FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

non port: head/security/vuxml/vuln.xml
SVNWeb

Number of commits found: 4299 (showing only 100 on this page)

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11  »  [Last Page]

Fri, 22 Jul 2016
[ 20:30 rene ] Original commit 
418932 security/vuxml/vuln.xml
Document new vulnerabilities in www/chromium < 52.0.2743.82

Obtained
from:	https://googlechromereleases.blogspot.nl/2016/07/stable-channel-update.html
[ 00:22 cy ] Original commit 
418902 security/vuxml/vuln.xml
Document a rare KDC denial of service vulnerability when anonymous
client principals are restricted to obtaining TGTs only [CVE-2016-3120]

URL:		http://web.mit.edu/kerberos/krb5-1.14/
Security:	CVE-2016-3120
Thu, 21 Jul 2016
[ 18:25 brnrd ] Original commit 
418887 security/vuxml/vuln.xml
security/vuxml: Current mysql57 is NOT vulnerable

PR:		211248
[ 18:04 truckman ] Original commit 
418884 security/vuxml/vuln.xml
Apache OpenOffice CVE-2016-1513 Memory Corruption Vulnerability
(Impress Presentations)
[ 14:58 brnrd ] Original commit 
418877 security/vuxml/vuln.xml
security/vuxml: Add MySQL vulnerabilities from quarterly update

  - Add MariaDB ports
  - Add Percona ports

PR:		211248
[ 14:23 feld ] Original commit 
418876 security/vuxml/vuln.xml
Properly cancel the httpoxy vuxml entry
Wed, 20 Jul 2016
[ 12:25 feld ] Original commit 
418834 security/vuxml/vuln.xml
Remove HTTPoxy entry in vuxml until a we know if upstream vendors will
patch this so things aren't marked vulnerable forever.
Tue, 19 Jul 2016
[ 12:55 tz ] Original commit 
418774 security/vuxml/vuln.xml
www/typo3 and www/typo3-lts: Document missing access check in Extbase

PR:          210870, 210871
Security:    CVE-2016-5091
Security:   
https://vuxml.freebsd.org/freebsd/3caf4e6c-4cef-11e6-a15f-00248c0c745d.html
Approved by: junovitch (mentor)
[ 06:43 brnrd ] Original commit 
418762 security/vuxml/vuln.xml
net/haproxy: Mark vulnerable to httpoxy in vuxml

Security:	cf0b5668-4d1b-11e6-b2ec-b499baebfeaf
Mon, 18 Jul 2016
[ 20:38 brnrd ] Original commit 
418747 security/vuxml/vuln.xml
lang/go: Mark 1.6.3 as NOT vulnerable to httpoxy

  - Version 1.6.3 includes fix for "httpoxy" [1]

1: https://groups.google.com/forum/#!topic/golang-announce/7jZDOQ8f8tM

Security:	cf0b5668-4d1b-11e6-b2ec-b499baebfeaf
Security:	CVE-2016-5386
[ 20:15 brnrd ] Original commit 
418744 security/vuxml/vuln.xml
www/apache24: Fix httpoxy vulnerability (+2.2)

  - Mark new Apache revisions not vulnerable
  - Add apache22-mpm-* ports
  - Add Apache CVE-number

Security:       cf0b5668-4d1b-11e6-b2ec-b499baebfeaf
Security:       CVE-2016-5387
[ 19:47 brnrd ] Original commit 
418737 security/vuxml/vuln.xml
httpoxy: Mark ports as vulnerable

  - apache22, apache24, go, go14, php55, php56, php70, python27, python33,
    python34, python35, nginx are all vulnerable.
  - No new versions fixing the HTTP Proxy header vulnerability
[ 17:36 bdrewery ] Original commit 
418723 security/vuxml/vuln.xml
Fix CVE-2016-0772 entry to not blame only Python 2.7
Sat, 16 Jul 2016
[ 02:26 junovitch ] Original commit 
418617 security/vuxml/vuln.xml
Document security issues from ATutor 2.2.1 and 2.2.2 changelog

Security:	https://vuxml.FreeBSD.org/freebsd/00cb1469-4afc-11e6-97ea-002590263bf5.html
Security:	https://vuxml.FreeBSD.org/freebsd/ffa8ca79-4afb-11e6-97ea-002590263bf5.html
[ 01:08 junovitch ] Original commit 
418615 security/vuxml/vuln.xml
Update Drupal SA-CORE-2016-002 with the assigned CVEs

PR:		210317
Security:	CVE-2016-6211
Security:	CVE-2016-6212
Security:	https://vuxml.FreeBSD.org/freebsd/7932548e-3427-11e6-8e82-002590263bf5.html
[ 00:59 junovitch ] Original commit 
418612 security/vuxml/vuln.xml
Document Flash vulnerabilities in Adobe Security Bulletins APSB16-25

Security:	CVE-2016-4172
Security:	CVE-2016-4173
Security:	CVE-2016-4174
Security:	CVE-2016-4175
Security:	CVE-2016-4176
Security:	CVE-2016-4177
Security:	CVE-2016-4178
Security:	CVE-2016-4179
Security:	CVE-2016-4180
Security:	CVE-2016-4181
Security:	CVE-2016-4182
Security:	CVE-2016-4183
Security:	CVE-2016-4184
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Fri, 15 Jul 2016
[ 17:13 feld ] Original commit 
418592 security/vuxml/vuln.xml
Rename vuxml entry, add new detailed reference as primary.

This new reference has much more detailed information. It appears even
the latest version of struts is affected and this may affect many
products using the Apache Commons FileUpload Utility such as Jenkins,
Lucene-Solr, etc. Unfortunately it's difficult to identify which version
of the Apache Commons FileUpload Utility products may have, so this vuxml
may be expanded as more products are successfully identified.

PR:		211105
Security:	CVE-2016-3092
[ 16:56 feld ] Original commit 
418591 security/vuxml/vuln.xml
Package name for jakarta-struts is actually apache-struts

Pointyhat:	me

PR:		211105
[ 16:54 feld ] Original commit 
418590 security/vuxml/vuln.xml
Also add jakara-struts to the vuxml entry for CVE-2016-3092

PR:		211105
[ 16:48 feld ] Original commit 
418589 security/vuxml/vuln.xml
Document tomcat vulnerability

PR:		211105
Security:	CVE-2016-3092
[ 16:41 feld ] Original commit 
418588 security/vuxml/vuln.xml
Document libreoffice vulnerability

PR:		211111
Security:	CVE-2016-4324
[ 16:34 feld ] Original commit 
418587 security/vuxml/vuln.xml
Update name in vuxml of person who reported CVE-2016-5102
[ 16:19 feld ] Original commit 
418584 security/vuxml/vuln.xml
Document tiff vulnerabilities

Security:	CVE-2016-5102
Security:	CVE-2016-5875
Security:	CVE-2016-3186

PR:		211113
[ 11:23 rakuco ] Original commit 
418575 security/vuxml/vuln.xml
Document CVE-2016-2334 and CVE-2016-2335 in archivers/p7zip.

PR:		211114
Wed, 13 Jul 2016
[ 01:26 timur ] Original commit 
418454 security/vuxml/vuln.xml
Add information about CVE-2016-2119 vulnerability in Samba suits.

Security:	CVE-2016-2119
Mon, 11 Jul 2016
[ 15:31 tz ] Original commit 
418386 security/vuxml/vuln.xml
rubygem-ruby-saml: Document XML signature wrapping attack

Security:    CVE-2016-5697
Security:
https://vuxml.freebsd.org/freebsd/3fcd52b2-4510-11e6-a15f-00248c0c745d.html
Approved by: junovitch (mentor)
Thu, 7 Jul 2016
[ 03:36 lwhsu ] Original commit 
418159 security/vuxml/vuln.xml
- Fix affected versions of qemu and qemu-devel

Reviewed by:	junovitch
[ 01:44 junovitch ] Original commit 
418154 security/vuxml/vuln.xml
Document remote denial of service in quassel

PR:		209218
Security:	CVE-2016-4414
Security:	https://vuxml.FreeBSD.org/freebsd/7d64d00c-43e3-11e6-ab34-002590263bf5.html
Tue, 5 Jul 2016
[ 17:59 ohauer ] Original commit 
418099 security/vuxml/vuln.xml
- document apache24 H2/X509 sec. issue.

  The sec. issue is only present if the port was built with
  non default settings (experimental H2 feature) and
  used in combination with X509 client auth!
Mon, 4 Jul 2016
[ 19:02 junovitch ] Original commit 
418049 security/vuxml/vuln.xml
Document Xen Security Advisories (XSAs 173, 175, 176, 178, 179, and 180).

XSAs 171, 172, 174, and 181 are not applicable to FreeBSD.

Discussed with:	royger
Security:	CVE-2014-3672
Security:	CVE-2016-3710
Security:	CVE-2016-3712
Security:	CVE-2016-4963
Security:	CVE-2016-4480
Security:	CVE-2016-4962
Security:	CVE-2016-3960
Security:	https://vuxml.FreeBSD.org/freebsd/e800cd4b-4212-11e6-942d-bc5ff45d0f28.html
Security:	https://vuxml.FreeBSD.org/freebsd/e6ce6f50-4212-11e6-942d-bc5ff45d0f28.html
Security:	https://vuxml.FreeBSD.org/freebsd/e589ae90-4212-11e6-942d-bc5ff45d0f28.html
Security:	https://vuxml.FreeBSD.org/freebsd/e43b210a-4212-11e6-942d-bc5ff45d0f28.html
Security:	https://vuxml.FreeBSD.org/freebsd/e2fca11b-4212-11e6-942d-bc5ff45d0f28.html
Security:	https://vuxml.FreeBSD.org/freebsd/d51ced72-4212-11e6-942d-bc5ff45d0f28.html
[ 13:40 junovitch ] Original commit 
418026 security/vuxml/vuln.xml
Update wnpa-sec-2016-12 through wnpa-sec-2016-18 with CVE assignment for
issues fixed in Wireshark 2.0.2

While here, fix bad copy/paste on upstream URL when the entry was made.

Security:	CVE-2016-4415
Security:	CVE-2016-4416
Security:	CVE-2016-4417
Security:	CVE-2016-4418
Security:	CVE-2016-4419
Security:	CVE-2016-4420
Security:	CVE-2016-4421
Secuirty:	https://vuxml.FreeBSD.org/freebsd/45117749-df55-11e5-b2bd-002590263bf5.html
[ 13:32 junovitch ] Original commit 
418025 security/vuxml/vuln.xml
Update wnpa-sec-2016-19 through wnpa-sec-2016-27 with CVE assignment for
issues fixed in Wireshark 2.0.3

Security:	CVE-2016-4006
Security:	CVE-2016-4076
Security:	CVE-2016-4077
Security:	CVE-2016-4078
Security:	CVE-2016-4079
Security:	CVE-2016-4080
Security:	CVE-2016-4081
Security:	CVE-2016-4082
Security:	CVE-2016-4083
Security:	CVE-2016-4084
Security:	https://vuxml.FreeBSD.org/freebsd/7e36c369-10c0-11e6-94fa-002590263bf5.html
[ 13:25 junovitch ] Original commit 
418023 security/vuxml/vuln.xml
Document wnpa-sec-2016-29 through wnpa-sec-2016-37 for issues fixed in
Wireshark 2.0.4

Security:	CVE-2016-5350
Security:	CVE-2016-5351
Security:	CVE-2016-5352
Security:	CVE-2016-5353
Security:	CVE-2016-5354
Security:	CVE-2016-5355
Security:	CVE-2016-5356
Security:	CVE-2016-5357
Security:	CVE-2016-5358
Security:	https://vuxml.FreeBSD.org/freebsd/313e9557-41e8-11e6-ab34-002590263bf5.html
[ 01:46 junovitch ] Original commit 
418007 security/vuxml/vuln.xml
Add fixed entries for Python 2.7, 3.4, 3.5 for urllib vulnerability.

Reset 3.3 as unfixed.

PR:		210539
PR:		210541
Reported by:	Vladimir Krstulja <vlad-fbsd@acheronmedia.com>
Security:	CVE-2016-5699
Security:	https://vuxml.FreeBSD.org/freebsd/a61374fc-3a4d-11e6-a671-60a44ce6887b.html
Sun, 3 Jul 2016
[ 23:13 junovitch ] Original commit 
418004 security/vuxml/vuln.xml
Update earlier openvswitch entry with version fixed in ports

PR:		208404
Reported by:	ohauer
Security:	CVE-2016-2074
Security:	https://vuxml.FreeBSD.org/freebsd/b53bbf58-257f-11e6-9f4d-20cf30e32f6d.html
[ 22:57 junovitch ] Original commit 
418003 security/vuxml/vuln.xml
Document multiple security advisories for Moodle

Security:	CVE-2016-3729
Security:	CVE-2016-3731
Security:	CVE-2016-3732
Security:	CVE-2016-3733
Security:	CVE-2016-3734
Security:	https://vuxml.FreeBSD.org/freebsd/8656cf5f-4170-11e6-8dfe-002590263bf5.html
[ 21:21 feld ] Original commit 
417998 security/vuxml/vuln.xml
Document icingaweb2 vulnerability
[ 19:31 junovitch ] Original commit 
417995 security/vuxml/vuln.xml
Fix date from r417994 (2016 not 2015)
[ 19:30 junovitch ] Original commit 
417994 security/vuxml/vuln.xml
Document authorization logic vulnerability in Apache Hive

PR:		207173
Security:	CVE-2015-7521
Security:	https://vuxml.FreeBSD.org/freebsd/a5c204b5-4153-11e6-8dfe-002590263bf5.html
[ 18:44 junovitch ] Original commit 
417989 security/vuxml/vuln.xml
Document SQLite3 tempdir selection vulnerability

PR:		210751
Submitted by:	Vladimir Krstulja <vlad-fbsd@acheronmedia.com>
Security:	CVE-2016-6153
Security:	https://vuxml.FreeBSD.org/freebsd/546deeea-3fc6-11e6-a671-60a44ce6887b.html
[ 09:28 brnrd ] Original commit 
417962 security/vuxml/vuln.xml
security/vuxml: Add Python smtplib TLS stripping vuln

PR:		210685
Submitted by:	brnrd
Security:	CVE-2016-0772
Security:	8d5368ef-40fe-11e6-b2ec-b499baebfeaf
Fri, 1 Jul 2016
[ 15:22 matthew ] Original commit 
417890 security/vuxml/vuln.xml
Belatedly document 12 security advisories about phpMyAdmin.
Severities range from 'non-critical' to 'severe'
Thu, 30 Jun 2016
[ 22:55 feld ] Original commit 
417856 security/vuxml/vuln.xml
Document haproxy vulnerability

Security:	CVE-2016-5360
[ 22:47 feld ] Original commit 
417850 security/vuxml/vuln.xml
Document libtorrent-rasterbar vulnerability

Security:	CVE-2016-5301
[ 22:42 feld ] Original commit 
417849 security/vuxml/vuln.xml
Modify dnsmasq vuxml entry

The vulnerable version range was not matching correctly for the devel
port.
[ 22:32 feld ] Original commit 
417845 security/vuxml/vuln.xml
Document expat2 vulnerability

Security:	CVE-2016-4472
[ 22:10 feld ] Original commit 
417844 security/vuxml/vuln.xml
Document dnsmasq vulnerability

Security:	CVE-2015-8899
[ 21:08 feld ] Original commit 
417843 security/vuxml/vuln.xml
Document python vulnerability

PR:		210541
Security:	CVE-2016-5699
[ 20:52 feld ] Original commit 
417842 security/vuxml/vuln.xml
Document openssl vulnerability

PR:		210550
Security:	CVE-2016-2177
Sun, 26 Jun 2016
[ 18:13 junovitch ] Original commit 
417596 security/vuxml/vuln.xml
Document remote denial of service via FileUpload component in Tomcat

PR:		209669 [1]
Reported by:	Geoffroy Desvernay <dgeo@centrale-marseille.fr> [1]
Reported by:	Roger Marquis <marquis@roble.com>
Security:	CVE-2016-3092
Security:	https://vuxml.FreeBSD.org/freebsd/cbceeb49-3bc7-11e6-8e82-002590263bf5.html
Sat, 25 Jun 2016
[ 23:17 junovitch ] Original commit 
417499 security/vuxml/vuln.xml
Document Wordpress vulnerabilities fixed in 4.5.3

PR:             210480 [1]
PR:             210581
Reported by:	Mihail Timofeev <9267096@gmail.com> [1]
Security:	CVE-2016-5832
Security:	CVE-2016-5833
Security:	CVE-2016-5834
Security:	CVE-2016-5835
Security:	CVE-2016-5836
Security:	CVE-2016-5837
Security:	CVE-2016-5838
Security:	CVE-2016-5839
Security:	https://vuxml.FreeBSD.org/freebsd/bfcc23b6-3b27-11e6-8e82-002590263bf5.html
[ 22:18 junovitch ] Original commit 
417490 security/vuxml/vuln.xml
Docment security issues fixed in PHP 7.0.8, 5.6.23, and 5.5.37

PR:		210491
PR:		210502
Reported by:	Vladimir Krstulja <vlad-fbsd@acheronmedia.com>
Reported by:	Philip Jocks <freebsdbugs@filis.org>
Security:	CVE-2015-8874
Security:	CVE-2016-5766
Security:	CVE-2016-5767
Security:	CVE-2016-5768
Security:	CVE-2016-5769
Security:	CVE-2016-5770
Security:	CVE-2016-5771
Security:	CVE-2016-5772
Security:	CVE-2016-5773
Security:	https://vuxml.FreeBSD.org/freebsd/66d77c58-3b1d-11e6-8e82-002590263bf5.html
Thu, 23 Jun 2016
[ 16:55 feld ] Original commit 
417391 security/vuxml/vuln.xml
Fix vuxml

I didn't validate after updating "foo reports:" line

Pointyhat:	me
[ 16:25 feld ] Original commit 
417384 security/vuxml/vuln.xml
Document libarchive vulnerabilities

PR:		210493
Security:	CVE-2015-8934
Security:	CVE-2016-4300
Security:	CVE-2016-4301
Security:	CVE-2016-4302
[ 15:52 feld ] Original commit 
417381 security/vuxml/vuln.xml
Add piwik XSS to vuxml

No further information is available. No CVE has been assigned.

PR:		210458
Tue, 21 Jun 2016
[ 08:34 vd ] Original commit 
417193 security/vuxml/vuln.xml
Followup to r417190 - all versions of wget<1.18 are affected
[ 08:16 vd ] Original commit 
417190 security/vuxml/vuln.xml
Document ftp/wget's HTTP to FTP redirection file name confusion vulnerability

PR:		210420
Submitted by:	Vladimir Krstulja <vlad-fbsd@acheronmedia.com>
Security:	CVE-2016-4971
Mon, 20 Jun 2016
[ 19:08 feld ] Original commit 
417173 security/vuxml/vuln.xml
Update vuxml for libxslt vulnerabilities

These vulnerabilities were previously reported by Google as they bundle
libxslt with Chrome. When we patched Chromium to address these
vulnerabilites it was overlooked that we do not bundle libxslt library
with Chromium, but instead use textproc/libxslt. Chromium users have
continued to be vulnerable to these CVEs as a result. This update fixes
the Chromium CVE entry and adds a separate one for libxslt.

PR:		210298
Security:	CVE-2016-1683
Security:	CVE-2016-1684
Sun, 19 Jun 2016
[ 09:03 brnrd ] Original commit 
417104 security/vuxml/vuln.xml
Update security/libressl vulnerability for quarterly branch

  - Mark vulnerable from 2.3.0 up to 2.3.6
  - Mark vulnerable below 2.2.9
[ 02:57 junovitch ] Original commit 
417097 security/vuxml/vuln.xml
Document Flash vulnerabilities in Adobe Security Bulletins APSB16-10,
APSB16-15, APSB16-18

PR:		209592
Reported by:	Sevan Janiyan <venture37@geeklan.co.uk>
Security:	CVE-2016-1006, CVE-2016-1011, CVE-2016-1012, CVE-2016-1013,
		CVE-2016-1014, CVE-2016-1015, CVE-2016-1016, CVE-2016-1017,
		CVE-2016-1018, CVE-2016-1019, CVE-2016-1020, CVE-2016-1021,
		CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025,
		CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029,
		CVE-2016-1030, CVE-2016-1031, CVE-2016-1032, CVE-2016-1033,
		CVE-2016-1096, CVE-2016-1097, CVE-2016-1098, CVE-2016-1099,
		CVE-2016-1100, CVE-2016-1101, CVE-2016-1102, CVE-2016-1103,
		CVE-2016-1104, CVE-2016-1105, CVE-2016-1106, CVE-2016-1107,
		CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108,
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Fri, 17 Jun 2016
[ 19:44 feld ] Original commit 
417031 security/vuxml/vuln.xml
Fix vuxml <cvename> syntax for recent Chrome entry
[ 19:14 rene ] Original commit 
417023 security/vuxml/vuln.xml
Document new vulnerabilities in www/chromium < 51.0.2704.103

Obtained
from:	https://googlechromereleases.blogspot.nl/2016/06/stable-channel-update_16.html
[ 17:03 rm ] Original commit 
417018 security/vuxml/vuln.xml
Document integer overflow in python's zipimport module

PR:		210324
Submitted by:	Vladimir Krstulja <vlad-fbsd@acheronmedia.com>
Security:	CVE-2016-5636
[ 01:12 junovitch ] Original commit 
416988 security/vuxml/vuln.xml
Document Drupal vulnerabilities

PR:		210317
Reported by:	Vladimir Krstulja <vlad-fbsd@acheronmedia.com>
Security:	https://www.drupal.org/SA-CORE-2016-002
Security:	https://vuxml.FreeBSD.org/freebsd/7932548e-3427-11e6-8e82-002590263bf5.html
Tue, 14 Jun 2016
[ 01:48 junovitch ] Original commit 
416872 security/vuxml/vuln.xml
Document multiple issues in Botan

PR:		209595
Reported by:	Sevan Janiyan <venture37@geeklan.co.uk>
Security:	CVE-2015-7827
Security:	CVE-2016-2849
Security:	https://vuxml.FreeBSD.org/freebsd/ac0900df-31d0-11e6-8e82-002590263bf5.html
Security:	CVE-2014-9742
Security:	https://vuxml.FreeBSD.org/freebsd/f771880c-31cf-11e6-8e82-002590263bf5.html
Mon, 13 Jun 2016
[ 19:21 feld ] Original commit 
416861 security/vuxml/vuln.xml
Update vuxml

A backported fix was added to security/openssl
Sat, 11 Jun 2016
[ 10:10 riggs ] Original commit 
416712 security/vuxml/vuln.xml
Document remote code execution vulnerability in multimedia vlc before 2.2.4
Fri, 10 Jun 2016
[ 01:57 jbeich ] Original commit 
416651 security/vuxml/vuln.xml
Chase MFSA typo fix
[ 01:15 junovitch ] Original commit 
416647 security/vuxml/vuln.xml
Document cross-site scripting CVE in Roundcube

PR:		209841
Reported by:	Vladimir Krstulja <vlad-fbsd@acheronmedia.com>
Security:	CVE-2016-5103
Security:	https://vuxml.FreeBSD.org/freebsd/97e86d10-2ea7-11e6-ae88-002590263bf5.html
Thu, 9 Jun 2016
[ 21:03 brnrd ] Original commit 
416631 security/vuxml/vuln.xml
Add entry for CVE-2016-2178 OpenSSL vulnerability

Security:	CVE-2016-2178
[ 03:39 junovitch ] Original commit 
416582 security/vuxml/vuln.xml
Fill in <freebsdpr> tag on last entry; I staged it prior to opening the PR
for tracking and forgot to fill it in pre-commit.

PR:		210155
[ 03:28 junovitch ] Original commit 
416580 security/vuxml/vuln.xml
Document two expat CVEs reported by upstream

PR:		210155
Reported by:	Sebastian Pipping <sebastian@pipping.org>
Security:	CVE-2012-6702
Security:	CVE-2016-5300
Security:	https://vuxml.FreeBSD.org/freebsd/c9c252f5-2def-11e6-ae88-002590263bf5.html
Wed, 8 Jun 2016
[ 20:32 bmah ] Original commit 
416563 security/vuxml/vuln.xml
Add entry for recent iperf3 vulnerability.

Security:	d6bbf2d8-2cfc-11e6-800b-080027468580
Sponsored by:	ESnet
Tue, 7 Jun 2016
[ 16:37 tijl ] Original commit 
416515 security/vuxml/vuln.xml
Document GNUTLS-SA-2016-1.
[ 16:34 jbeich ] Original commit 
416514 security/vuxml/vuln.xml
Document recent Firefox vulnerabilities
Mon, 6 Jun 2016
[ 22:32 feld ] Original commit 
416490 security/vuxml/vuln.xml
Fix cvename entries
[ 21:08 rene ] Original commit 
416488 security/vuxml/vuln.xml
Document new vulnerabilities in www/chromium < 51.0.2704.79

Obtained
from:	http://googlechromereleases.blogspot.nl/2016/06/stable-channel-update.html
Sun, 5 Jun 2016
[ 18:59 tijl ] Original commit 
416417 security/vuxml/vuln.xml
The Expat vulnerability also affects linux-*-expat.
[ 18:04 junovitch ] Original commit 
416410 security/vuxml/vuln.xml
Document OpenAFS vulnerabilities in 1.6.16 and 1.6.17

PR:		209534
Reported by:	Sevan Janiyan <venture37@geeklan.co.uk>
Security:	CVE-2015-8312
Security:	CVE-2016-2860
Security:	CVE-2016-4536
Security:	https://vuxml.FreeBSD.org/freebsd/2e8fe57e-2b46-11e6-ae88-002590263bf5.html
Security:	https://vuxml.FreeBSD.org/freebsd/bcbd3fe0-2b46-11e6-ae88-002590263bf5.html
[ 17:44 junovitch ] Original commit 
416408 security/vuxml/vuln.xml
Fixup invalid nginx version from r416222; it needed a PORTEPOCH to be valid.
Add version range valid for backported commit on 1.8 and 1.9 in quarterly.

Security:	CVE-2016-4450
Security:	https://vuxml.FreeBSD.org/freebsd/36cf7670-2774-11e6-af29-f0def16c5c1b.html
[ 16:36 junovitch ] Original commit 
416397 security/vuxml/vuln.xml
Document ikiwiki XSS vulnerability

PR:		209593
Reported by:	Sevan Janiyan <venture37@geeklan.co.uk>
Security:	CVE-2016-4561
Security:	https://vuxml.FreeBSD.org/freebsd/0297b260-2b3b-11e6-ae88-002590263bf5.html
Wed, 1 Jun 2016
[ 22:49 zi ] Original commit 
416260 security/vuxml/vuln.xml
- Document vulnerability in www/h2o

PR:		209926
Submitted by:	Dave Cottlehuber (maintainer)
Tue, 31 May 2016
[ 21:50 osa ] Original commit 
416223 security/vuxml/vuln.xml
Fix latest cacti entry.

Found by:	make validate
No cookie for:	brnrd
[ 21:44 osa ] Original commit 
416222 security/vuxml/vuln.xml
Add an entry about latest nginx vulnerability.
[ 20:00 brnrd ] Original commit 
416215 security/vuxml/vuln.xml
security/vuxml: Modify libressl < 2.3.4 range

  - Change existing range to >2.3.0 and <2.3.4
  - Add <2.2.7 range
  - Update modified date

This addresses pkg audit showing LibreSSL 2.2.7 as vulnerable
Sun, 29 May 2016
[ 19:01 pi ] Original commit 
416120 security/vuxml/vuln.xml
Document security issues fixed in cacti 0.8.8h

PR:		209809
Reported by:	Daniel Austin <freebsd-ports@dan.me.uk>
Security:	CVE-2016-3659
Security:	https://vuxml.FreeBSD.org/freebsd/6167b341-250c-11e6-a6fb-003048f2e514.html
[ 09:46 ohauer ] Original commit 
416090 security/vuxml/vuln.xml
- document openvswitch CVE-2016-2074

PR:		208404
Submitted by:	ohauer
Sat, 28 May 2016
[ 10:14 rene ] Original commit 
415981 security/vuxml/vuln.xml
Document vulnerabilities in www/chromium:
 < 50.0.2661.94
 < 50.0.2661.102
 < 51.0.2704.63

Obtained from:	http://googlechromereleases.blogspot.nl/
[ 01:40 junovitch ] Original commit 
415969 security/vuxml/vuln.xml
Document security issues fixed in PHP 7.0.7, 5.6.22, and 5.5.36

PR:		209779
Reported by:	Fabiano Sidler <fabianosidler@swissonline.ch>
Security:	CVE-2013-7456
Security:	CVE-2016-4343
Security:	CVE-2016-5093
Security:	CVE-2016-5094
Security:	CVE-2016-5096
Security:	https://vuxml.FreeBSD.org/freebsd/6b110175-246d-11e6-8dd3-002590263bf5.html
Thu, 26 May 2016
[ 20:01 matthew ] Original commit 
415913 security/vuxml/vuln.xml
Add CVE names for the latest phpMyAdmin advisories, not that they have
been released.
[ 06:57 matthew ] Original commit 
415876 security/vuxml/vuln.xml
fix typo.
Wed, 25 May 2016
[ 21:06 matthew ] Original commit 
415865 security/vuxml/vuln.xml
Document two more phpMyAdmin vulnerabilities: PMSA-2016-14 and
PMSA-2016-16.

(For anyone wondering about the suspicious gap in the sequence:
PMSA-2016-15 only affected unreleased code in their git master
development branch)
Tue, 24 May 2016
[ 01:57 junovitch ] Original commit 
415757 security/vuxml/vuln.xml
Document security announcement from MediaWiki 1.26.3, 1.25.6, and
1.23.14 release.
Fri, 20 May 2016
[ 01:22 junovitch ] Original commit 
415536 security/vuxml/vuln.xml
Document wpa_supplicant security advisory 2016-1

PR:		209564
Reported by:	Sevan Janiyan <venture37@geeklan.co.uk>
Security:	CVE-2016-4477
Security:	CVE-2016-4476
Security:	https://vuxml.FreeBSD.org/freebsd/967b852b-1e28-11e6-8dd3-002590263bf5.html
[ 01:07 junovitch ] Original commit 
415533 security/vuxml/vuln.xml
Document Expat XML Parser crash on malformed input

Security:	CVE-2016-0718
Security:	https://vuxml.FreeBSD.org/freebsd/57b3aba7-1e25-11e6-8dd3-002590263bf5.html
Tue, 17 May 2016
[ 18:32 ohauer ] Original commit 
415406 security/vuxml/vuln.xml
- document bugzilla Cross-Site Scripting issue
Sat, 14 May 2016
[ 08:46 mandree ] Original commit 
415181 security/vuxml/vuln.xml
Mark openvpn-polarssl <v2.3.11 vulnerable, too, not just openvpn.

Security: 0dc8be9e-19af-11e6-8de0-080027ef73ec
[ 08:43 mandree ] Original commit 
415180 security/vuxml/vuln.xml
Mark OpenVPN before 2.3.11 vulnerable.

v2.3.11 fixed a buffer overrun in PAM authentication,
and a port-share bug with denial-of-service potential.
Fri, 13 May 2016
[ 12:51 feld ] Original commit 
415105 security/vuxml/vuln.xml
Fix vuxml
[ 12:43 kwm ] Original commit 
415104 security/vuxml/vuln.xml
Add basic imagemagick entry.

Number of commits found: 4299 (showing only 100 on this page)

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11  »  [Last Page]

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
krb5-113*Jul 26
krb5-114*Jul 26
php55Jul 26
php55-bz2Jul 26
php55-exifJul 26
php55-gdJul 26
php55-odbcJul 26
php55-snmpJul 26
php55-xmlrpcJul 26
php55-zipJul 26
php56Jul 26
php56-bz2Jul 26
php56-exifJul 26
php56-gdJul 26
php56-odbcJul 26

19 vulnerabilities affecting 59 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 26078
Broken 81
Deprecated 122
Ignore 352
Forbidden 0
Restricted 201
No CDROM 83
Vulnerable 70
Expired 10
Set to expire 109
Interactive 0
new 24 hours 0
new 48 hours7
new 7 days26
new fortnight60
new month163

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.