FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

Please give me your LTO-4 or better tape library and I'll put it to good use.
found something from the cache
non port: head/security/vuxml/vuln.xml
SVNWeb

Number of commits found: 3521 (showing only 100 on this page)

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11  »  [Last Page]

Sat, 21 Feb 2015
[ 16:12 cy ] Original commit 
379531 security/vuxml/vuln.xml
Kerberos Version 5, Release 1.12.3 is released affecting
security/krb5-112. This fixes multiple vulnerabilities, some previously
committed by point patches and others newly fixed in this release.

* Fix multiple vulnerabilities in the LDAP KDC back end.
  [CVE-2014-5354] [CVE-2014-5353]

* Fix multiple kadmind vulnerabilities, some of which are based in the
  gssrpc library. [CVE-2014-5352 CVE-2014-5352 CVE-2014-9421
  CVE-2014-9422 CVE-2014-9423]

Security:	CVE-2014-5354, CVE-2014-5353
Security:	CVE-2014-5352, CVE-2014-5352, CVE-2014-9421
Security:	CVE-2014-9422, CVE-2014-9423
Tue, 17 Feb 2015
[ 22:03 delphij ] Original commit 
379193 security/vuxml/vuln.xml
Document unzip heap based buffer overflow in iconv patch.

PR:		ports/197772
[ 17:19 madpilot ] Original commit 
379183 security/vuxml/vuln.xml
Add modified date to entries I touched recently.

Noticed by:	kwm (thanks)
[ 16:14 madpilot ] Original commit 
379176 security/vuxml/vuln.xml
Add CVE number to asterisk advisory.
Fri, 13 Feb 2015
[ 20:23 cy ] Original commit 
378943 security/vuxml/vuln.xml
Backported patches for CVE-2014-5353 and CVE-2014-5354 received from MIT
for krb5-111 and krb5-112.

Obtained from:	Greg Hudson <ghudson@mit.edu>
Security:	CVE-2014-5353, CVE-2014-5354
[ 01:59 zi ] Original commit 
378911 security/vuxml/vuln.xml
- Additional fixes from the krb5 commit
[ 01:55 zi ] Original commit 
378910 security/vuxml/vuln.xml
- Correct errors in previous commit to resolve build
[ 01:45 cy ] Original commit 
378908 security/vuxml/vuln.xml
Document new krb5 vulnerabilities.

Security:	CVE-2014-5353, CVE-2014-5354
Thu, 12 Feb 2015
[ 21:00 kwm ] Original commit 
378896 security/vuxml/vuln.xml
The xorg-server entry in commit 378888, also mention portepoch for the other
version we want to check.
[ 19:56 kwm ] Original commit 
378888 security/vuxml/vuln.xml
Document xorg-server CVE-2015-0255.

Information leak in the XkbSetGeometry request of X servers
Mon, 9 Feb 2015
[ 08:23 girgen ] Original commit 
378717 security/vuxml/vuln.xml
In r378499, PostgreSQL package names where not version-suffixed. Fixed this.
Submitted by:	kuriyama@
Fri, 6 Feb 2015
[ 23:27 rene ] Original commit 
378570 security/vuxml/vuln.xml
Fix CVE name for www/chromium entry

Submitted by:	bz via bot
[ 22:48 delphij ] Original commit 
378567 security/vuxml/vuln.xml
Document two recent OpenLDAP DoS issues.
[ 22:21 rene ] Original commit 
378560 security/vuxml/vuln.xml
Document new vulnerabilities in www/chromium < 40.0.2214.111

Submitted by:	Carlos Jacobo Puga Medina
Obtained from:	http://googlechromereleases.blogspot.nl/
Thu, 5 Feb 2015
[ 22:54 girgen ] Original commit 
378499 security/vuxml/vuln.xml
Update PostgreSQL-9.x to latests versions.

This update fixes multiple security issues reported in PostgreSQL over the past
few months. All of these issues require prior authentication, and some require
additional conditions, and as such are not considered generally urgent.
However, users should examine the list of security holes patched below in case
they are particularly vulnerable.

Security:	CVE-2015-0241,CVE-2015-0242,CVE-2015-0243,
		CVE-2015-0244,CVE-2014-8161
[ 08:57 tijl ] Original commit 
378447 security/vuxml/vuln.xml
Remove 734bcd49-aae6-11e4-a0c1-c485083ca99c because Adobe Flash Player 11.x
isn't affected.  See February 2 revision of
https://helpx.adobe.com/security/products/flash-player/apsa15-02.html
Wed, 4 Feb 2015
[ 20:38 cy ] Original commit 
378415 security/vuxml/vuln.xml
Add the following KRB5 CVEs.

CVE-2014-5352: gss_process_context_token() incorrectly frees context

CVE-2014-9421: kadmind doubly frees partial deserialization results

CVE-2014-9422: kadmind incorrectly validates server principal name

CVE-2014-9423: libgssrpc server applications leak uninitialized bytes

Security:	CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423
Tue, 3 Feb 2015
[ 22:35 delphij ] Original commit 
378381 security/vuxml/vuln.xml
Document unzip out of boundary access issues in test_compr_eb.

PR:		ports/197300
Mon, 2 Feb 2015
[ 19:09 xmj ] Original commit 
378319 security/vuxml/vuln.xml
Add linux-f10-devtools (any version) and linux-c6-devtools (prior to 6.6_3) to
the CVE-2015-0235 entry from 2015-01-28.

Approved by:	swills (mentor)
[ 15:25 feld ] Original commit 
378307 security/vuxml/vuln.xml
Add net-mgmt/xymon-server CVE-2015-1430
[ 14:53 xmj ] Original commit 
378306 security/vuxml/vuln.xml
www/linux-*-flashplugin11: Add CVE-2015-0313

Spotted by:	kwm
Approved by:	swills (mentor)
Sat, 31 Jan 2015
[ 16:09 olgeni ] Original commit 
378218 security/vuxml/vuln.xml
Add CVE-2015-0862 for net/rabbitmq.
[ 15:07 ohauer ] Original commit 
378212 security/vuxml/vuln.xml
- document apache24 issues
Thu, 29 Jan 2015
[ 11:20 madpilot ] Original commit 
378113 security/vuxml/vuln.xml
Document asterisk security issues.

While here, add CVE number to a previous asterisk entry.
Wed, 28 Jan 2015
[ 08:39 xmj ] Original commit 
378048 security/vuxml/vuln.xml
Add CVE-2015-0235.

- Affects linux_base-*

Approved by:	so@ (des)
Mon, 26 Jan 2015
[ 21:20 tijl ] Original commit 
377958 security/vuxml/vuln.xml
Document critical Adobe Flash Player vulnerability (CVE-2015-0311)
[ 20:24 ohauer ] Original commit 
377951 security/vuxml/vuln.xml
- document bugzilla security issues
Sat, 24 Jan 2015
[ 17:58 lwhsu ] Original commit 
377804 security/vuxml/vuln.xml
- Fix description of 9c7b6c20-a324-11e4-879c-00e0814cab4e
Fri, 23 Jan 2015
[ 17:47 lwhsu ] Original commit 
377750 security/vuxml/vuln.xml
Document Django 2014-01-13 vulnerabilty
Thu, 22 Jan 2015
[ 17:43 mi ] Original commit 
377675 security/vuxml/vuln.xml
Add a note about the just-fixed vulnerability of applications using net/libutp.

PR:		196351
Differential Revision:	D1575
Submitted by:	Jan Beich
Approved by:	bapt
[ 17:09 xmj ] Original commit 
377670 security/vuxml/vuln.xml
Amend linux-c6-openssl version in OpenSSL entry from 2015-01-08.

Approved by:	swills (mentor)
[ 17:02 vsevolod ] Original commit 
377669 security/vuxml/vuln.xml
Add CVE-2015-0206 description for LibreSSL port.
[ 12:54 tijl ] Original commit 
377652 security/vuxml/vuln.xml
Document Adobe Flash Player vulnerabilities
Wed, 21 Jan 2015
[ 22:09 rene ] Original commit 
377627 security/vuxml/vuln.xml
Document new vulnerabilities in www/chromium < 40.0.2214.91

Also affects FFmpeg, ICU, DOM but the links on the webpage all result in a 403.

Obtained from:	http://googlechromereleases.blogspot.nl
Mon, 19 Jan 2015
[ 20:52 jase ] Original commit 
377478 security/vuxml/vuln.xml
security/vuxml:
- Document security/polarssl and security/polarssl13 crafted certificates
  vulnerability (CVE-2015-1182)
Fri, 16 Jan 2015
[ 08:18 ehaupt ] Original commit 
377155 security/vuxml/vuln.xml
Document multiple archivers/unzip vulnerabilities (CVE-2014-8139,
CVE-2014-8140, CVE-2014-8141).

PR:		196777 (based on)
Submitted by:	rsimmons0@gmail.com
[ 04:05 timur ] Original commit 
377152 security/vuxml/vuln.xml
Add description of CVE-2014-8143 in net/samba4 and net/samba41
Wed, 14 Jan 2015
[ 21:54 rakuco ] Original commit 
377053 security/vuxml/vuln.xml
Add entry for CVE-2013-7252 in x11/kde4-runtime.
[ 07:10 beat ] Original commit 
376998 security/vuxml/vuln.xml
Document mozilla vulnerabilities
Sun, 11 Jan 2015
[ 19:39 mm ] Original commit 
376799 security/vuxml/vuln.xml
Add vuln.xml entry for libevent CVE-2014-6272

PR:	ports/199640
Fri, 9 Jan 2015
[ 18:56 sunpoet ] Original commit 
376644 security/vuxml/vuln.xml
- Fix more typo
[ 18:51 sunpoet ] Original commit 
376643 security/vuxml/vuln.xml
- Fix typo
[ 18:41 sunpoet ] Original commit 
376640 security/vuxml/vuln.xml
- Document cURL URL request injection vulnerability (CVE-2014-8150)
[ 13:35 kwm ] Original commit 
376608 security/vuxml/vuln.xml
Document webkit-gtk[23] vulnabilities.
[ 00:00 delphij ] Original commit 
376575 security/vuxml/vuln.xml
Document OpenSSL multiple vulnerabilities.
Tue, 6 Jan 2015
[ 21:11 mandree ] Original commit 
376441 security/vuxml/vuln.xml
Add three upstream patches to busybox 1.22.1, bumping PORTREVISION to 2.
One fixes the CVE-2014-4608 buffer overrun in LZO2,
one fixes the nc app, one fixes the zcat and related apps when accessing
files without extension.

List busybox < 1.22.1_2 as vulnerable, and add CVE Name to the vulndb.

Security:	CVE-2014-4608
Security:	d1f5e12a-fd5a-11e3-a108-080027ef73ec
Sun, 4 Jan 2015
[ 22:54 rea ] Original commit 
376278 security/vuxml/vuln.xml
VuXML: document multiple vulnerabilities in WordPress

CVE-2014-9033 to CVE-2014-9039.
[ 22:25 rea ] Original commit 
376276 security/vuxml/vuln.xml
VuXML: document heap overflow in 32-bit builds of libpng
Fri, 2 Jan 2015
[ 23:24 delphij ] Original commit 
376073 security/vuxml/vuln.xml
Document file multiple vulnerabilities.
Tue, 23 Dec 2014
[ 21:24 rea ] Original commit 
375358 security/vuxml/vuln.xml
Fix whitespace in entry for ntp (4033d826-87dd-11e4-9079-3c970e169bc2)
[ 21:22 rea ] Original commit 
375357 security/vuxml/vuln.xml
Document CVE-2014-9116 in mutt
Sat, 20 Dec 2014
[ 00:21 delphij ] Original commit 
374986 security/vuxml/vuln.xml
Document ntp multiple vulnerabilities.
Fri, 19 Dec 2014
[ 18:05 brd ] Original commit 
374959 security/vuxml/vuln.xml
Document git vulerability

Approved by:	swills
Security:	CVE-2014-9390
Tue, 16 Dec 2014
[ 22:06 cs ] Original commit 
374826 security/vuxml/vuln.xml
OTRS security announcement
[ 11:44 kwm ] Original commit 
374799 security/vuxml/vuln.xml
Register portepoch in the xorg-server entry.

Submitted by:	Adam McDougall <mcdouga9@egr.msu.edu>
Pointyhat to:	kwm@
[ 10:46 tijl ] Original commit 
374792 security/vuxml/vuln.xml
Fix version information on several subversion vulnerabilities
Mon, 15 Dec 2014
[ 22:18 ohauer ] Original commit 
374768 security/vuxml/vuln.xml
- document Subversion remote DoS
Sun, 14 Dec 2014
[ 09:45 danfe ] Original commit 
374694 security/vuxml/vuln.xml
The GLX indirect rendering support supplied on NVIDIA products is subject to
the recently disclosed X.Org vulnerabilities (CVE-2014-8093, CVE-2014-8098)
as well as internally identified vulnerabilities (CVE-2014-8298).
Thu, 11 Dec 2014
[ 20:56 delphij ] Original commit 
374548 security/vuxml/vuln.xml
Document BIND vulnerability.
[ 09:41 madpilot ] Original commit 
374518 security/vuxml/vuln.xml
Document vulnerability in asterisk11.
Wed, 10 Dec 2014
[ 21:31 kwm ] Original commit 
374488 security/vuxml/vuln.xml
Document xserver security advisories.
Tue, 9 Dec 2014
[ 03:05 sem ] Original commit 
374345 security/vuxml/vuln.xml
- Remove a redundant dot
[ 02:43 sem ] Original commit 
374344 security/vuxml/vuln.xml
Document unbound vulnerability
Sun, 7 Dec 2014
[ 12:25 kwm ] Original commit 
374189 security/vuxml/vuln.xml
Document freetype 2 vulnability.
Thu, 4 Dec 2014
[ 07:15 matthew ] Original commit 
373862 security/vuxml/vuln.xml
The latest in a long line of phpMyAdmin security advisories: DoS and
XSS vulnerabilities.

Security:	c9c46fbf-7b83-11e4-a96e-6805ca0b3d42
Wed, 3 Dec 2014
[ 11:20 beat ] Original commit 
373807 security/vuxml/vuln.xml
Document mozilla vulnerabilities

PR:		195559
Submitted by:	Jan Beich
Tue, 2 Dec 2014
[ 01:38 delphij ] Original commit 
373733 security/vuxml/vuln.xml
Document OpenVPN Denial of Service vulnerability.
Tue, 25 Nov 2014
[ 21:42 naddy ] Original commit 
373433 security/vuxml/vuln.xml
Document CVE-2014-8962 and CVE-2014-9028 in audio/flac.
Sun, 23 Nov 2014
[ 10:35 madpilot ] Original commit 
373141 security/vuxml/vuln.xml
Add CVE names for recent asterisk vulnerabilities.
Fri, 21 Nov 2014
[ 11:07 madpilot ] Original commit 
372986 security/vuxml/vuln.xml
Document multiple vulnerabilities in asterisk ports.
[ 08:13 matthew ] Original commit 
372978 security/vuxml/vuln.xml
Document the latest round of phpMyAdmin vulnerabilities.

Security:	a5d4a82a-7153-11e4-88c7-6805ca0b3d42
Thu, 20 Nov 2014
[ 21:30 rakuco ] Original commit 
372964 security/vuxml/vuln.xml
Add note about CVE-2014-8600 in kde4-runtime and kwebkitpart.
[ 08:42 madpilot ] Original commit 
372882 security/vuxml/vuln.xml
Document yii vulnerability CVE-2014-4672.
Tue, 18 Nov 2014
[ 18:32 rene ] Original commit 
372740 security/vuxml/vuln.xml
Document new vulnerabilities in www/chromium < 39.0.2171.65

Obtained
from:	http://googlechromereleases.blogspot.nl/2014/11/stable-channel-update_18.html
Mon, 17 Nov 2014
[ 21:27 rakuco ] Original commit 
372690 security/vuxml/vuln.xml
Fix version check for the entry added in r372686.

4.11.14 is not in ports yet, the fix was backported to 4.11.13 so we are
safe with 4.11.13_1.
[ 21:00 rakuco ] Original commit 
372686 security/vuxml/vuln.xml
Add entry for CVE-2014-8651 in x11/kde4-workspace.
Tue, 11 Nov 2014
[ 18:35 kwm ] Original commit 
372459 security/vuxml/vuln.xml
document dbus CVE-2014-7824
Fri, 7 Nov 2014
[ 22:07 rea ] Original commit 
372299 security/vuxml/vuln.xml
ftp/wget: document CVE-2014-4877, path traversal in recursive FTP mode
Wed, 5 Nov 2014
[ 22:18 makc ] Original commit 
372208 security/vuxml/vuln.xml
VuXML: fix spelling for the latest entry

Noticed by:	ports-secteam (rea)
[ 14:49 makc ] Original commit 
372194 security/vuxml/vuln.xml
VuXML: document CVE-2014-8483 for irc/konversation-kde4

Approved by:	ports-secteam (zi)
Fri, 31 Oct 2014
[ 15:38 rea ] Original commit 
371856 security/vuxml/vuln.xml
VuXML: document remote Perl code execution in TWiki

Crafted GET parameter "debugenableplugins" can be used to trigger
code execution,
  http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2014-7236
[ 11:09 rea ] Original commit 
371804 security/vuxml/vuln.xml
VuXML: document vulnerability in Jenkins

CVE-2014-3665, remote code execution on master servers that can
be initiated by (untrusted) slaves,
 
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-30
Wed, 29 Oct 2014
[ 21:51 rakuco ] Original commit 
371710 security/vuxml/vuln.xml
Add entry for libssh's CVE-2014-0017.
Fri, 24 Oct 2014
[ 01:58 zi ] Original commit 
371418 security/vuxml/vuln.xml
- Document recent vulnerabilities in libpurple/pidgin
Wed, 22 Oct 2014
[ 08:54 matthew ] Original commit 
371350 security/vuxml/vuln.xml
Document cross site scripting vulnerabilities in phpMyAdmin

Security:	25b78f04-59c8-11e4-b711-6805ca0b3d42
Tue, 21 Oct 2014
[ 13:58 madpilot ] Original commit 
371321 security/vuxml/vuln.xml
Document asterisk susceptibility to the POODLE vulnerability,
described in CVE-2014-3566.
Sat, 18 Oct 2014
[ 12:52 kwm ] Original commit 
371119 security/vuxml/vuln.xml
Document libxml2 denial of service
Fri, 17 Oct 2014
[ 14:34 xmj ] Original commit 
371059 security/vuxml/vuln.xml
Add linux-c6-openssl to OpenSSL entry from 2014-10-15.

Approved by:	swills (mentor)
Thu, 16 Oct 2014
[ 18:19 flo ] Original commit 
371012 security/vuxml/vuln.xml
Document critical SQL Injection Vulnerability in www/drupal7
[ 10:34 beat ] Original commit 
370992 security/vuxml/vuln.xml
- Mark libxul as vulnerable too

Submitted by:	Jan Beich
Wed, 15 Oct 2014
[ 17:59 delphij ] Original commit 
370938 security/vuxml/vuln.xml
Document OpenSSL multiple vulnerabilities.
[ 11:46 beat ] Original commit 
370908 security/vuxml/vuln.xml
Document mozilla vulnerabilities

PR:		194356
Submitted by:	Jan Beich
Thu, 9 Oct 2014
[ 13:09 feld ] Original commit 
370524 security/vuxml/vuln.xml
Add entry for foreman-proxy

Obtained from:	mmoll
Wed, 8 Oct 2014
[ 08:32 rene ] Original commit 
370422 security/vuxml/vuln.xml
Document new vulnerabilities in www/chromium < 38.0.2125.101

Obtained
from:	http://googlechromereleases.blogspot.nl/2014/10/stable-channel-update.html
MFH:		2014Q4
Mon, 6 Oct 2014
[ 19:09 ohauer ] Original commit 
370209 security/vuxml/vuln.xml
- document bugzilla security issues
Thu, 2 Oct 2014
[ 21:14 bdrewery ] Original commit 
369863 security/vuxml/vuln.xml
Fix rsyslog entry for pkgname matching
[ 19:59 matthew ] Original commit 
369859 security/vuxml/vuln.xml
www/rt42 < 4.2.8 is vulnerable to shellshock related exploits through
its SMIME integration.

Security:	81e2b308-4a6c-11e4-b711-6805ca0b3d42
[ 19:30 brd ] Original commit 
369853 security/vuxml/vuln.xml
- Update the rsyslog entry to reflect the new versions

Reviewed by:	bdrewery
[ 01:06 bdrewery ] Original commit 
369793 security/vuxml/vuln.xml
Update Jenkins entry 549a2771-49cc-11e4-ae2c-c80aa9043978 to be readable.
[ 00:54 bdrewery ] Original commit 
369791 security/vuxml/vuln.xml
Update grammar of DoS in Jenkins entry

Number of commits found: 3521 (showing only 100 on this page)

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11  »  [Last Page]

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
ifmail*May 01
powerdnsMay 01
powerdns-recursorMay 01
squid*May 01
chromiumApr 28
chromiumApr 27
php5Apr 25
php55Apr 25
php56Apr 25
wpa_supplicantApr 25
wordpress*Apr 24
wordpress*Apr 24
wordpress*Apr 24
wordpress*Apr 24
wordpress-zh_CN*Apr 24

12 vulnerabilities affecting 30 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 24716
Broken 244
Deprecated 46
Ignore 513
Forbidden 1
Restricted 204
No CDROM 95
Vulnerable 20
Expired 0
Set to expire 37
Interactive 0
new 24 hours 3
new 48 hours9
new 7 days25
new fortnight41
new month77

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.