notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Ukraine
Some details on the 2023-01-16 website outage.
We just rebooted with several updates: * new HMTLify code * no port maintainer is now highly visible (e.g. https://freshports.org/security/sssd/) * fixed search logic error when using plain/ text details at https://github.com/FreshPorts/freshports/releases/tag/2.2.34
non port: net-p2p/transmission-cli/files/patch-fix_dns_rebinding_vuln
SVNWeb

Number of commits found: 2

Wed, 28 Feb 2018
[ 21:09 crees search for other commits by this committer ] Original commit   Revision:463262
net-p2p/transmission-cli: Update to 2.93

 - Includes DNS rebinding fix
 - Fixes OpenSSL 1.1 compat

Note that the previous version was no longer vulnerable as FreeBSD had
patches, but this reports the correct version to trackers as some were
banned.

PR:		ports/225917
PR:		ports/225915
Sun, 14 Jan 2018
[ 22:35 woodsb02 search for other commits by this committer ] Original commit   Revision:459011
net-p2p/transmission-daemon: Mitigate DNS rebinding attack

Incorporate upstream pull request 468, proposed by Tavis Ormandy from
Google Project Zero, which mitigates this attack by requiring a host
whitelist for requests that cannot be proven to be secure, but it can
be disabled if a user does not want security.

PR:		225150
Submitted by:	Tavis Ormandy
Approved by:	crees (maintainer)
Obtained
from:	https://github.com/transmission/transmission/pull/468#issuecomment-357098126
MFH:		2018Q1
Security:	https://www.vuxml.org/freebsd/3e5b8bd3-0c32-452f-a60e-beab7b762351.html

Number of commits found: 2