	CVE-2001-0733
Security:	http://www.shmoo.com/mail/bugtraq/jun01/msg00286.shtml
25 Sep 2012 21:41:51
Original commit files touched by this commit  1.1_1
Revision:304862
glarkin search for other commits by this committer
- Documented PNG file DoS vulnerability in ImageMagick and GraphicsMagick
- Added -nox11 suffixes to various ImageMagick entries
23 Sep 2012 12:27:22
Original commit files touched by this commit  1.1_1
Revision:304735
eadler search for other commits by this committer
Update vuxml to indicate which versions are vulnerable.
20 Sep 2012 03:02:43
Original commit files touched by this commit  1.1_1
Revision:304559
bdrewery search for other commits by this committer
- Update php52 backports patch to 20120911
- Add and update relevant vuxml entries

Changes:
  - CVE-2011-1398 - The sapi_header_op function in main/SAPI.c in PHP
    before 5.3.11 does not properly handle %0D sequences
  - CVE-2012-0789 - Memory leak in the timezone functionality in PHP
    before 5.3.9 allows remote attackers to cause a denial of service
    (memory consumption) by triggering many strtotime function calls,
    which are not properly handled by the php_date_parse_tzfile cache.
  - CVE-2012-3365 - The SQLite functionality in PHP before 5.3.15 allows
    remote attackers to bypass the open_basedir protection mechanism via
     unspecified vectors
  - Timezone database updated to version 2012.5 (2012e) (from 2011.13 (2011m))
  - Minor improvements (CVE-2012-2688, compilation issues with old GCC)

PR:		ports/171583
Submitted by:	Svyatoslav Lempert <svyatoslav.lempert@gmail.com>
Approved by:	Alex Keda <admin@lissyara.su> (maintainer)
20 Sep 2012 01:09:57
Original commit files touched by this commit  1.1_1
Revision:304558
bdrewery search for other commits by this committer
- CVE-2012-2688 was addressed by php52-5.2.17_10

PR:		ports/170063
PR:		ports/171583
Reported by:	Svyatoslav Lempert <svyatoslav.lempert@gmail.com>
Security:	bdab0acd-d4cd-11e1-8a1c-14dae9ebcf89
19 Sep 2012 03:46:36
Original commit files touched by this commit  1.1_1
Revision:304476
dougb search for other commits by this committer
Upgrade to the latest BIND patch level:

Prevents a crash when queried for a record whose RDATA exceeds
65535 bytes.

Prevents a crash when validating caused by using "Bad cache" data
before it has been initialized.

ISC_QUEUE handling for recursive clients was updated to address
a race condition that could cause a memory leak. This rarely
occurred with UDP clients, but could be a significant problem
for a server handling a steady rate of TCP queries.

A condition has been corrected where improper handling of
zero-length RDATA could cause undesirable behavior, including
termination of the named process.

For more information: https://kb.isc.org/article/AA-00788
17 Sep 2012 18:46:52
Original commit files touched by this commit  1.1_1
Revision:304415
lwhsu search for other commits by this committer
Document Jenkins Security Advisory 2012-09-17
15 Sep 2012 21:25:33
Original commit files touched by this commit  1.1_1
Revision:304327
eadler search for other commits by this committer
include newly 'awarded' CVE
15 Sep 2012 17:22:33
Original commit files touched by this commit  1.1_1
Revision:304320
nox search for other commits by this committer
Add vuxml for older versions of multimedia/vlc .

PR:		ports/169985
Submitted by:	"Anders N." <wicked@baot.se>
15 Sep 2012 02:19:37
Original commit files touched by this commit  1.1_1
Revision:304305
eadler search for other commits by this committer
Tell the world about the recent bacula vuln
13 Sep 2012 03:35:09
Original commit files touched by this commit  1.1_1
Revision:304170
swills search for other commits by this committer
- Update to 0.10.22.6 which fixes two security issues
- Document security issues in vuxml [1]

Reviewed by:	bdrewery [1]
Security:	178ba4ea-fd40-11e1-b2ae-001fd0af1a4c
12 Sep 2012 07:31:22
Original commit files touched by this commit  1.1_1
Revision:304136
danfe search for other commits by this committer
Update NVIDIA arbitrary memory access vulnerability with CVE-2012-4225.
11 Sep 2012 11:38:53
Original commit files touched by this commit  1.1_1
Revision:304088
zi search for other commits by this committer
- Update entry for net/freeradius2 to reflect local patch to address
cve-2012-3547
11 Sep 2012 08:46:31
Original commit files touched by this commit  1.1_1
Revision:304085
rea search for other commits by this committer
VuXML: document remote code execution in freeRADIUS
11 Sep 2012 07:51:07
Original commit files touched by this commit  1.1_1
Revision:304084
rea search for other commits by this committer
www/moinmoin: fix CVE-2012-4404, wrong processing of group ACLs

Using upstream patch from
  http://hg.moinmo.in/moin/1.9/raw-rev/7b9f39289e16

PR:		171346
QA page:	http://codelabs.ru/fbsd/ports/qa/www/moinmoin/1.9.4_1
Approved by:	khsing.cn@gmail.com (maintainer)
Security:	http://www.vuxml.org/freebsd/4f99e2ef-f725-11e1-8bd8-0022156e8794.html
08 Sep 2012 02:37:32
Original commit files touched by this commit  1.1_1
Revision:303851
eadler search for other commits by this committer
Add vim specific modeline to help users write correct vuxml

Submitted by:	bdrewery
07 Sep 2012 23:07:15
Original commit files touched by this commit  1.1_1
Revision:303835
rakuco search for other commits by this committer
Document the vulnerability that led to emacs 24.2
07 Sep 2012 21:34:03
Original commit files touched by this commit  1.1_1
Revision:303830
eadler search for other commits by this committer
Add a sanity check to ensure vuxml is actually installed prior to performing
the tidy step in validate. This step actually requires just the dependancies
but the full validate requires that vuxml be installed.

Reviewed by:	simon
Approved by:	secteam (implicit)
07 Sep 2012 20:25:41
Original commit files touched by this commit  1.1_1
Revision:303824
swills search for other commits by this committer
- Update to 3.4.2 [1] [2] [3]
- Document security issue [4]

PR:		ports/171397 [1]
PR:		ports/171404 [2]
PR:		ports/171405 [3]
Submitted by:	Yuan-Chung Hsiao <ychsiao@ychsiao.org> (maintainer) [1]
Submitted by:	Joe Horn <joehorn@gmail.com> (maintainer) [2] [3]
Reviewed by:	eadler [4]
Security:	30149157-f926-11e1-95cd-001fd0af1a4c
06 Sep 2012 06:10:42
Original commit files touched by this commit  1.1_1
Revision:303744
rea search for other commits by this committer
VuXML: add <modified> tag for Wireshark's entry for CVE-2012-3548
05 Sep 2012 16:02:11
Original commit files touched by this commit  1.1_1
Revision:303712
marcus search for other commits by this committer
Change the wireshark version for the DRDA fix.
05 Sep 2012 10:42:38
Original commit files touched by this commit  1.1_1
Revision:303700
rea search for other commits by this committer
VuXML: document XSS in MoinMoin before 1.9.4 via RST parser
05 Sep 2012 09:47:35
Original commit files touched by this commit  1.1_1
Revision:303695
rea search for other commits by this committer
VuXML: document wrong group ACL processing in MoinMoin
05 Sep 2012 06:29:39
Original commit files touched by this commit  1.1_1
Revision:303685
rea search for other commits by this committer
PHP 5.x: document header splitting vulnerability

There is a related CVE number (CVE-2012-4388), but there is no current
consensus about it:
  http://article.gmane.org/gmane.comp.security.oss.general/8303
04 Sep 2012 21:05:15
Original commit files touched by this commit  1.1_1
Revision:303672
mandree search for other commits by this committer
Modify fetchmail vuln' URLs to established site.
While at it, adjust the two oldest topics to current format, for uniformity,
on, for instance, http://www.vuxml.org/freebsd/pkg-fetchmail.html.
04 Sep 2012 13:45:28
Original commit files touched by this commit  1.1_1
Revision:303652
rea search for other commits by this committer
security/squidclamav: fix DoS and XSS vulnerabilities

Apply upstream patches for CVE-2012-3501 and CVE-2012-4667.

Security:	http://www.vuxml.org/freebsd/ce680f0a-eea6-11e1-8bd8-0022156e8794.html
Security:	http://www.vuxml.org/freebsd/8defa0f9-ee8a-11e1-8bd8-0022156e8794.html
PR:		171022
QA page:	http://codelabs.ru/fbsd/ports/qa/security/squidclamav/5.7_1
Approved by:	maintainer timeout (1 week)
02 Sep 2012 02:57:38
Original commit files touched by this commit  1.1_1
Revision:303527
eadler search for other commits by this committer
Inform the community about a recent bitcoin DoS vuln.

Reviewed by:	swills
01 Sep 2012 20:16:06
Original commit files touched by this commit  1.1_1
Revision:303519
ohauer search for other commits by this committer
- update bugzilla bugzilla3 and bugzilla42
- use new bugzilla@ address (members skv@, tota@, ohauer@)
- patch russian/japanese/german bugzilla and bugzilla templates
  so the reflect the security updates in the original templates
- patch german/bugzilla42 templates
- adopt new Makefile header

	vuxml: 6ad18fe5-f469-11e1-920d-20cf30e32f6d
	CVE: CVE-2012-3981
	https://bugzilla.mozilla.org/show_bug.cgi?id=785470
	https://bugzilla.mozilla.org/show_bug.cgi?id=785522
	https://bugzilla.mozilla.org/show_bug.cgi?id=785511
01 Sep 2012 18:50:14
Original commit files touched by this commit  1.1_1
Revision:303508
rea search for other commits by this committer
VuXML: document CVE-2012-3534, DoS via large number of connections
01 Sep 2012 17:40:16
Original commit files touched by this commit  1.1_1
Revision:303503
eadler search for other commits by this committer
vuxml matches on PKGNAME, not on the port directory.
mediawiki118 has PKGNAME mediawiki-1.18.4
01 Sep 2012 17:16:50
Original commit files touched by this commit  1.1_1
Revision:303499
rea search for other commits by this committer
Add "modified" tag to the Java 7 entry

Forgot to do it at r303435.

Spotted by:	wxs
Pointyhat to:	rea
01 Sep 2012 12:44:33
Original commit files touched by this commit  1.1_1
Revision:303471
wen search for other commits by this committer
- Update www/mediawiki to 1.19.2
- Update www/mediawiki118 to 1.18.5
- Document the security bugs
31 Aug 2012 16:58:42
Original commit files touched by this commit  1.1_1
Revision:303435
rea search for other commits by this committer
VuXML: update Java 7 entry with Oracle-provided details

Oracle's Java 7 update 7 fixes CVE-2012-4681.
31 Aug 2012 15:17:13
Original commit files touched by this commit  1.1_1
Revision:303428
mandree search for other commits by this committer
Tidy up paragraph formatting (it passed "make validate" before).

Suggested by:	wxs
31 Aug 2012 10:59:18
Original commit files touched by this commit  1.1_1
Revision:303414
rea search for other commits by this committer
VuXML: document CVE-2012-3548, DoS in Wireshark
30 Aug 2012 23:08:55
Original commit files touched by this commit  1.1_1
Revision:303394
rene search for other commits by this committer
Document vulnerabilities in www/chromium < 21.0.1180.89

Obtained
from:	http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
30 Aug 2012 22:14:11
Original commit files touched by this commit  1.1_1
Revision:303393
flo search for other commits by this committer
- Update net/asterisk to 1.8.15.1
- Update net/asterisk10 to 10.7.1
- Document vulnerabilities in vuln.xml
- Fix URLs in the pervious asterisk vuln.xml entry

Security:	http://www.vuxml.org/freebsd/4c53f007-f2ed-11e1-a215-14dae9ebcf89.html
30 Aug 2012 11:40:20
Original commit files touched by this commit  1.1_1
Revision:303369
jase search for other commits by this committer
- Update to 1.5.20
- Update MASTER_SITES
- Convert to optionsNG and add DOCS option
- Document security vulnerabilities [1]

PR:		ports/169558
Requested by:	Alexey <alexey@kouznetsov.com> (submitter)
Security:	6dd5e45c-f084-11e1-8d0f-406186f3d89d [1]
Approved by:	flo (mentor)
30 Aug 2012 09:03:22
Original commit files touched by this commit  1.1_1
Revision:303364
rea search for other commits by this committer
VuXML: document CVE-2012-4681, security manager bypass in Java 7.x
30 Aug 2012 06:23:21
Original commit files touched by this commit  1.1_1
Revision:303361
mandree search for other commits by this committer
Add a vuln' entry for fetchmail's CVE-2011-3389 vulnerability.
27 Aug 2012 17:44:23
Original commit files touched by this commit  1.1_1
mandree search for other commits by this committer
Update fetchmail to 6.3.21_1, fixing CVE-2012-3482.
Adjust VuXML database entry from < 6.3.22 to < 6.3.21_1.

PR:		ports/170613
Approved by:	maintainer timeout (14 days)
Security:	http://www.vuxml.org/freebsd/83f9e943-e664-11e1-a66d-080027ef73ec.html
Security:	CVE-2012-3482
26 Aug 2012 21:31:12
Original commit files touched by this commit  1.1_1
rea search for other commits by this committer
VuXML entry c906e0a4-efa6-11e1-8fbf-001b77d09812: fix port epoch

Pointyhat to: rea
26 Aug 2012 21:26:57
Original commit files touched by this commit  1.1_1
rea search for other commits by this committer
VuXML: document XSS in RoundCube Web-mail application

Branch 0.8.x before 0.8.1 is prone to XSS attack via incoming
HTML messages.
26 Aug 2012 17:33:12
Original commit files touched by this commit  1.1_1
rea search for other commits by this committer
news/inn: fix plaintext command injection, CVE-2012-3523

Relevant only for INN installations that are using encryption.

PR:		171013
Approved by:	fluffy@FreeBSD.org (maintainer)
Security:	http://www.vuxml.org/freebsd/a7975581-ee26-11e1-8bd8-0022156e8794.html
26 Aug 2012 01:44:43
Original commit files touched by this commit  1.1_1
avilla search for other commits by this committer
- Document Calligra input validation failure.
25 Aug 2012 22:17:29
Original commit files touched by this commit  1.1_1
bdrewery search for other commits by this committer
- Document that CVE-2012-3386 only affects automake >= 1.5.0

Verified this by inspecting the automake14 source, as well as
official release tarballs and git history.

Approved by:	bapt (mentor)
25 Aug 2012 11:38:00
Original commit files touched by this commit  1.1_1
rea search for other commits by this committer
VuXML: document cross-site scripting in SquidClamav
25 Aug 2012 10:07:40
Original commit files touched by this commit  1.1_1
rea search for other commits by this committer
VuXML: document DoS in SquidGuard

SquidGuard can be crashed via the specially-crafted URL
when external URL checker is used.
24 Aug 2012 20:13:53
Original commit files touched by this commit  1.1_1
rea search for other commits by this committer
VuXML: document INN plaintext command injection vulnerability
22 Aug 2012 21:10:10
Original commit files touched by this commit  1.1_1
rea search for other commits by this committer
VuXML: document CVE-2012-3525 in jabberd 2.x
22 Aug 2012 20:01:19
Original commit files touched by this commit  1.1_1
rea search for other commits by this committer
VuXML: fix whitespace in my previous rssh entry
22 Aug 2012 20:00:31
Original commit files touched by this commit  1.1_1
rea search for other commits by this committer
VuXML: document rssh vulnerabilities fixed in version 2.3.3
21 Aug 2012 20:56:44
Original commit files touched by this commit  1.1_1
rea search for other commits by this committer
rssh: document arbitrary code execution, CVE-2012-3478
20 Aug 2012 01:40:39
Original commit files touched by this commit  1.1_1
wxs search for other commits by this committer
Put libotr entry back. I added the cited URL to the references.
19 Aug 2012 21:47:46
Original commit files touched by this commit  1.1_1
dougb search for other commits by this committer
Remove the improperly formatted libotr entry. Someone with more knowledge
and experience needs to take care of this, I'm clearly not competent.
18 Aug 2012 08:39:39
Original commit files touched by this commit  1.1_1
dougb search for other commits by this committer
14 August 2012 libotr version 3.2.1 released

Versions 3.2.0 and earlier of libotr contain a small heap write overrun
(thanks to Justin Ferguson for the report), and a large heap read overrun
(thanks to Ben Hawkes for the report).

Add a vuxml entry, and tune up the notes about adding a new entry.
18 Aug 2012 03:07:42
Original commit files touched by this commit  1.1_1
wxs search for other commits by this committer
Document OpenTTD DoS.
18 Aug 2012 02:30:28
Original commit files touched by this commit  1.1_1
wxs search for other commits by this committer
Document multiple wireshark vulnerabilities.

Two are from 1.8.1 (CVE-2012-4048 and CVE-2012-4049). The remaining are
from 1.8.2 which is not in ports yet.
17 Aug 2012 19:39:51
Original commit files touched by this commit  1.1_1
jgh search for other commits by this committer
The PostgreSQL Global Development Group today released security updates for all
active branches
of the PostgreSQL database system, including versions 9.1.5, 9.0.9, 8.4.13 and
8.3.20. This
update patches security holes associated with libxml2 and libxslt, similar to
those affecting
other open source projects. All users are urged to update their installations at
the first
available opportunity.

This security release fixes a vulnerability in the built-in XML functionality,
and a vulnerability
in the XSLT functionality supplied by the optional XML2 extension. Both
vulnerabilities allow
reading of arbitrary files by any authenticated database user, and the XSLT
vulnerability
allows writing files as well. The fixes cause limited backwards compatibility
issues.
These issues correspond to the following two vulnerabilities:

CVE-2012-3488: PostgreSQL insecure use of libxslt
CVE-2012-3489: PostgreSQL insecure use of libxml2
This release also contains several fixes to version 9.1, and a smaller number of
fixes to older versions, including:
(Only the first 15 lines of the commit message are shown above View all of this commit message)
17 Aug 2012 07:27:04
Original commit files touched by this commit  1.1_1
matthew search for other commits by this committer
Document the latest phpMyAdmin vulnerability PMSA-2012-4
15 Aug 2012 19:45:50
Original commit files touched by this commit  1.1_1
bdrewery search for other commits by this committer
- Update www/typo3 to 4.7.4 [1]
- Convert to new options framework [1]
- Update www/typo345 to 4.5.19 [2]
- Update www/typo346 to 4.6.12 [3]
- Changes: https://typo3.org/news/article/typo3-4519-4612-and-474-released/
- Document security vulnerabilities [4]
 
https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004/

PR:		ports/170650 [1]
PR:		ports/170647 [2]
PR:		ports/170649 [3]
Submitted by:	Helmut Schneider <jumper99@gmx.de> (maintainer)
Security:	48bcb4b2-e708-11e1-a59d-000d601460a4 [4]
Approved by:	eadler (mentor)
14 Aug 2012 23:17:56
Original commit files touched by this commit  1.1_1
mandree search for other commits by this committer
Document CVE-2012-3482 for fetchmail, one DoS and one information disclosure
vulnerability in non-default NTLM code.

Also see ports/170613 which is pending maintainer feedback.
13 Aug 2012 17:57:26
Original commit files touched by this commit  1.1_1
jkim search for other commits by this committer
Belatedly add an entry for the recent IcedTea-Web updates.
11 Aug 2012 17:41:52
Original commit files touched by this commit  1.1_1
novel search for other commits by this committer
Document libcloud MITM vuln.

Security:	CVE-2012-3446
11 Aug 2012 08:11:17
Original commit files touched by this commit  1.1_1
matthew search for other commits by this committer
Document the latest phpmyadmin security problem.
10 Aug 2012 14:38:47
Original commit files touched by this commit  1.1_1
rene search for other commits by this committer
- Document vulnerabilities in www/chromium 20.0.1132.57 and 21.0.1180.60.
- Keep the latest chromium vulnerabilies on top.
10 Aug 2012 08:08:27
Original commit files touched by this commit  1.1_1
rene search for other commits by this committer
Document two vulnerabilities in www/chromium < 21.0.1180.75 related to the
builtin PDF viewer.

Obtained
from:	http://googlechromereleases.blogspot.com/search/label/Stable%20updates
10 Aug 2012 02:50:54
Original commit files touched by this commit  1.1_1
swills search for other commits by this committer
- Update rails and friends to 3.2.8
- Document security issue in 3.2.7 [1]

Submitted by:	bdrewery [1]
Reviewed by:	swills [1]
Security:	31db9a18-e289-11e1-a57d-080027a27dbf
09 Aug 2012 15:43:09
Original commit files touched by this commit  1.1_1
wxs search for other commits by this committer
Document old sudosh buffer overflow.

Noticed by:	Diego Linke
07 Aug 2012 15:57:26
Original commit files touched by this commit  1.1_1
wxs search for other commits by this committer
Fix up whitespace in 10f38033-e006-11e1-9304-000000000000.
Replace broken vid in 10f38033-e006-11e1-9304-000000000000 with one that is
correct.
07 Aug 2012 02:02:26
Original commit files touched by this commit  1.1_1
zi search for other commits by this committer
- Document FreeBSD-SA-12:05.bind
06 Aug 2012 22:44:14
Original commit files touched by this commit  1.1_1
bdrewery search for other commits by this committer
Document CVE-2012-3386 for devel/automake

Approved by:	eadler (mentor)
02 Aug 2012 21:24:11
Original commit files touched by this commit  1.1_1
flo search for other commits by this committer
Belatedly add an entry for the recent Mozilla updates

Security:	http://www.freebsd.org/ports/portaudit/dbf338d0-dce5-11e1-b655-14dae9ebcf89.html
02 Aug 2012 12:59:58
Original commit files touched by this commit  1.1_1
zi search for other commits by this committer
- Cleanup whitespace
02 Aug 2012 12:48:10
Original commit files touched by this commit  1.1_1
wxs search for other commits by this committer
Whitespace fixes.
02 Aug 2012 12:35:33
Original commit files touched by this commit  1.1_1
wxs search for other commits by this committer
Add modified for django entry.

Noticed by:	remko@
02 Aug 2012 03:25:54
Original commit files touched by this commit  1.1_1
wxs search for other commits by this committer
Add CVE entries for f01292a0-db3c-11e1-a84b-00e0814cab4e.
02 Aug 2012 03:17:26
Original commit files touched by this commit  1.1_1
wxs search for other commits by this committer
Document Apache 2.2.x insecure handling of LD_LIBRARY_PATH.
Add patch[1] to address problem to apache port.

[1]:
http://svn.apache.org/viewvc/httpd/httpd/trunk/support/envvars-std.in?view=log&pathrev=1296428

Approved by:	apache@ (pgollucci@)
Obtained from:	Apache SVN
31 Jul 2012 19:04:51
Original commit files touched by this commit  1.1_1
lwhsu search for other commits by this committer
- Document django -- multiple vulnerabilities

Number of commits found: 3489 (showing only 100 on this page)

[First Page]  «  2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12  »  [Last Page]

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
flacNov 25
asterisk11Nov 21
asterisk11Nov 21
phpmyadminNov 21
kde4-runtimeNov 20
kwebkitpartNov 20
yiiNov 19
chromiumNov 18
kde4-workspaceNov 17
dbusNov 11
wgetNov 08
konversation-kde4Nov 05
jenkinsOct 31
jenkins-ltsOct 31
twikiOct 31

9 vulnerabilities affecting 11 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds


Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 24385
Broken 160
Deprecated 79
Ignore 417
Forbidden 1
Restricted 206
No CDROM 93
Vulnerable 18
Expired 12
Set to expire 74
Interactive 0
new 24 hours 3
new 48 hours6
new 7 days47
new fortnight177
new month232

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.