| non port: security/portaudit-db/database/portaudit.txt |
Number of commits found: 120 (showing only 100 on this page) |
|
Monday, 5 Feb 2007
|
01:08 pav 
Populate a new ports-mgmt category. List of moved ports:
devel/portcheckout -> ports-mgmt/portcheckout
devel/portlint -> ports-mgmt/portlint
devel/portmk -> ports-mgmt/portmk
devel/porttools -> ports-mgmt/porttools
misc/instant-tinderbox -> ports-mgmt/instant-tinderbox
misc/porteasy -> ports-mgmt/porteasy
misc/portell -> ports-mgmt/portell
misc/portless -> ports-mgmt/portless
misc/tinderbox -> ports-mgmt/tinderbox
security/jailaudit -> ports-mgmt/jailaudit
security/portaudit -> ports-mgmt/portaudit
security/portaudit-db -> ports-mgmt/portaudit-db
security/vulnerability-test-port -> ports-mgmt/vulnerability-test-port
sysutils/barry -> ports-mgmt/barry
sysutils/bpm -> ports-mgmt/bpm
sysutils/kports -> ports-mgmt/kports
sysutils/managepkg -> ports-mgmt/managepkg
sysutils/newportsversioncheck -> ports-mgmt/newportsversioncheck
sysutils/pib -> ports-mgmt/pib
sysutils/pkgfe -> ports-mgmt/pkgfe
sysutils/pkg-orphan -> ports-mgmt/pkg-orphan
sysutils/pkg_cutleaves -> ports-mgmt/pkg_cutleaves
sysutils/pkg_install -> ports-mgmt/pkg_install
sysutils/pkg_install-devel -> ports-mgmt/pkg_install-devel
sysutils/pkg_remove -> ports-mgmt/pkg_remove
sysutils/pkg_rmleaves -> ports-mgmt/pkg_rmleaves
sysutils/pkg_trackinst -> ports-mgmt/pkg_trackinst
sysutils/pkg_tree -> ports-mgmt/pkg_tree
sysutils/portbrowser -> ports-mgmt/portbrowser
sysutils/portconf -> ports-mgmt/portconf
sysutils/portdowngrade -> ports-mgmt/portdowngrade
sysutils/portcheck -> ports-mgmt/portcheck
sysutils/portmanager -> ports-mgmt/portmanager
sysutils/portmaster -> ports-mgmt/portmaster
sysutils/portscout -> ports-mgmt/portscout
sysutils/portsearch -> ports-mgmt/portsearch
sysutils/portsman -> ports-mgmt/portsman
sysutils/portsnap -> ports-mgmt/portsnap
sysutils/portsopt -> ports-mgmt/portsopt
sysutils/portupgrade -> ports-mgmt/portupgrade
sysutils/portupgrade-devel -> ports-mgmt/portupgrade-devel
sysutils/port-authoring-tools -> ports-mgmt/port-authoring-tools
sysutils/port-maintenance-tools -> ports-mgmt/port-maintenance-tools
sysutils/psearch -> ports-mgmt/psearch
sysutils/p5-FreeBSD-Portindex -> ports-mgmt/p5-FreeBSD-Portindex
sysutils/qtpkg -> ports-mgmt/qtpkg
textproc/p5-FreeBSD-Ports -> ports-mgmt/p5-FreeBSD-Ports
Repocopies by: marcus
 |
|
Wednesday, 5 Jan 2005
|
10:51 thierry
Document Horde's XSS vulnerabilities.
Approved by: portmgr (krion).
|
|
Wednesday, 27 Oct 2004
|
12:25 nectar
Create a VuXML entry for Horde XSS help window vulnerability to replace
the portaudit-db entry.
|
|
Tuesday, 26 Oct 2004
|
19:37 thierry
Add an entry for a vulnerability fixed in horde-2.2.7.
|
|
Sunday, 24 Oct 2004
|
14:46 lofi
Add entries for vulnerabilites in imported xpdf code in kdegraphics
and koffice.
|
|
Tuesday, 12 Oct 2004
|
05:25 thierry
Add an entry for a XSS vulnerability fixed in IMP-3.2.6.
|
|
Wednesday, 8 Sep 2004
|
21:57 eik
- star-devel: privilege escalation
- multi-gnome-terminal: information leak
- usermin: remote shell command injection and insecure installation
- mpg123: layer 2 decoder buffer overflow
Approved by: portmgr (implicit)
|
|
Tuesday, 7 Sep 2004
|
10:44 eik
- XSS vulnerability in phpGroupWare wiki module
- add some references
Approved by: portmgr (implicit)
|
|
Friday, 3 Sep 2004
|
20:27 eik
- add some references
- extend ImageMagick entry
- squid ntlm authentication helper DoS
- multiple vpopmail vulnerabilities
- first attempts to check the base system for vulnerabilities:
+ cvs server code
+ zlib DoS
- BSD license portaudit.xml
|
|
Monday, 30 Aug 2004
|
23:43 eik
samba printer change notification request DoS
|
10:57 eik
multiple vulnerabilities in gaim
|
10:07 eik
security bug in rscsi client code
Submitted by: marius
|
|
Friday, 27 Aug 2004
|
15:29 nectar
Document NSS SSLv2 server buffer overflow (already referenced in
portaudit.txt).
|
14:43 nectar
Document ripMIME decoding bug (already referenced in portaudit.txt).
|
10:34 eik
Argh. Duplicate entry for "Scorched 3D server chat box format string
vulnerabilty"
|
10:31 eik
Mozilla / NSS S/MIME DoS vulnerability & Scorched 3D server chat box format
string vulnerability
|
|
Thursday, 26 Aug 2004
|
22:10 nectar
Note sanitize_path bug in rsync (already referenced in portaudit.txt).
|
20:34 nectar
Document buffer overflows in SoX (already referenced in portaudit.txt).
|
20:15 nectar
Document cookie bug in Konqueror (already referenced in portaudit.txt).
|
|
Wednesday, 25 Aug 2004
|
13:58 nectar
Remove libxine issue which is now documented in the FreeBSD VuXML
document.
Reminded by: eik
|
13:10 eik
nss library SSL remote buffer overflow
|
11:07 eik
multiple buffer overflows in xv
|
|
Monday, 23 Aug 2004
|
23:28 eik
Konqueror cross-domain cookie injection
|
23:12 eik
handle some duplicates
|
|
Saturday, 21 Aug 2004
|
10:45 eik
a2ps: Possible execution of shell commands as local user.
|
|
Friday, 20 Aug 2004
|
08:31 eik
correct topic of eda0ade6-f281-11d8-81b0-000347a4fa7d
|
08:28 eik
QT 3.x BMP (and possibly other graphics formats) heap-based overflow
|
|
Wednesday, 18 Aug 2004
|
20:01 eik
potential security flaws in mod_ssl
|
|
Tuesday, 17 Aug 2004
|
07:56 eik
move a800386e-ef7e-11d8-81b0-000347a4fa7d to xml
|
|
Monday, 16 Aug 2004
|
12:23 eik
ruby CGI::Session insecure file creation
|
|
Sunday, 15 Aug 2004
|
23:44 eik
multiple phpGroupWare vulnerabilities
|
17:22 eik
phpGedView, jftpgw
|
|
Friday, 13 Aug 2004
|
16:48 eik
fix some vuxml duplicates, add sympa unauthorized list creation
|
|
Thursday, 12 Aug 2004
|
21:32 lofi
Add another entry for kdelibs3 due to another missed patch.
|
21:17 lofi
Correct entries for recent kde vuln's and add new entry for kdelibs
(3.2.3_3 didn't have all patches).
|
10:45 eik
fix security hole in non-chroot rsync daemon.
<http://www.freebsd.org/ports/portaudit/2689f4cb-ec4c-11d8-9440-000347a4fa7d.html>
|
00:08 eik
9fb5bb32-d6fa-11d8-b479-02e0185c0b53 is a duplicate of
40800696-c3b0-11d8-864c-02e0185c0b53
|
|
Wednesday, 11 Aug 2004
|
22:57 eik
f72ccf7c-e607-11d8-9b0a-000347a4fa7d is a duplicate of
6f955451-ba54-11d8-b88c-000d610a3b12, move references
|
01:27 lofi
Factor out all but one of the build switches of the KDE main module ports
into separate ports. The OPTIONS will remain as of yet and trigger dependencies
now, for easy transition.
Update KOffice to version 1.3.2.
Add patches to fix a number of issues, including:
- fix kxkb on Xorg
- fix kdemultimedia WITH_MPEGLIB (now mpeglib_artsplug) compilation on gcc 3.4.2
with optimizations greater than -O
Add security related patches and entries to portaudit.txt.
|
|
Tuesday, 10 Aug 2004
|
08:50 eik
libine "vcd:" input source buffer overflow
|
00:56 eik
SpamAssassin DoS & cfengine authentication heap corruption
|
|
Saturday, 7 Aug 2004
|
09:09 eik
CVStrac arbitrary remote code execution
|
|
Friday, 6 Aug 2004
|
12:37 eik
fold entry 7eded4b8-e6fe-11d8-b12f-0a001f31891a into
2de14f7a-dad9-11d8-b59a-00061bc2ad93
|
05:41 dinoex
putty local command execution
|
|
Thursday, 5 Aug 2004
|
23:35 eik
move abe47a5a-e23c-11d8-9b0a-000347a4fa7d to vuxml, add mozilla to the list of
vulnerable ports
|
16:45 nork
o Security Update to 2.2.10-ja-1.0.
o rcNG-ify obtained from net/samba3.
PR: ports/70034
Submitted by: NAKAJI Hiroyuki <nakaji@jp.freebsd.org> (maintainer)
|
15:36 eik
add Opera "location" object write access vulnerability
|
14:27 eik
move f9e3e60b-e650-11d8-9b0a-000347a4fa7d to vuxml, add mozilla to the list of
vulnerable ports
|
04:33 dinoex
back out last commit
|
04:31 dinoex
putty local command execution
|
|
Wednesday, 4 Aug 2004
|
20:14 eik
libPNG stack-based buffer overflow and other code concerns
|
11:43 eik
Acrobat Reader handling of malformed uuencoded pdf files
|
11:18 eik
Squid NTLM authentication helper overflow
|
11:10 eik
ripMIME attachment extraction bypass
|
|
Monday, 2 Aug 2004
|
17:54 eik
GnuTLS certificate chain verification DoS
|
|
Saturday, 31 Jul 2004
|
15:00 eik
phpMyAdmin configuration manipulation and code injection
|
|
Friday, 30 Jul 2004
|
17:28 thierry
Register a vulnerability in mail/imp3.
This vulnerability only exists when using the Internet Explorer to
access IMP and only when using the inline MIME viewer for HTML messages.
|
15:28 eik
Mozilla Firefox certificate spoofing
|
10:00 eik
DansGuardian banned extension filter bypass vulnerability
|
|
Thursday, 29 Jul 2004
|
08:15 eik
add a reference to the SoX buffer overflow entry
|
|
Wednesday, 28 Jul 2004
|
20:33 eik
SoX buffer overflows when handling .WAV files
|
09:34 eik
LCDProc buffer overflow/format string vulnerabilities
|
|
Tuesday, 27 Jul 2004
|
10:40 eik
pavuk digest auth buffer overflow
|
10:30 eik
add Nessus "adduser" race condition and Dropbear DSS verification bug
|
|
Thursday, 22 Jul 2004
|
19:08 eik
l2tpd BSS-based buffer overflow
|
13:29 eik
phpBB cross site scripting vulnerabilities
|
|
Tuesday, 20 Jul 2004
|
15:48 eik
add subversion-perl, subversion-python
|
10:30 eik
subversion access control bypass
|
|
Sunday, 18 Jul 2004
|
10:49 eik
mod_ssl format string vulnerability
|
|
Friday, 16 Jul 2004
|
07:39 eik
Roundup directory traversal
|
|
Wednesday, 14 Jul 2004
|
06:56 eik
wv library datetime field buffer overflow
|
|
Tuesday, 13 Jul 2004
|
23:47 eik
multiple vulnerabilities in Bugzilla
|
|
Sunday, 11 Jul 2004
|
12:09 eik
correct vulnerable version of linux-png and add a reference
|
11:18 eik
libpng row buffer overflow
|
|
Thursday, 8 Jul 2004
|
14:24 eik
move e5e2883d-ceb9-11d8-8898-000d6111a684 to vuln.xml
|
|
Tuesday, 6 Jul 2004
|
14:52 eik
add some references
|
07:17 eik
MySQL versions < 4.1 seem to be unaffected
Reported by: Alexander Vasenin <blacksir@number.ru>
|
|
Monday, 5 Jul 2004
|
19:45 eik
add MySQL server authentication bypass / buffer overflow
|
15:30 eik
Mark 4aec9d58-ce7b-11d8-858d-000d610a3b12 as a duplicate of the
already existing c63936c1-caed-11d8-8898-000d6111a684.
|
|
Saturday, 3 Jul 2004
|
06:48 trhodes
Move phpnuke vulnerabilities to VuXML.
|
|
Friday, 2 Jul 2004
|
00:48 eik
move "phpMyAdmin code injection" to vuxml
|
|
Thursday, 1 Jul 2004
|
19:03 eik
phpMyAdmin code injection
|
|
Wednesday, 30 Jun 2004
|
23:39 eik
- SSLtelnet remote format string vulnerability
(guys, this is a public list)
- add some references
|
|
Tuesday, 29 Jun 2004
|
10:33 eik
add MIT Kerberos 5 krb5_aname_to_localname() buffer overflow
|
10:21 eik
add isakmpd security association deletion vulnerability
|
|
Monday, 28 Jun 2004
|
22:09 eik
add Apache input header folding DoS vulnerability
|
09:55 eik
xine-lib RTSP handling vulnerabilities
|
03:58 trhodes
Move MoinMoin entry to VuXML.
|
|
Friday, 25 Jun 2004
|
20:01 trhodes
Add an entry for recent isc-dhcp3-server buffer overflows.
Remove the one in portaudit.txt.
|
17:18 trhodes
Move giFT-FastTrack to VuXML.
|
13:34 eik
giFT-FastTrack remote DoS
|
12:37 eik
correct rlpr version
|
10:31 eik
Pure-FTPd DoS when the max number of connection is reached
|
01:35 trhodes
Move the Gallery entry to VuXML.
|
|
Thursday, 24 Jun 2004
|
14:52 eik
rlpr local and remote exploitable buffer overflow (CAN-2004-0393, CAN-2004-0454)
|
11:23 eik
CAN-2004-0451: format string vulnerabilities in sup
|
11:01 eik
Security flaw in rssh
|
10:45 eik
Icecast remote DoS vulnerability
|
|
Wednesday, 23 Jun 2004
|
12:11 eik
it seems like isc-dhcp3-{client,devel} are unaffected
|
11:56 eik
reword gallery entry
add multiple isc-dhcp3 vulnerabilities
|
Number of commits found: 120 (showing only 100 on this page) |
As an Amazon Associate I earn from qualifying purchases.