FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  375358
Date:      2014-12-23
Time:      21:24:55Z
Committer: rea

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
c89a3ebb-ae07-11dd-b4b2-001f3c8eabebtrac -- potential DOS vulnerability

Trac development team reports:

0.11.2 is a new stable maintenance release. It contains several security fixes and everyone is recommended to upgrade their installations.

Bug fixes:

Fixes potential DOS vulnerability with certain wiki markup.


Discovery 2008-11-08
Entry 2008-11-09
trac
lt 0.11.2

ja-trac
lt 0.11.2

http://groups.google.com/group/trac-announce/browse_thread/thread/67f7a22ec818d97d
e546c7ce-ce46-11db-bc24-0016179b2dd5trac -- cross site scripting vulnerability

Secunia reports:

The vulnerability is caused due to an error within the "download wiki page as text" function, which can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Successful exploitation may require that the victim uses IE.


Discovery 2007-03-09
Entry 2007-03-09
trac
lt 0.10.3

ja-trac
lt 0.10.3_1

http://secunia.com/advisories/24470
http://trac.edgewall.org/wiki/ChangeLog#a0.10.3.1
b0d61f73-0e11-11db-a47b-000c2957fdf1trac -- reStructuredText breach of privacy and denial of service vulnerability

The Trac 0.9.6 Release Notes reports:

Fixed reStructuredText breach of privacy and denial of service vulnerability found by Felix Wiemann.

The discovered vulnerability requires docutils to be installed and enabled. Systems that do not have docutils installed or enabled are not vulnerable. As of this version version 0.3.9 or greater of docutils is required for using reStructuredText markup in Trac.


Discovery 2006-07-06
Entry 2006-07-07
Modified 2010-05-12
trac
ja-trac
lt 0.9.6

CVE-2005-3980
CVE-2005-4305
CVE-2005-4065
http://projects.edgewall.com/trac/wiki/ChangeLog
http://lists.edgewall.com/archive/trac-announce/2006-July/000013.html
c89a3ebb-ae07-11dd-b4b2-001f3c8eabebtrac -- potential DOS vulnerability

Trac development team reports:

0.11.2 is a new stable maintenance release. It contains several security fixes and everyone is recommended to upgrade their installations.

Bug fixes:

Fixes potential DOS vulnerability with certain wiki markup.


Discovery 2008-11-08
Entry 2008-11-09
trac
lt 0.11.2

ja-trac
lt 0.11.2

http://groups.google.com/group/trac-announce/browse_thread/thread/67f7a22ec818d97d
e546c7ce-ce46-11db-bc24-0016179b2dd5trac -- cross site scripting vulnerability

Secunia reports:

The vulnerability is caused due to an error within the "download wiki page as text" function, which can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Successful exploitation may require that the victim uses IE.


Discovery 2007-03-09
Entry 2007-03-09
trac
lt 0.10.3

ja-trac
lt 0.10.3_1

http://secunia.com/advisories/24470
http://trac.edgewall.org/wiki/ChangeLog#a0.10.3.1
b0d61f73-0e11-11db-a47b-000c2957fdf1trac -- reStructuredText breach of privacy and denial of service vulnerability

The Trac 0.9.6 Release Notes reports:

Fixed reStructuredText breach of privacy and denial of service vulnerability found by Felix Wiemann.

The discovered vulnerability requires docutils to be installed and enabled. Systems that do not have docutils installed or enabled are not vulnerable. As of this version version 0.3.9 or greater of docutils is required for using reStructuredText markup in Trac.


Discovery 2006-07-06
Entry 2006-07-07
Modified 2010-05-12
trac
ja-trac
lt 0.9.6

CVE-2005-3980
CVE-2005-4305
CVE-2005-4065
http://projects.edgewall.com/trac/wiki/ChangeLog
http://lists.edgewall.com/archive/trac-announce/2006-July/000013.html