| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
1.1_5
07 Oct 2022 01:43:31
     |
Li-Wen Hsu (lwhsu)  |
security/vuxml: Improve the description of c2a89e8f-44e9-11ed-9215-00e081b7aa2d
Suggested by: joneum |
1.1_5
06 Oct 2022 12:57:04
|
Wen Heping (wen) |
security/vuxml: Document Django multiple vulnerabilities |
1.1_5
06 Oct 2022 01:38:02
|
Dan Langille (dvl) |
security/vuxml: Fix broken tags |
1.1_5
05 Oct 2022 20:14:48
|
Li-Wen Hsu (lwhsu) |
security/vuxml: Document Jenkins Security Advisory 2022-09-21
Sponsored by: The FreeBSD Foundation |
1.1_5
04 Oct 2022 20:57:19
|
Dmitri Goutnik (dmgk) |
security/vuxml: Document Go vulnerabilities |
1.1_5
04 Oct 2022 06:07:19
|
Fernando Apesteguía (fernape) |
security/vuxml: Add devel/zydis buffer overflow
CVE-2021-41253 devel/zydis buffer overflow vulnerability.
PR: 266766
Reported by: Martin Filla <freebsd@sysctl.cz> (maintainer) |
1.1_5
02 Oct 2022 02:00:34
|
Wen Heping (wen) |
security/vuxml: Document mediawiki multiple vulnerabilities |
1.1_5
30 Sep 2022 20:50:47
|
Rene Ladan (rene) |
security/vuxml: add www/chromium < 106.0.5249.91
Obtained from:
https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_30.html |
1.1_5
30 Sep 2022 16:11:14
|
Matthias Fechner (mfechner) |
security/vuxml: document gitlab-ce vulnerabilities |
1.1_5
29 Sep 2022 05:35:45
|
Fernando Apesteguía (fernape) |
security/vuxml: Document unbound vulnerability
PR: 266654
Reported by: Herbert J. Skuhra <herbert@gojira.at>
Security: CVE-2022-3204 |
1.1_5
28 Sep 2022 16:00:59
|
Ashish SHUKLA (ashish) |
security/vuxml: Document vulnerabilities for Matrix clients |
1.1_5
27 Sep 2022 19:43:48
|
Rene Ladan (rene) |
security/vuxml: add www/chromium < 106.0.5249.61
Obtained
from: https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html |
1.1_5
27 Sep 2022 04:17:13
|
Tobias C. Berner (tcberner) |
security/vuxml: document vulnerability in expat < 2.4.9
Rhodri James discovered a heap use-after-free vulnerability in the
doContent function in Expat, an XML parsing C library, which could
result in denial of service or potentially the execution of arbitrary
code, if a malformed XML file is processed.
https://www.debian.org/security/2022/dsa-5236
https://nvd.nist.gov/vuln/detail/CVE-2022-40674
Security: CVE-2022-40674 |
1.1_5
26 Sep 2022 10:17:05
|
Yasuhiro Kimura (yasu) |
security/vuxml: Document exposure of sensitive information in cache manager of
squid |
1.1_5
22 Sep 2022 07:32:04
|
Yasuhiro Kimura (yasu) |
security/vuxml: Document potential remote code execution vulnerability in redis |
1.1_5
21 Sep 2022 14:25:34
|
Nuno Teixeira (eduardo)
Author: Boris Korzun |
security/vuxml: Document Grafana vulnerabilies
PR: 266530 |
1.1_5
19 Sep 2022 23:50:54
|
Craig Leres (leres) |
security/vuxml: Mark zeek < 5.0.2 as vulnerable as per:
https://github.com/zeek/zeek/releases/tag/v5.0.2
The potential DoS vulnerabilities include:
- Fix a possible overflow and crash in the ICMP analyzer when
receiving a specially crafted packet
- Fix a possible overflow and crash in the IRC analyzer when
receiving a specially crafted packet
- Fix a possible overflow and crash in the SMB analyzer when
receiving a specially crafted packet
- Fix two possible crashes when converting IP headers for output
via the raw_packet event
Reported by: Tim Wojtulewicz |
1.1_5
16 Sep 2022 20:57:40
|
Romain Tartière (romain) |
security/vuxml: Document vulnerability in PuppetDB |
1.1_5
14 Sep 2022 20:47:02
|
Rene Ladan (rene) |
security/vuxml: add www/chromium < 105.0.5195.125
Obtained
from: https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html |
1.1_5
12 Sep 2022 12:56:53
|
Ashish SHUKLA (ashish) |
security/vuxml: Document vulnerability for net-im/dendrite |
1.1_5
11 Sep 2022 14:03:23
|
Dmitri Goutnik (dmgk)
Author: Stefan Bethke |
security/vuxml: Document Gitea vulnerabilities
PR: 266359 |
1.1_5
08 Sep 2022 00:22:51
|
Wen Heping (wen) |
security/vuxml: Document python multiple vulnerabilities |
1.1_5
07 Sep 2022 12:36:51
|
Dmitri Goutnik (dmgk) |
security/vuxml: Document Go vulnerabilities |
1.1_5
03 Sep 2022 11:30:39
|
Rene Ladan (rene) |
security/vuxml: add www/chromium < 105.0.5195.102
Obtained from:
https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop.html |
1.1_5
01 Sep 2022 22:21:10
|
Ashish SHUKLA (ashish) |
security/vuxml: Unbreak vuxml build
Fix malformed CVE entry which I added in 46eb6e07f37e2. Thanks to dbaio@
for pointing it out. |
1.1_5
01 Sep 2022 21:55:10
|
Neel Chauhan (nc)
Author: Ralf van der Enden |
dns/powerdns-recursor: Add VUXML entry |
1.1_5
01 Sep 2022 12:00:54
|
Nuno Teixeira (eduardo) |
security/vuxml: Document Grafana vulnerabilities
- vuxml: CVE-2022-31176 - Unauthorized file disclosure
PR: 266128 |
1.1_5
31 Aug 2022 22:37:41
|
Ashish SHUKLA (ashish) |
security/vuxml: Document Matrix clients' vulnerabilities |
1.1_5
31 Aug 2022 10:33:41
|
Rene Ladan (rene) |
security/vuxml: document www/chromium < 105.0.5195.52
Obtained
from: https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html |
1.1_5
31 Aug 2022 06:04:38
|
Philip Paeps (philip) |
security/vuxml: add FreeBSD SA-22:13.zlib |
1.1_5
30 Aug 2022 18:45:20
|
Matthias Fechner (mfechner) |
security/vuxml: document gitlab-ce vulnerabilities |
1.1_5
26 Aug 2022 23:50:45
|
Craig Leres (leres) |
security/vuxml: Mark zeek < 5.0.1 as vulnerable as per:
https://github.com/zeek/zeek/releases/tag/v5.0.1
The potential DoS vulnerabilities include:
- Fix a possible overflow and crash in the ARP analyzer when
receiving a specially crafted packet.
- Fix a possible overflow and crash in the Modbus analyzer when
receiving a specially crafted packet.
- Fix two possible crashes when converting IP headers for output
via the raw_packet event.
- Fix an abort related to an error related to the ordering of
record fields when processing DNS EDNS headers via events
Reported by: Tim Wojtulewicz |
1.1_5
25 Aug 2022 19:56:02
|
Ashish SHUKLA (ashish) |
security/vuxml: update Dendrite vulnerability
- add CVE information |
1.1_5
25 Aug 2022 15:56:42
|
Bernard Spil (brnrd) |
security/vuxml: Document MariaDB vulnerabilities |
1.1_5
23 Aug 2022 05:05:01
|
Matthias Fechner (mfechner) |
security/vuxml: Document gitlab vulnerability |
1.1_5
20 Aug 2022 01:24:38
|
Wen Heping (wen) |
security/vuxml: Document drupal9 multiple vulnerabilities |
1.1_5
17 Aug 2022 08:34:12
|
Rene Ladan (rene) |
security/vuxml: add www/chromium < 104.0.5112.101
Obtained
from: https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html |
1.1_5
15 Aug 2022 13:57:01
|
Ashish SHUKLA (ashish) |
security/vuxml: Document dendrite vulnerability |
1.1_5
14 Aug 2022 17:00:29
|
Nuno Teixeira (eduardo) |
security/vuxml: Document Apache Tomcat vulnerability
CVE-2022-34305 Apache Tomcat - XSS in examples web application
PR: 265821
Approved by: riggs (ports-secteam) |
1.1_5
12 Aug 2022 09:15:01
|
Guido Falsi (madpilot) |
security/vuxml: Document xfce4-tumbler vulnerability.
The vulnerability details are undisclosed at present. |
1.1_5
10 Aug 2022 21:30:06
|
Danilo G. Baio (dbaio) |
security/vuxml: Document varnish cache vulnerability |
1.1_5
10 Aug 2022 10:20:09
|
Philip Paeps (philip) |
security/vuxml: correct entry for FreeBSD SA-22:10.aio
The vulnerability reported in FreeBSD-SA-22:10.aio was corrected on the
stable/13 branch before releng/13.1 was created. Consequently, FreeBSD
13.1-RELEASE-p0 is not affected. |
1.1_5
10 Aug 2022 10:20:08
|
Philip Paeps (philip) |
security/vuxml: add FreeBSD SA-22:12.lib9p |
1.1_5
10 Aug 2022 10:20:08
|
Philip Paeps (philip) |
security/vuxml: add FreeBSD SA-22:11.vm |
1.1_5
10 Aug 2022 09:53:28
|
Philip Paeps (philip) |
security/vuxml: add FreeBSD SA-22:10.aio |
1.1_5
10 Aug 2022 09:53:28
|
Philip Paeps (philip) |
security/vuxml: add FreeBSD SA-22:09.elf |
1.1_5
10 Aug 2022 09:04:11
|
Rodrigo Osorio (rodrigo) |
security/vuxml: Document rsync client-side arbitrary file write vulnerability
PR: 265633 |
1.1_5
09 Aug 2022 09:07:27
|
Yasuhiro Kimura (yasu) |
security/vuxml: Document double free vulnerability in GnuTLS |
1.1_5
08 Aug 2022 20:35:27
|
Santhosh Raju (fox) |
security/vuxml: Document wolfSSL multiple vulnerabilities. |
1.1_5
05 Aug 2022 19:02:44
|
Nuno Teixeira (eduardo)
Author: Stefan Bethke |
security/vuxml: Document Gitea multiple vulnerabilities
PR: 265527 |
1.1_5
05 Aug 2022 18:39:58
|
Bernard Spil (brnrd) |
security/vuxml: Document Unbound vulnerabilities |
1.1_5
05 Aug 2022 16:36:48
|
Nuno Teixeira (eduardo)
Author: Stefan Bethke |
security/vuxml: Document Gitea multiple vulnerabilities
- Add write check for creating Commit status
https://github.com/go-gitea/gitea/pull/20334
- Check for permission when fetching user controlled issues
https://github.com/go-gitea/gitea/pull/20196
PR: 265526 |
1.1_5
05 Aug 2022 02:08:36
|
Wen Heping (wen) |
security/vuxml: Document Django multiple vulnerabilities |
1.1_5
03 Aug 2022 14:50:50
|
Rene Ladan (rene) |
security/vuxml: add www/chromium < 104.0.5112.79
Obtained from:
https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop.html |
1.1_5
02 Aug 2022 13:24:41
|
Dmitri Goutnik (dmgk) |
security/vuxml: Document Go vulnerability |
1.1_5
30 Jul 2022 06:50:09
|
Matthias Fechner (mfechner) |
security/vuxml: Document www/gitlab-ce vulnerabilities |
1.1_5
23 Jul 2022 21:57:43
|
Nuno Teixeira (eduardo)
Author: Boris Korzun |
security/vuxml: Document new Grafana vulnerabilities
CVE-2022-31097 - Stored XSS
CVE-2022-31107 - OAuth Account Takeover
PR: 265330 |
1.1_5
21 Jul 2022 08:59:18
|
Guido Falsi (madpilot) |
security/vuxml: Document new VirtualBox vulnerabilities.
PR: 265350 |
1.1_5
21 Jul 2022 08:10:24
|
Bernard Spil (brnrd) |
security/vuxml: Document new MySQL vulnerabilities |
1.1_5
20 Jul 2022 14:22:56
|
Tobias C. Berner (tcberner) |
security: remove 'Created by' lines
A big Thank You to the original contributors of these ports:
* <ports@c0decafe.net>
* Aaron Dalton <aaron@FreeBSD.org>
* Adam Weinberger <adamw@FreeBSD.org>
* Ade Lovett <ade@FreeBSD.org>
* Aldis Berjoza <aldis@bsdroot.lv>
* Alex Dupre <ale@FreeBSD.org>
* Alex Kapranoff <kappa@rambler-co.ru>
* Alex Samorukov <samm@freebsd.org>
* Alexander Botero-Lowry <alex@foxybanana.com>
* Alexander Kriventsov <avk@vl.ru>
* Alexander Leidinger <netchild@FreeBSD.org> (Only the first 15 lines of the commit message are shown above  ) |
1.1_5
20 Jul 2022 08:32:05
|
Rene Ladan (rene) |
security/vuxml: add www/chromium < 103.0.5060.134
Obtained
from: https://chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop_19.html |
1.1_5
18 Jul 2022 16:11:25
|
Yasuhiro Kimura (yasu) |
security/vuxml: Document potential remote code execution vulnerability in redis |
1.1_5
14 Jul 2022 12:39:43
|
Dmitri Goutnik (dmgk) |
security/vuxml: Document Go vulnerabilities |
1.1_5
12 Jul 2022 22:54:57
|
Brad Davis (brd) |
security/vuxml: document devel/git CVE-2022-29187 |
1.1_5
11 Jul 2022 15:47:56
|
Joseph Mingrone (jrm) |
security/vuxml: Note that the 2022-07-08 Node.js entry was modified
Requested by: sunpoet |
1.1_5
10 Jul 2022 09:19:26
|
Dries Michiels (driesm)
Author: Robert Clausecker |
security/vuxml: document multimedia/py-mat2 CVE-2022-35410
PR: 265104 |
1.1_5
09 Jul 2022 06:09:01
|
Matthias Fechner (mfechner) |
security/vuxml: document gitlab-ce vulnerabilities |
1.1_5
08 Jul 2022 13:08:26
|
Joseph Mingrone (jrm) |
security/vuxml: Remove extra dash in 2022-07-08 Node.js CVE name
Reported by: joneum |
1.1_5
08 Jul 2022 12:56:23
|
Joseph Mingrone (jrm) |
security/vuxml: Fix CVE Names in 2022-07-08 Node.js entry
Sponsored by: The FreeBSD Foundation |
1.1_5
08 Jul 2022 12:12:18
|
Joseph Mingrone (jrm) |
security/vuxml: Document Node.js July 7th 2022 Security Releases
https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
Sponsored by: The FreeBSD Foundation |
1.1_5
07 Jul 2022 16:15:20
|
Rene Ladan (rene) |
security/vuxml: add www/chromium < 103.0.5060.114
Obtained
from: https://chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop.html |
1.1_5
05 Jul 2022 14:51:47
|
Bernard Spil (brnrd) |
security/vuxml: Add/update OpenSSL vulnerability
* Update the RSA key AVX512 vuln to 3.0.4 only
* Add new AES OCB vuln in 1.1.1q/3.0.5 |
1.1_5
04 Jul 2022 10:52:31
|
Wen Heping (wen) |
security/vuxml: Fix a typo in previous commit of document django multiple
vulnerabilities |
1.1_5
04 Jul 2022 10:48:08
|
Wen Heping (wen) |
security/vuxml: Document Django multiple vulnerabilities |
1.1_5
03 Jul 2022 18:55:26
|
Bernard Spil (brnrd) |
security/vuxml: Document OpenSSL vulnerability |
1.1_5
03 Jul 2022 06:04:08
|
Wen Heping (wen) |
security/vuxml: Document mediawiki multiple vulnerabilities |
1.1_5
29 Jun 2022 03:56:40
|
Ashish SHUKLA (ashish) |
security/vuxml: Document vulnerability for net-im/py-matrix-synapse |
1.1_5
27 Jun 2022 08:16:36
|
Bernard Spil (brnrd) |
security/vuxml: Document cURL vulnerabilities |
1.1_5
23 Jun 2022 19:18:01
|
Li-Wen Hsu (lwhsu) |
security/vuxml: Fix vuxml build
<cvename> tag needs a valid CVE name
Fixes: 8f4091638ddd9e3c0484c5791359e58aa97b493a |
1.1_5
22 Jun 2022 19:11:40
|
Li-Wen Hsu (lwhsu) |
security/vuxml: Document Jenkins Security Advisory 2022-06-22
Sponsored by: The FreeBSD Foundation |
1.1_5
22 Jun 2022 08:29:39
|
Bernard Spil (brnrd) |
security/vuxml: Document OpenSSL vulnerability
* Pet `make validate`
* Fix spacing for 482456fb-e9af-11ec-93b6-318d1419ea39
* Add discovery date for 482456fb-e9af-11ec-93b6-318d1419ea39
using tor wiki page update date. |
1.1_5
22 Jun 2022 08:02:26
|
Rene Ladan (rene) |
security/vuxml: add www/chromium < 103.0.5060.53 |
1.1_5
21 Jun 2022 21:09:38
|
Neel Chauhan (nc)
Author: Rafael Grether |
graphics/p5-Image-ExifTool: Add an vuxml entry for update 12.42
PR: 264618 |
1.1_5
20 Jun 2022 14:09:26
|
Li-Wen Hsu (lwhsu)
Author: Hung-Yi Chen |
security/vuxml: Add CVE-2022-24766 for www/mitmproxy
PR: 264782 |
1.1_5
17 Jun 2022 15:26:50
|
Yuri Victorovich (yuri) |
security/vuxml: Add vulnerability record for security/tor TROVE-2022-001[0] |
1.1_5
11 Jun 2022 08:06:56
|
Guido Falsi (madpilot) |
security/vuxml: Document XFCE libexo vulnerability. |
1.1_5
11 Jun 2022 00:18:10
|
Wen Heping (wen) |
security/vuxml: Document numpy vulnerabilities |
1.1_5
10 Jun 2022 09:58:15
|
Li-Wen Hsu (lwhsu) |
security/vuxml: Fix version range for 49adfbe5-e7d1-11ec-8fbd-d4c9ef517024
PR: 264589
Reported by: Jordan Ostreff <jordan@ostreff.info> |
1.1_5
09 Jun 2022 20:26:21
|
Rene Ladan (rene) |
security/vuxml: add www/chromium < 102.0.5005.115
Obtained
from: https://chromereleases.googleblog.com/2022/06/stable-channel-update-for-desktop.html |
1.1_5
09 Jun 2022 09:05:02
|
Bernard Spil (brnrd) |
security/vuxml: Document Apache httpd vulnerabilities |
1.1_5
07 Jun 2022 12:36:39
|
Dmitri Goutnik (dmgk) |
security/vuxml: Document Go vulnerabilities |
1.1_5
05 Jun 2022 15:22:52
|
Matthias Andree (mandree) |
security/vuxml: add e2fsprogs CVE-2022-1304 < 1.46.5_1
Security: CVE-2022-1304
Security: a58f3fde-e4e0-11ec-8340-2d623369b8b5 |
1.1_5
04 Jun 2022 19:47:56
|
Matthias Fechner (mfechner) |
security/vuxml: Document gitlab vulnerabilities |
1.1_5
03 Jun 2022 17:32:46
|
Craig Leres (leres) |
security/vuxml: Mark zeek < 4.0.7 as vulnerable as per:
https://github.com/zeek/zeek/releases/tag/v4.0.7
- Fix potential hang in the DNS analyzer when receiving a
specially-crafted packet. Due to the possibility of this happening
with packets received from the network, this is a potential DoS
vulnerability.
Reported by: Tim Wojtulewicz |
1.1_5
24 May 2022 19:48:26
|
Rene Ladan (rene) |
security/vuxml: add www/chromium < 102.0.5005.61
Obtained
from: https://chromereleases.googleblog.com/2022/05/stable-channel-update-for-desktop_24.html |
1.1_5
23 May 2022 20:28:22
|
Bernard Spil (brnrd) |
security/vuxml: Add CVE numbers to latest MySQL vulnerabilities |
1.1_5
23 May 2022 20:17:17
|
Bernard Spil (brnrd) |
security/vuxml: Document MariaDB vulnerabilities |
1.1_5
23 May 2022 10:54:53
|
Yasuhiro Kimura (yasu) |
security/vuxml: Update and fix b2407db1-d79f-11ec-a15f-589cfc0f81b0
* security/clamav-lts is also vulnerable with them
* Fix range of security/clamav |
1.1_5
19 May 2022 18:28:37
|
Florian Smeets (flo) |
security/vuxml: Document ClamAV vulnerabilities |
1.1_5
15 May 2022 12:31:43
|
Dmitri Goutnik (dmgk) |
security/vuxml: Document Go vulnerability
While here, fix package names for the previous Go entry (we also have
go117 now). |
As an Amazon Associate I earn from qualifying purchases.
