| Commit History - (may be incomplete: see SVNWeb link above for full details) |
| Date | By | Description |
|---|
26 Jan 2022 04:44:03
  1.1_5
|
Li-Wen Hsu (lwhsu) 
Author: Francois ten Krooden |
security/vuxml: Add CVE-2021-41990 and CVE-2021-41991 for security/strongswan
PR: 259267 |
23 Jan 2022 23:01:46
1.1_5
|
Cy Schubert (cy) |
security/vuxml: Document aide CVE-2021-45417
Document aide heap buffer overflow.
PR: 261407
Reported by: Yonas Yanfa <yonas.yanfa@gmail.com> |
20 Jan 2022 16:42:12
1.1_5
|
Rene Ladan (rene) |
security/vuxml: document www/chromium < 97.0.4692.99
Obtained
from: https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html |
19 Jan 2022 19:48:50
1.1_5
|
Bernard Spil (brnrd) |
security/vuxml: Document MySQL vulnerabilities |
16 Jan 2022 06:30:30
1.1_5
|
Thomas Zander (riggs) |
security/vuxml: Document Prosody XMPP server advisory 2022-01-13
PR: 261210
Reported by: thomas@beingboiled.info
Security: CVE-2022-0217 |
13 Jan 2022 18:40:54
1.1_5
|
Bernard Spil (brnrd) |
security/vuxml: Document WordPress vulnerabilities |
13 Jan 2022 11:46:14
1.1_5
|
Matthias Fechner (mfechner) |
security/vuxml: document www/gitlab-ce vulnerabilities |
13 Jan 2022 03:32:20
1.1_5
|
Yasuhiro Kimura (yasu) |
security/vuxml: Document invalid pointer read vulnerability in ClamAV. |
12 Jan 2022 18:57:55
1.1_5
|
Li-Wen Hsu (lwhsu) |
security/vuxml: Document Jenkins Security Advisory 2022-01-12
Sponsored by: The FreeBSD Foundation |
09 Jan 2022 13:37:24
1.1_5
|
Thomas Zander (riggs) |
security/vuxml: Document vulnerabilities in net/uniparser before 0.9.6
PR: 261056
Security: CVE-2021-46141
CVE-2021-46142 |
06 Jan 2022 01:35:36
1.1_5
|
Wen Heping (wen) |
security/vuxml: Document django multiple vulnerabilities. |
05 Jan 2022 14:46:17
1.1_5
|
Fernando Apesteguía (fernape) |
security/vuxml: document routinator vulnerabilities |
05 Jan 2022 13:14:51
1.1_5
|
Rene Ladan (rene) |
security/vuxml: document www/chromium < 97.0.4692.71
While here add definitions for 2022, as this is the first vuxml commit
of the year. This cannot be done in its own commit because `make
validate` complains in that case (even with a 0-byte vuln-2022.xml).
Obtained
from: https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html |
31 Dec 2021 09:19:15
1.1_5
|
Bernard Spil (brnrd) |
security/vuxml: Document Roundcube vulnerability |
30 Dec 2021 19:00:00
1.1_5
|
Tijl Coosemans (tijl) |
security/vuxml: Document Mbed TLS advisory 2021-12
Security: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2021-12 |
30 Dec 2021 03:24:47
1.1_5
|
Philip Paeps (philip)
Author: Dan Mahoney |
security/vuxml: OpenDMARC 1.4.1 vulnerability
PR: 260594 |
30 Dec 2021 03:23:33
1.1_5
|
Philip Paeps (philip)
Author: Dan Mahoney |
security/vuxml: OpenDMARC 1.3.2 vulnerabilities
PR: 240505 |
29 Dec 2021 17:55:31
1.1_5
|
Steve Wills (swills) |
security/vuxml: document minio issue |
27 Dec 2021 22:06:58
1.1_5
|
Thierry Thomas (thierry) |
security/vuxml: add an entrey for ReDoS in graphics/py-pillow
Security: CVE-2021-23437 |
27 Dec 2021 18:18:46
1.1_5
|
Romain Tartière (romain) |
security/vuxml: Document more Log4Shell vulnerabilities
With hat: opensearch |
21 Dec 2021 23:41:14
1.1_5
|
Don Lewis (truckman) |
security/vuxml: Document opengrok RCE CVE-2021-2322 |
21 Dec 2021 13:39:58
1.1_5
|
Wen Heping (wen) |
security/vuxml: Document mediawiki multiple vulnerabilities |
21 Dec 2021 07:15:20
1.1_5
|
Dave Cottlehuber (dch) |
security/vuxml: add graylog RCE via log4j CVE-2021-45046
Security: CVE-2021-45046
Sponsored by: SkunkWerks, GmbH |
20 Dec 2021 15:37:40
1.1_5
|
Bernard Spil (brnrd) |
security/vuxml: Document Apache httpd vulnerabilities |
18 Dec 2021 20:11:37
1.1_5
|
Matthew Seaman (matthew) |
security/vuxml: add two grafana security advisories
Moderate severity directory traversal vulnerabilities for .csv
(CVE-2021-43815) and .md (CVE-2021-43813) files.
PR: 260358, 260401
Reported by: Boris Kozun (maintainer), ohauer |
15 Dec 2021 07:00:52
1.1_5
|
Alexander Leidinger (netchild) |
security/vuxml: add serviio (log4j) |
15 Dec 2021 04:03:47
1.1_5
|
Neel Chauhan (nc) |
security/vuxml: Add provoxy vulnerability |
14 Dec 2021 19:11:53
1.1_5
|
Bernard Spil (brnrd) |
security/vuxml: Document OpenSSL 3.0 vulnerability |
14 Dec 2021 12:42:11
1.1_5
|
Alexander Leidinger (netchild) |
security/vuxml: add security/bastillion (log4j) |
14 Dec 2021 10:21:55
1.1_5
|
Rene Ladan (rene) |
security/vuxml: add www/chromium < 96.0.4664.110
Obtained
from: https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop_13.html |
13 Dec 2021 16:52:39
1.1_5
|
Ashish SHUKLA (ashish) |
security/vuxml: Document vulnerabilities in Matrix clients
Security: 0dcf68fa-5c31-11ec-875e-901b0e9408dc |
13 Dec 2021 16:48:00
1.1_5
|
Ashish SHUKLA (ashish) |
security/vuxml: Fix tab/spaces in openhab2, and solr entries
This was breaking make validate for the entry I am trying to add
While here also purge the likely accidentally added file vuln.xml.unexpanded
in 00bad07fd782 |
13 Dec 2021 13:50:20
1.1_5
|
Matthias Fechner (mfechner) |
security/vuxml: fixed solr entry, only version 8.11.1 will fix it
The fixed version is not released yet. |
13 Dec 2021 13:04:38
1.1_5
|
Alexander Leidinger (netchild) |
security/vuxml: fix Solr XML and add openhab (log4shell) |
13 Dec 2021 07:22:56
1.1_5
|
Matthias Fechner (mfechner) |
security/vuxml: added vulnerability entry for solr |
13 Dec 2021 05:28:28
1.1_5
|
Romain Tartière (romain) |
security/vuxml: Document OpenSearch might be vulnerable to Log4Shell
With hat: opensearch |
12 Dec 2021 00:46:03
1.1_5
|
Xin LI (delphij)
Author: Boris Korzun |
security/vuxml: Document multiple vulnerabilities of grafana8
PR: ports/259638 |
11 Dec 2021 21:58:59
1.1_5
|
Carlo Strub (cs) |
security/vuxml: p7zip CVE-2018-10115
PR: 228239
Reported by: Dani <i.dani@outlook.com>
Security: CVE-2018-10115 |
11 Dec 2021 11:48:34
1.1_5
|
Dave Cottlehuber (dch) |
security/vuxml: document sysutils/graylog log4j vuln
Reported
by: https://github.com/Graylog2/graylog2-server/commit/d3e441f1126f0dc292e986879039a87c59375b2a
Security: CVE-2021-44228 |
10 Dec 2021 02:36:34
1.1_5
|
Guangyuan Yang (ygy) |
security/vuxml: Document lang/go vulnerabilities |
07 Dec 2021 20:59:33
1.1_5
|
Rene Ladan (rene) |
security/vuxml: document www/chromium < 96.0.4664.93
Obtained
from: https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html |
07 Dec 2021 08:05:25
1.1_5
|
Matthias Fechner (mfechner) |
security/vuxml: document gitlab vulnerabilities |
02 Dec 2021 13:58:50
1.1_5
|
Bernard Spil (brnrd) |
security/vuxml: Record NSS vulnerability |
01 Dec 2021 19:09:11
1.1_5
|
Matthias Andree (mandree) |
security/vuxml: mail/mailman < 2.1.38 CSRF vuln.
Security: CVE-2021-44227
Security: 0d6efbe3-52d9-11ec-9472-e3667ed6088e |
25 Nov 2021 01:54:25
1.1_5
|
Mateusz Piotrowski (0mp) |
security/vuxml: Mark java/bouncycastle as vulnerable where applicable
Some of the reported java/bouncycastle15 security issues affect the
legacy port of java/bouncycastle as well. Update vuxml.xml accordingly.
Sponsored by: Modirum MDPay
Sponsored by: Klara, Inc. |
24 Nov 2021 15:18:56
1.1_5
|
Yasuhiro Kimura (yasu) |
security/vuxml: Document cookie prefix spoofing in rubygem-cgi |
24 Nov 2021 15:18:56
1.1_5
|
Yasuhiro Kimura (yasu) |
security/vuxml: Document buffer overrun in rubygem-cgi |
24 Nov 2021 15:18:56
1.1_5
|
Yasuhiro Kimura (yasu) |
security/vuxml: Update affecting packages of
6916ea94-4628-11ec-bbe2-0800270512f4
This vulnerability also affects ruby ports. |
23 Nov 2021 16:53:00
1.1_5
|
Ashish SHUKLA (ashish)
Author: Evilham |
security/vuxml: Document vulnerability in Matrix Synapse
PR: 259994
Reported by: Sascha Biberhofer <ports at skyforge dot at>
Security: 27aa2253-4c72-11ec-b6b9-e86a64caca56
Security: CVE-2021-41281 |
19 Nov 2021 09:47:50
1.1_5
|
Guangyuan Yang (ygy)
Author: Robert Clausecker |
security/vuxml: Document archivers/advancecomp vulnerabilities
PR: 259534 |
16 Nov 2021 22:48:48
1.1_5
|
Rene Ladan (rene) |
security/vuxml: document www/chromium < 96.0.4664.45
Obtained
from: https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html |
15 Nov 2021 15:42:11
1.1_5
|
Yasuhiro Kimura (yasu) |
security/vuxml: Document denial of service vunlerability in rubygem-date |
15 Nov 2021 11:04:58
1.1_5
|
Bernard Spil (brnrd) |
security/vuxml: Mark roundcube vuln in quarterly |
13 Nov 2021 10:52:32
1.1_5
|
Matthias Andree (mandree) |
security/vuxml: also list mailman exim4/postfix pkgs
The initial commit 162e701a5982 omitted listing the
-exim4 and -postfix packages. Make up for that.
Security: 9d7a2b54-4468-11ec-8532-0d24c37c72c8
Security: CVE-2021-43331
Security: CVE-2021-43332 |
13 Nov 2021 10:06:43
1.1_5
|
Matthias Andree (mandree) |
security/vuxml: document mail/mailman < 2.1.37 issues
- A potential XSS attack via the user options page has been reported by
Harsh Jaiswal. This is fixed. CVE-2021-43331 (LP: #1949401)
LP: A crafted URL to the user options page can execute arbitrary
javascript.
- A potential for for a list moderator to carry out an off-line brute force
attack to obtain the list admin password has been reported by Andre
Protas, Richard Cloke and Andy Nuttall of Apple. This is fixed.
CVE-2021-43332 (LP: #1949403)
LP: The CSRF token for the admindb page contains an encrypted version of
the list admin password which could potentially be cracked by a
moderator via an off-line brute force attack.
Security: 9d7a2b54-4468-11ec-8532-0d24c37c72c8
Security: CVE-2021-43331
Security: CVE-2021-43332 |
11 Nov 2021 14:45:28
1.1_5
|
Palle Girgensohn (girgen) |
security-vuxml: Add URL for PostgreSQL release notes |
11 Nov 2021 14:37:01
1.1_5
|
Palle Girgensohn (girgen) |
security/vuxml: Document latest PostgreSQL vulnerability
* CVE-2021-23214
* CVE-2021-23222 |
10 Nov 2021 06:31:25
1.1_5
|
Romain Tartière (romain) |
security/vuxml: Document latest Puppet issues
* CVE-2021-27023
* CVE-2021-27025 |
10 Nov 2021 02:04:01
1.1_5
|
Timur I. Bakeyev (timur) |
security/vuxml: Document latest Samba security issues.
* CVE-2020-25717
* CVE-2020-25718
* CVE-2020-25719
* CVE-2020-25721
* CVE-2020-25722
* CVE-2016-2124
* CVE-2021-3738
* CVE-2021-23192 |
09 Nov 2021 08:41:37
1.1_5
|
Bernard Spil (brnrd) |
security/vuxml: Update latest MySQL entry
* Mark MariaDB vulnerable
* Add list of CVE's |
05 Nov 2021 08:35:56
1.1_5
|
Kai Knoblich (kai) |
security/vuxml: Document net/pyrad security issues
PR: 259332 |
05 Nov 2021 07:51:39
1.1_5
|
Guangyuan Yang (ygy) |
security/vuxml: Document lang/go vulnerabilities |
04 Nov 2021 14:52:01
1.1_5
|
Li-Wen Hsu (lwhsu) |
security/vuxml: Document Jenkins Security Advisory 2021-11-04
Sponsored by: The FreeBSD Foundation |
04 Nov 2021 08:51:40
1.1_5
|
Li-Wen Hsu (lwhsu)
Author: Stefan Bethke |
security/vuxml: Document security issues in gitlab <= 1.15.5
PR: 259548 |
30 Oct 2021 08:33:11
1.1_5
|
Matthias Fechner (mfechner) |
security/vuxml: Document gitlab vulnerabilities |
29 Oct 2021 19:33:45
1.1_5
|
Rene Ladan (rene) |
security/vuxml: add www/chromium < 95.0.4638.69
Obtained
from: https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html |
28 Oct 2021 15:23:09
1.1_5
|
Sergey A. Osokin (osa) |
security/vuxml: fix openssl-devel-3.0.0-alpha12 package version |
27 Oct 2021 15:48:14
1.1_5
|
Yasuhiro Kimura (yasu) |
security/vuxml: Document possible RCE vulnerability in fail2ban.
Differential Revision: https://reviews.freebsd.org/D32575 |
27 Oct 2021 09:01:21
1.1_5
|
Yasuhiro Kimura (yasu)
Author: Boris Korzun |
security/vuxml: Document snapshot authentication bypass vulnerability in Grafana
PR: 258962
Differential Revision: https://reviews.freebsd.org/D32667 |
23 Oct 2021 19:50:04
1.1_5
|
Steve Wills (swills) |
security/vuxml: document minio issue |
20 Oct 2021 17:59:37
1.1_5
|
Matthias Andree (mandree) |
security/vuxml: two mail/mailman < 2.1.35 vulns
Security: CVE-2021-42096
Security: CVE-2021-42097
Security: 8d65aa3b-31ce-11ec-8c32-a14e8e520dc7 |
19 Oct 2021 20:14:42
1.1_5
|
Rene Ladan (rene) |
security/vuxml: add www/chromium < 95.0.4638.54
Obtained
from: https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html |
17 Oct 2021 15:42:44
1.1_5
|
Bernard Spil (brnrd) |
security/vuxml: Document 2021Q4 MySQL vulnerabilities |
14 Oct 2021 18:31:11
1.1_5
|
Bradley T. Hughes (bhughes) |
security/vuxml: document Node.js October 2021 Security Releases
https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/
Sponsored by: Miles AS |
12 Oct 2021 21:15:17
1.1_5
|
Bryan Drewery (bdrewery) |
security/vuxml: Update OpenSSH CVE-2021-41617 fix for quarterly commit |
12 Oct 2021 18:06:43
1.1_5
|
Bryan Drewery (bdrewery) |
security/vuxml: Document OpenSSH CVE-2021-41617 |
12 Oct 2021 13:16:54
1.1_5
|
Dave Cottlehuber (dch) |
security/vuxml: add CouchDB CVE details
while here, appease `make validate` indentation
Security: https://docs.couchdb.org/en/stable/cve/2021-38295.html
Sponsored by: SkunkWerks, GmbH |
11 Oct 2021 18:36:00
1.1_5
|
Don Lewis (truckman) |
security/vuxml: topic format consistency
Reformat to be consistent with other entries. |
11 Oct 2021 18:33:34
1.1_5
|
Don Lewis (truckman) |
security/vuxml: update editors/openoffice-{4,devel} latest entry
Add info about three just announced CVEs. |
11 Oct 2021 17:43:09
1.1_5
|
Mateusz Piotrowski (0mp) |
security/vuxml: Document Ansible vulnerability
Security: CVE-2021-3620 |
09 Oct 2021 21:20:53
1.1_5
|
Don Lewis (truckman) |
security/vuxml: Document editors/openoffice-{4,devel} vulnerability |
09 Oct 2021 07:02:33
1.1_5
|
Guangyuan Yang (ygy) |
security/vuxml: Document lang/go vulnerability |
08 Oct 2021 08:25:04
1.1_5
|
Rene Ladan (rene) |
security/vuxml: document www/chromium < 94.0.4606.81
Obtained
from: https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop.html |
07 Oct 2021 17:38:35
1.1_5
|
Cy Schubert (cy) |
security/vuxml: Only apache24 2.4.49 and 2.4.50 are vulnerable |
07 Oct 2021 02:24:55
1.1_5
|
Li-Wen Hsu (lwhsu) |
security/vuxml: Fix version range of 9bad457e-b396-4452-8773-15bec67e1ceb
Sponsored by: The FreeBSD Foundation |
07 Oct 2021 02:22:48
1.1_5
|
Li-Wen Hsu (lwhsu) |
security/vuxml: Document Jenkins Security Advisory 2021-10-06
Sponsored by: The FreeBSD Foundation |
06 Oct 2021 13:30:22
1.1_5
|
Bernard Spil (brnrd) |
security/vuxml: Only apache24 2.4.49 is vulnerable |
05 Oct 2021 18:51:23
1.1_5
|
Sergey A. Osokin (osa) |
security/vuxml: document multiple issues with databases/redis-devel |
05 Oct 2021 13:28:13
1.1_5
|
Sergey A. Osokin (osa) |
security/vuxml: document multiple issue with databases/redis{,5,6}
PR: 258935 |
05 Oct 2021 08:47:45
1.1_5
|
Bernard Spil (brnrd) |
security/vuxml: Document Apache httpd vulnerability |
05 Oct 2021 05:09:26
1.1_5
|
Matthias Fechner (mfechner) |
security/vuxml: Document bacula-web vulnerabilities |
01 Oct 2021 07:19:35
1.1_5
|
Wen Heping (wen) |
security/vuxml: Document mediawiki's multiple vulnerabilities |
30 Sep 2021 21:03:02
1.1_5
|
Rene Ladan (rene) |
security/vuxml: add www/chromium < 94.0.4606.71
Obtained
from: https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_30.html |
30 Sep 2021 19:28:52
1.1_5
|
Matthias Fechner (mfechner) |
security/vuxml: Document gitlab vulnerabilities |
30 Sep 2021 16:23:08
1.1_5
|
Li-Wen Hsu (lwhsu) |
security/vuxml: Fix entry 7062bce0-1b17-11ec-9d9d-0022489ad614
This should also fix vuxml build.
PR: 258802
Sponsored by: The FreeBSD Foundation |
30 Sep 2021 02:02:47
1.1_5
|
Alex Kozlov (ak) |
security/vuxml: document archivers/ha vulnerabilities |
29 Sep 2021 05:52:41
1.1_5
|
Kyle Evans (kevans) |
security/vuxml: document recent nexus2-oss vulnerabilities
PR: 252564 |
28 Sep 2021 08:29:46
1.1_5
|
Bernard Spil (brnrd) |
security/vuxml: Fix range on latest cURL vuln
Submitted by: yasu
PR: 258586 |
28 Sep 2021 08:03:58
1.1_5
|
Bernard Spil (brnrd) |
security/vuxml: Fix double CVE- in latest httpd entry |
27 Sep 2021 08:39:45
1.1_5
|
Baptiste Daroussin (bapt)
Author: Evgeniy Khramtsov |
security/vuxml: add www/webkit2-gtk3
PR: 255528
Obtained from: https://webkitgtk.org/security/WSA-2021-0005.html |
As an Amazon Associate I earn from qualifying purchases.
