notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)Want a good monitor light? See my photosAll times are UTC		 Ukraine

Bot filter coming soon

To deter bots pegging the database CPU to 100%, a bot testing filter to be added to the website. This should not affect newsfeeds etc. Anubis seems light-weight - it is already in use within the FreeBSD Project. This notice is just a heads up in case you see something odd. This notice will be updated after Anubis is installed.

Port details
vuxml Vulnerability and eXposure Markup Language DTD
1.1_6 security on this many watch lists=33 search for ports that depend on this port Find issues related to this port Report an issue related to this port View this port on Repology. pkg-fallout 1.1_6Version of this port present on the latest quarterly branch.
Maintainer: ports-secteam@FreeBSD.org search for ports maintained by this maintainer
Port Added: 2004-02-12 14:24:23
Last Update: 2025-06-06 18:01:08
Commit Hash: c4ba83b
People watching this port, also watch:: gnupg, curl, libxml2, nmap, vim
Also Listed In: textproc
License: BSD2CLAUSE
WWW:
https://vuxml.freebsd.org/
Description:
VuXML (the Vulnerability and eXposure Markup Language) is an XML application for documenting security bugs and corrections within a software package collection such as the FreeBSD Ports Collection. This port installs the DTDs required for validating VuXML documents.
Homepage    cgit ¦ Codeberg ¦ GitHub ¦ GitLab ¦ SVNWeb

Manual pages:
FreshPorts has no man page information for this port.
pkg-plist: as obtained via: make generate-plist
Expand this list (13 items)
Collapse this list.
  1. /usr/local/share/licenses/vuxml-1.1_6/catalog.mk
  2. /usr/local/share/licenses/vuxml-1.1_6/LICENSE
  3. /usr/local/share/licenses/vuxml-1.1_6/BSD2CLAUSE
  4. @xmlcatmgr share/xml/dtd/vuxml/catalog
  5. @xmlcatmgr share/xml/dtd/vuxml/catalog.xml
  6. share/xml/dtd/vuxml/vuxml-10.dtd
  7. share/xml/dtd/vuxml/vuxml-11.dtd
  8. share/xml/dtd/vuxml/vuxml-model-10.mod
  9. share/xml/dtd/vuxml/vuxml-model-11.mod
  10. share/xml/dtd/vuxml/xml1.dcl
  11. @owner
  12. @group
  13. @mode
Collapse this list.
Dependency lines:
  • vuxml>0:security/vuxml
To install the port:
cd /usr/ports/security/vuxml/ && make install clean
To add the package, run one of these commands:
  • pkg install security/vuxml
  • pkg install vuxml
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.
PKGNAME: vuxml
Flavors: there is no flavor information for this port.
distinfo:
SHA256 (vuxml/vuxml-10.dtd) = 6a635ad2cf45f52361c8c2a29a689157fad4d00519045485bc822d34e04a524e SIZE (vuxml/vuxml-10.dtd) = 2986 SHA256 (vuxml/vuxml-model-10.mod) = 051fed00b52bedde8ee901003fc29f7b95cd904157e31ceef34e6b06f2d1a14a

Expand this list (11 items)

Collapse this list.

SIZE (vuxml/vuxml-model-10.mod) = 10599 SHA256 (vuxml/vuxml-11.dtd) = 12b50061d7bb34cecffede2e08d439e4469324376d55aeb7c73eb6aab0f36af1 SIZE (vuxml/vuxml-11.dtd) = 3063 SHA256 (vuxml/vuxml-model-11.mod) = a40777208625a3029c6f416aeeea733f614802a6a5f26035a4e445a09e61a47c SIZE (vuxml/vuxml-model-11.mod) = 13282 SHA256 (vuxml/xml1.dcl) = 343efa94c4e1302e85e08b2d1791d86e50aac1ecdbc3161daecac100e4726847 SIZE (vuxml/xml1.dcl) = 7372 SHA256 (vuxml/catalog) = 479a69cf02995603443fd1f3b5b33f97811670931f87f53be99a727d664abc66 SIZE (vuxml/catalog) = 549 SHA256 (vuxml/catalog.xml) = 7b2e2850f57264eeba0ccd3d1fc161b9d5ce3071ae0ec51b9da7fa956f2a6509 SIZE (vuxml/catalog.xml) = 2150

Collapse this list.

Packages (timestamps in pop-ups are UTC):
vuxml
ABIaarch64amd64armv6armv7i386powerpcpowerpc64powerpc64le
FreeBSD:13:latest1.1_61.1_61.1_51.1_61.1_6-1.1_5-
FreeBSD:13:quarterly1.1_61.1_61.1_61.1_61.1_61.1_61.1_61.1_6
FreeBSD:14:latest1.1_61.1_61.1_61.1_61.1_61.1_6-1.1_6
FreeBSD:14:quarterly1.1_61.1_6-1.1_61.1_61.1_61.1_61.1_6
FreeBSD:15:latest1.1_61.1_6n/a1.1_6n/a1.1_61.1_61.1_6
Dependencies
NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
Runtime dependencies:
  1. xmlcatmgr : textproc/xmlcatmgr
  2. xsltproc : textproc/libxslt
  3. VERSION : textproc/xhtml-modularization
  4. xhtml-basic10.dtd : textproc/xhtml-basic
  5. python3.11 : lang/python311
There are no ports dependent upon this port
Configuration Options:
No options to configure
Options name:
security_vuxml
USES:
python:run
FreshPorts was unable to extract/find any pkg message
Master Sites:
Expand this list (1 items)
Collapse this list.
  1. http://www.vuxml.org/dtd/vuxml-1/
Collapse this list.

Number of commits found: 7640 (showing only 100 on this page)

[First Page]  «  10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20  »  [Last Page]

Commit History - (may be incomplete: for full details, see links to repositories near top of page)
CommitCreditsLog message
1.1_5
12 Apr 2021 18:29:50
commit hash: 8497a2d690681142cd0ed97c01a9f1940d4cf277commit hash: 8497a2d690681142cd0ed97c01a9f1940d4cf277commit hash: 8497a2d690681142cd0ed97c01a9f1940d4cf277commit hash: 8497a2d690681142cd0ed97c01a9f1940d4cf277 files touched by this commit		 Adam Weinberger (adamw) search for other commits by this committer 
security/vuxml: Add entry for gitea < 1.14.0

PR:		254976
Submitted by:	Stefan Bethke
1.1_5
12 Apr 2021 02:04:57
commit hash: 6715140e8ba4290273585001a21a49bd5d0a793bcommit hash: 6715140e8ba4290273585001a21a49bd5d0a793bcommit hash: 6715140e8ba4290273585001a21a49bd5d0a793bcommit hash: 6715140e8ba4290273585001a21a49bd5d0a793b files touched by this commit		 Steve Wills (swills) search for other commits by this committer 
security/vuxml: Document syncthing issue
1.1_5
10 Apr 2021 07:13:03
commit hash: 1d4cfc12c8fa8c58010c2468a2181bcc96302e36commit hash: 1d4cfc12c8fa8c58010c2468a2181bcc96302e36commit hash: 1d4cfc12c8fa8c58010c2468a2181bcc96302e36commit hash: 1d4cfc12c8fa8c58010c2468a2181bcc96302e36 files touched by this commit		 Thomas Zander (riggs) search for other commits by this committer 
security/vuxml: Document information disclosure vulnerability in python.
PR:		254780
Reported by:	yasu@utahime.org
Security:	CVE-2021-3426
1.1_5
10 Apr 2021 06:31:41
commit hash: 1e8993822a938afd8bd61f5914150ed173a394bbcommit hash: 1e8993822a938afd8bd61f5914150ed173a394bbcommit hash: 1e8993822a938afd8bd61f5914150ed173a394bbcommit hash: 1e8993822a938afd8bd61f5914150ed173a394bb files touched by this commit		 Thomas Zander (riggs) search for other commits by this committer 
security/vuxml: Document 2 vulnerabilities in ftp/curl
Security:	CVE-2021-22876
		CVE-2021-22890

PR:		254772
Reported by:	yasu@utahime.org
1.1_5
09 Apr 2021 22:08:57
commit hash: b3cd19559e13396d1f4da829fb2f2f6a8cd043ebcommit hash: b3cd19559e13396d1f4da829fb2f2f6a8cd043ebcommit hash: b3cd19559e13396d1f4da829fb2f2f6a8cd043ebcommit hash: b3cd19559e13396d1f4da829fb2f2f6a8cd043eb files touched by this commit		 Adam Weinberger (adamw) search for other commits by this committer 
security/vuxml: Add entry for gitea < 1.13.7

PR:	254930
Submitted by:	Stefan Bethke
1.1_5
08 Apr 2021 04:36:09
commit hash: 48c9ebfaf8c1f2f890a9eefa06a0862d3767bc91commit hash: 48c9ebfaf8c1f2f890a9eefa06a0862d3767bc91commit hash: 48c9ebfaf8c1f2f890a9eefa06a0862d3767bc91commit hash: 48c9ebfaf8c1f2f890a9eefa06a0862d3767bc91 files touched by this commit		 Neel Chauhan (nc) search for other commits by this committer 
Document multiple vulnerabilities in security/clamav

PR:		254861
Submitted by:	Yasuhiro Kimura <yasu AT utahime DOT org>
1.1_5
08 Apr 2021 00:43:00
commit hash: 80690bd29e8384316ecda1808f8965269e051c29commit hash: 80690bd29e8384316ecda1808f8965269e051c29commit hash: 80690bd29e8384316ecda1808f8965269e051c29commit hash: 80690bd29e8384316ecda1808f8965269e051c29 files touched by this commit		 Li-Wen Hsu (lwhsu) search for other commits by this committer 
Document Jenkins Security Advisory 2021-04-07

Sponsored by:	The FreeBSD Foundation
1.1_5
07 Apr 2021 18:58:57
commit hash: 9d9b2b96740807ae005915f3a3d212557b52f1edcommit hash: 9d9b2b96740807ae005915f3a3d212557b52f1edcommit hash: 9d9b2b96740807ae005915f3a3d212557b52f1edcommit hash: 9d9b2b96740807ae005915f3a3d212557b52f1ed files touched by this commit		 Bradley T. Hughes (bhughes) search for other commits by this committer 
security/vuxml: document Node.js April 2021 Security Releases

https://nodejs.org/en/blog/vulnerability/april-2021-security-releases/
1.1_5
07 Apr 2021 16:10:15
commit hash: 01b07b7e020b9a5809980a3c85fd5ef73c9a354ecommit hash: 01b07b7e020b9a5809980a3c85fd5ef73c9a354ecommit hash: 01b07b7e020b9a5809980a3c85fd5ef73c9a354ecommit hash: 01b07b7e020b9a5809980a3c85fd5ef73c9a354e files touched by this commit		 Lewis Cook (lcook) search for other commits by this committer 
security/vuxml: Document upnp stack overflow vulnerability

Approved by:		fernape (mentor)
Differential Revision:	https://reviews.freebsd.org/D29618
1.1_5
07 Apr 2021 11:24:15
commit hash: 86fc557be0a913534306ca1451e9862b65a3f7dccommit hash: 86fc557be0a913534306ca1451e9862b65a3f7dccommit hash: 86fc557be0a913534306ca1451e9862b65a3f7dccommit hash: 86fc557be0a913534306ca1451e9862b65a3f7dc files touched by this commit		 Philip Paeps (philip) search for other commits by this committer 
security/vuxml: add FreeBSD SA-21:10.jail_mount
1.1_5
07 Apr 2021 11:24:14
commit hash: ea0a0473cb840eba059195fb2b36d912f60ec060commit hash: ea0a0473cb840eba059195fb2b36d912f60ec060commit hash: ea0a0473cb840eba059195fb2b36d912f60ec060commit hash: ea0a0473cb840eba059195fb2b36d912f60ec060 files touched by this commit		 Philip Paeps (philip) search for other commits by this committer 
security/vuxml: add FreeBSD SA-21:09.accept_filter
1.1_5
07 Apr 2021 11:24:14
commit hash: f5644310b27dc209f0c508945c2630a8cdf3b6eccommit hash: f5644310b27dc209f0c508945c2630a8cdf3b6eccommit hash: f5644310b27dc209f0c508945c2630a8cdf3b6eccommit hash: f5644310b27dc209f0c508945c2630a8cdf3b6ec files touched by this commit		 Philip Paeps (philip) search for other commits by this committer 
security/vuxml: add FreeBSD SA-21:08.vm
1.1_5
07 Apr 2021 11:24:14
commit hash: 5fc1c8e1322f9a3fddf86ad129697cfb01c864bacommit hash: 5fc1c8e1322f9a3fddf86ad129697cfb01c864bacommit hash: 5fc1c8e1322f9a3fddf86ad129697cfb01c864bacommit hash: 5fc1c8e1322f9a3fddf86ad129697cfb01c864ba files touched by this commit		 Philip Paeps (philip) search for other commits by this committer 
security/vuxml: add FreeBSD SA to CVE-2021-3449/50

Note that FreeBSD 12.2 prior to FreeBSD 12.2-RELEASE-p5 was vulnerable
to CVE-2021-3449 and CVE-2021-3450.  Reference FreeBSD-SA-21:07.openssl.
1.1_5
06 Apr 2021 14:31:13
commit hash: 135fdeebb99c3569e42d8162b265e15d29bd937dcommit hash: 135fdeebb99c3569e42d8162b265e15d29bd937dcommit hash: 135fdeebb99c3569e42d8162b265e15d29bd937dcommit hash: 135fdeebb99c3569e42d8162b265e15d29bd937d files touched by this commit		 Mathieu Arnold (mat) search for other commits by this committer 
all: Remove all other $FreeBSD keywords.
1.1_5
06 Apr 2021 14:31:07
commit hash: 305f148f482daf30dcf728039d03d019f88344ebcommit hash: 305f148f482daf30dcf728039d03d019f88344ebcommit hash: 305f148f482daf30dcf728039d03d019f88344ebcommit hash: 305f148f482daf30dcf728039d03d019f88344eb files touched by this commit		 Mathieu Arnold (mat) search for other commits by this committer 
Remove # $FreeBSD$ from Makefiles.
1.1_5
06 Apr 2021 13:53:57
commit hash: cbbdab46f9b73b3593fb453c4a2523936d569e15commit hash: cbbdab46f9b73b3593fb453c4a2523936d569e15commit hash: cbbdab46f9b73b3593fb453c4a2523936d569e15commit hash: cbbdab46f9b73b3593fb453c4a2523936d569e15 files touched by this commit		 Koichiro Iwao (meta) search for other commits by this committer 
security/vuxml: Document XML round-trip vulnerability of REXML in Ruby

Document XML round-trip vulnerability of REXML in Ruby.

PR:		254793
Reported by:	Yasuhiro Kimura <yasu@utahime.org>
Security:	CVE-2021-28965
1.1_5
06 Apr 2021 08:49:52
commit hash: 5952f85233d1ae2e1f530a18780e86d8ba31a34dcommit hash: 5952f85233d1ae2e1f530a18780e86d8ba31a34dcommit hash: 5952f85233d1ae2e1f530a18780e86d8ba31a34dcommit hash: 5952f85233d1ae2e1f530a18780e86d8ba31a34d files touched by this commit		 Rene Ladan (rene) search for other commits by this committer 
Add vuln-flat.xml to the ignore list and remove the one committed by accident
1.1_5
06 Apr 2021 08:46:51
commit hash: a8416100c4e9b0dd5090c78d09ef6a94293b3c02commit hash: a8416100c4e9b0dd5090c78d09ef6a94293b3c02commit hash: a8416100c4e9b0dd5090c78d09ef6a94293b3c02commit hash: a8416100c4e9b0dd5090c78d09ef6a94293b3c02 files touched by this commit		 Rene Ladan (rene) search for other commits by this committer 
Document new vulnerabilities in www/chromium < 89.0.4389.114

Obtained from: 
https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_30.html
1.1_5
06 Apr 2021 08:01:53
commit hash: b1a2d52166abffd763c903ff7a5bf5dfb84c13a2commit hash: b1a2d52166abffd763c903ff7a5bf5dfb84c13a2commit hash: b1a2d52166abffd763c903ff7a5bf5dfb84c13a2commit hash: b1a2d52166abffd763c903ff7a5bf5dfb84c13a2 files touched by this commit		 Matthias Fechner (mfechner) search for other commits by this committer 
Document gitlab-ce vulnerabilities.
1.1_5
28 Mar 2021 21:37:55
Revision:569416Original commit files touched by this commit		 mandree search for other commits by this committer 
security/linux-c7-nettle: mark vulnerable, too

See https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=254355#c14

PR:		254355
Reported by:	Graham Perrin <grahamperrin@gmail.com>
1.1_5
28 Mar 2021 03:20:57
Revision:569371Original commit files touched by this commit		 timur search for other commits by this committer 
Add entry about recent Samba4* vulnerabilities:

CVE-2020-27840: An anonymous attacker can crash the Samba AD DC LDAP server by
sending easily crafted DNs as part of a bind request. More serious heap
corruption is likely also possible.
CVE-2021-20277: User-controlled LDAP filter strings against the AD DC LDAP
server may crash the LDAP server.

Security:	CVE-2020-27840
		CVE-2021-20277
1.1_5
27 Mar 2021 11:12:22
Revision:569321Original commit files touched by this commit		 mandree search for other commits by this committer 
vuln.xml: mention nettle < 3.7.2 ECDSA verify bugs

Security:	80f9dbd3-8eec-11eb-b9e8-3525f51429a0
1.1_5
26 Mar 2021 08:09:29
Revision:569246Original commit files touched by this commit		 brnrd search for other commits by this committer 
security/vuxml: Document High OpenSSL vulnerabilities

 * While here, fix incorrect year in ec04f3d0-8cd9-11eb-bb9f-206a8a720317
1.1_5
24 Mar 2021 20:02:59
Revision:569157Original commit files touched by this commit		 cy search for other commits by this committer 
security/vuxml: Document spamassassin CVE-2020-1946

PR:		254526
Security:	https://s.apache.org/ng9u9
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-1946
1.1_5
24 Mar 2021 03:15:10
Revision:569083Original commit files touched by this commit		 adamw search for other commits by this committer 
security/vuxml: Add entry for gitea < 1.13.6

PR:		254515
Submitted by:	maintainer
1.1_5
21 Mar 2021 18:30:58
Revision:568929Original commit files touched by this commit		 adamw search for other commits by this committer 
security/vuxml: Add entry for gitea < 1.13.5

PR:		254468
Submitted by:	maintainer
1.1_5
18 Mar 2021 20:52:08
Revision:568762Original commit files touched by this commit		 bdrewery search for other commits by this committer 
OpenSSH CVE-2021-28041 fixed in 8.4.p1_4,1.

Also add flavored package names.
1.1_5
18 Mar 2021 19:30:13
Revision:568757Original commit files touched by this commit		 bdrewery search for other commits by this committer 
Document OpenSSH CVE-2021-28041

PR:	254258
Submitted by:	Yasuhiro Kimura
1.1_5
18 Mar 2021 14:05:02
Revision:568741Original commit files touched by this commit		 mfechner search for other commits by this committer 
Document gitlab vulnerability.
1.1_5
18 Mar 2021 00:27:13
Revision:568705Original commit files touched by this commit		 mandree search for other commits by this committer 
fixup PORTEPOCH for dnsmasq-devel

which used to be at 3 already earlier. Adjust vuxml entry accordingly.

Security:	CVE-2021-3448
Security:	5b72b1ff-877c-11eb-bd4f-2f1d57dafe46
1.1_5
18 Mar 2021 00:23:04
Revision:568704Original commit files touched by this commit		 mandree search for other commits by this committer 
fixup version range for dnsmasq[-devel] to 2.85.r1,1 not 2.85r1,1

Security:	5b72b1ff-877c-11eb-bd4f-2f1d57dafe46
Security:	CVE-2021-3448
1.1_5
18 Mar 2021 00:09:51
Revision:568701Original commit files touched by this commit		 mandree search for other commits by this committer 
vuxml: Add dnsmasq < 2.85 cache poisoning vulnerability.

This affects only certain dnsmasq configurations,
and use of dnsmasq with NetworkManager.

Security:	CVE-2021-3448
1.1_5
17 Mar 2021 13:04:11
Revision:568653Original commit files touched by this commit		 swills search for other commits by this committer 
Document minio issue
1.1_5
16 Mar 2021 15:42:01
Revision:568571Original commit files touched by this commit		 brnrd search for other commits by this committer 
security/vuxml: Document LibreSSL potential use-after-free
1.1_5
16 Mar 2021 08:50:09
Revision:568546Original commit files touched by this commit		 rene search for other commits by this committer 
Document new vulnerabilities in www/chromium < 89.0.4389.90

Obtained
from:	https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_12.html
1.1_5
15 Mar 2021 20:16:33
Revision:568503Original commit files touched by this commit		 crees search for other commits by this committer 
Document CVE-2015-4645 in sysutils/squashfs-tools

Security:	CVE-2015-4645
1.1_5
11 Mar 2021 14:01:40
Revision:568095Original commit files touched by this commit		 fernape search for other commits by this committer 
security/vuxml: Fix www/gitea entry.

s/1.13.24/1.13.4

PR:	254130
Reported by:	clubok@gmx.net
1.1_5
10 Mar 2021 23:37:43
Revision:568051Original commit files touched by this commit		 dmgk search for other commits by this committer 
security/vuxml: Document lang/go vulnerabilities
1.1_5
10 Mar 2021 18:45:25
Revision:568030Original commit files touched by this commit		 nc search for other commits by this committer 
Document vulnerabilities in www/gitea < 1.13.4

PR:		254130
Submitted by:	stb AT lassitu DOT de (maintainer)
1.1_5
10 Mar 2021 14:03:45
Revision:568002Original commit files touched by this commit		 lwhsu search for other commits by this committer 
Document vulnerabilities in databases/mantis <2.24.4

PR:		252612
Submitted by:	Zoltan ALEXANDERSON BESSE <zab@zltech.eu>
1.1_5
09 Mar 2021 06:26:48
Revision:567892Original commit files touched by this commit		 bhughes search for other commits by this committer 
security/vuxml: document Node.js February 2021 Security Releases

https://nodejs.org/en/blog/vulnerability/february-2021-security-releases/

Sponsored by:	Miles AS
1.1_5
05 Mar 2021 21:18:20
Revision:567419Original commit files touched by this commit		 mfechner search for other commits by this committer 
Document gitlab vulnerabilities.
1.1_5
04 Mar 2021 19:48:40
Revision:567337Original commit files touched by this commit		 madpilot search for other commits by this committer 
Report new asterisk vulnerability.
1.1_5
04 Mar 2021 09:51:55
Revision:567296Original commit files touched by this commit		 rene search for other commits by this committer 
Document new vulnerabilities in www/chromium < 89.0.4389.72

Obtained
from:	https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop.html
1.1_5
03 Mar 2021 18:18:08
Revision:567244Original commit files touched by this commit		 sunpoet search for other commits by this committer 
Document jasper vulnerability
1.1_5
03 Mar 2021 06:41:42
Revision:567027Original commit files touched by this commit		 ohauer search for other commits by this committer 
- add CVE entries for saltstack
1.1_5
02 Mar 2021 15:17:24
Revision:566966Original commit files touched by this commit		 osa search for other commits by this committer 
Fix the redis5 affected versions.
1.1_5
27 Feb 2021 01:49:47
Revision:566651Original commit files touched by this commit		 swills search for other commits by this committer 
Document vault issue
1.1_5
25 Feb 2021 02:33:13
Revision:566520Original commit files touched by this commit		 philip search for other commits by this committer 
security/vuxml: add FreeBSD SA-21:04.jail_remove
1.1_5
25 Feb 2021 02:33:10
Revision:566519Original commit files touched by this commit		 philip search for other commits by this committer 
security/vuxml: add FreeBSD SA-21:06.xen
1.1_5
25 Feb 2021 02:33:06
Revision:566518Original commit files touched by this commit		 philip search for other commits by this committer 
security/vuxml: add FreeBSD SA-21:05.jail_chdir
1.1_5
25 Feb 2021 02:33:03
Revision:566517Original commit files touched by this commit		 philip search for other commits by this committer 
security/vuxml: add FreeBSD SA-21:03.pam_login_access
1.1_5
23 Feb 2021 13:57:29
Revision:566398Original commit files touched by this commit		 osa search for other commits by this committer 
Document integer overflow on 32-bit systems (CVE-2021-21309):
o) databases/redis5
o) databases/redis
o) databases/redis-devel
1.1_5
23 Feb 2021 01:04:03
Revision:566361Original commit files touched by this commit		 leres search for other commits by this committer 
security/vuxml: Mark zeek < 3.0.13 as vulnerable as per:

    https://github.com/zeek/zeek/releases/tag/v3.0.13

Fix ASCII Input reader's treatment of input files containing
null-bytes. An input file containing null-bytes could lead to a
buffer-over-read, crash Zeek, and be exploited to cause Denial of
Service.
1.1_5
20 Feb 2021 16:38:05
Revision:566165Original commit files touched by this commit		 adridg search for other commits by this committer 
Add vuxml entry for textproc/raptor2 CVE

PR:		251102
1.1_5
20 Feb 2021 02:36:44
Revision:566136Original commit files touched by this commit		 lwhsu search for other commits by this committer 
Connect vuln-2020.xml (2/2)
1.1_5
20 Feb 2021 02:36:27
Revision:566135Original commit files touched by this commit		 lwhsu search for other commits by this committer 
Connect vuln-2020.xml (1/2)
1.1_5
20 Feb 2021 02:35:06
Revision:566133Original commit files touched by this commit		 lwhsu search for other commits by this committer 
Split out vuln-2020.xml
1.1_5
20 Feb 2021 02:20:27
Revision:566132Original commit files touched by this commit		 lwhsu search for other commits by this committer 
Document  Jenkins Security Advisory 2021-02-19

Sponsored by:	The FreeBSD Foundation
1.1_5
18 Feb 2021 20:41:01
Revision:565978Original commit files touched by this commit		 madpilot search for other commits by this committer 
Report new asterisk vulnerabilities.
1.1_5
18 Feb 2021 18:18:01
Revision:565962Original commit files touched by this commit		 brnrd search for other commits by this committer 
security/openssl-devel: Mark vulnerable CVE-2021-23841

MFH:		2021Q1
Security:	96a21236-707b-11eb-96d8-d4c9ef517024
1.1_5
17 Feb 2021 18:30:12
Revision:565782Original commit files touched by this commit		 sunpoet search for other commits by this committer 
Document rails vulnerability
1.1_5
17 Feb 2021 12:47:30
Revision:565499Original commit files touched by this commit		 rene search for other commits by this committer 
Document new vulnerabilities in www/chromium < 88.0.4324.182

Obtained
from:	https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_16.html
1.1_5
16 Feb 2021 17:35:59
Revision:565421Original commit files touched by this commit		 brnrd search for other commits by this committer 
security/vuxml: Document OpenSSL 1.1.1i vulnerabilities
1.1_5
12 Feb 2021 20:44:33
Revision:565063Original commit files touched by this commit		 mandree search for other commits by this committer 
openexr/ilmbase < v2.5.5 security vulnerabilities

https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v2.5.5

Security:	98044aba-6d72-11eb-aed7-1b1b8a70cc8b
1.1_5
12 Feb 2021 13:28:01
Revision:565016Original commit files touched by this commit		 mfechner search for other commits by this committer 
Document gitlab vulnerabilities.
1.1_5
12 Feb 2021 04:47:11
Revision:564994Original commit files touched by this commit		 nc search for other commits by this committer 
Add security/vuxml entry for CVE-2021-21291 affecting www/oauth2-proxy < 7.0.0.

While I'm here, fix formatting for mod_dav_svn CVE-2020-17525 vuxml entry,

MFH:		2021Q1
1.1_5
10 Feb 2021 17:45:04
Revision:564888Original commit files touched by this commit		 gjb search for other commits by this committer 
Fix build.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
1.1_5
10 Feb 2021 17:09:37
Revision:564881Original commit files touched by this commit		 lev search for other commits by this committer 
 Document https://subversion.apache.org/security/CVE-2020-17525-advisory.txt.
1.1_5
07 Feb 2021 02:54:24
Revision:564589Original commit files touched by this commit		 adamw search for other commits by this committer 
security/vuxml: Add entry for gitea < 1.13.2

PR:		253295
Submitted by:	maintainer
1.1_5
06 Feb 2021 00:05:23
Revision:564167Original commit files touched by this commit		 rene search for other commits by this committer 
Document new vulnerability in www/chromium < 88.0.4324.150

Obtained
from:	https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_4.html
1.1_5
03 Feb 2021 20:06:09
Revision:563959Original commit files touched by this commit		 rene search for other commits by this committer 
Document new vulnerabilities in www/chromium < 88.0.4324.146

Obtained
from:	https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop.html
1.1_5
02 Feb 2021 07:50:22
Revision:563788Original commit files touched by this commit		 mfechner search for other commits by this committer 
Document gitlab-ce vulnerabilities.
1.1_5
31 Jan 2021 21:55:28
Revision:563534Original commit files touched by this commit		 swills search for other commits by this committer 
Document minio issue
1.1_5
29 Jan 2021 06:47:50
Revision:563173Original commit files touched by this commit		 philip search for other commits by this committer 
security/vuxml: add FreeBSD SA-21:02.xenoom
1.1_5
29 Jan 2021 06:47:47
Revision:563172Original commit files touched by this commit		 philip search for other commits by this committer 
security/vuxml: add FreeBSD SA-21:01.fsdisclosure
1.1_5
28 Jan 2021 12:51:17
Revision:563133Original commit files touched by this commit		 lcook search for other commits by this committer 
security/vuxml: Document graphics/pngcheck vulnerability

PR:			253019
Approved by:		fernape (mentor)
Differential Revision:	https://reviews.freebsd.org/D28308
1.1_5
26 Jan 2021 20:28:56
Revision:562998Original commit files touched by this commit		 cy search for other commits by this committer 
Document sudo CVE-2021-3156.

 * When invoked as sudoedit, the same set of command line options
   are now accepted as for "sudo -e".  The -H and -P options are
   now rejected for sudoedit and "sudo -e" which matches the sudo
   1.7 behavior.  This is part of the fix for CVE-2021-3156.

 * Fixed a potential buffer overflow when unescaping backslashes
   in the command's arguments.  Normally, sudo escapes special
   characters when running a command via a shell (sudo -s or sudo
   -i).  However, it was also possible to run sudoedit with the -s
   or -i flags in which case no escaping had actually been done,
   making a buffer overflow possible.  This fixes CVE-2021-3156.

PR:		253034
Reported by:	"Todd C. Miller" <Todd.Miller@sudo.ws> via mailing list
		emaste
Obtained from:	sudo
1.1_5
26 Jan 2021 17:56:21
Revision:562967Original commit files touched by this commit		 sunpoet search for other commits by this committer 
Document py-pysaml2 vulnerability
1.1_5
26 Jan 2021 13:21:47
Revision:562658Original commit files touched by this commit		 lwhsu search for other commits by this committer 
Document Jenkins Security Advisory 2021-01-26

Sponsored by:	The FreeBSD Foundation
1.1_5
25 Jan 2021 17:16:21
Revision:562587Original commit files touched by this commit		 bapt search for other commits by this committer 
Rework vuxml a bit to make them validable again

modify tidy.xsl to make it generates manually the xml declaration
xsl is not able to generate a list of entity otherwise.

Remove copyright form included files, they are redudundant anyway and
in the end only the vuln.xml file is distribued with entities expanded

Rework a bit the entity declaration in order for the document to look
great after expansion (as it did before we introduced the expansion
mechanism)

All validation are now processed direcly on the flattened file.

This is based on a patch from mfechner here

Submitted by:		mfechner
Differential Revision:	https://reviews.freebsd.org/D28299
1.1_5
25 Jan 2021 17:16:14
Revision:562586Original commit files touched by this commit		 bapt search for other commits by this committer 
Rework the entity declaration

when expanded they will look better (as when the file was not split)

While here cleanup some indentation
1.1_5
25 Jan 2021 15:50:43
Revision:562571Original commit files touched by this commit		 bapt search for other commits by this committer 
Fix indentation
1.1_5
23 Jan 2021 18:19:40
Revision:562408Original commit files touched by this commit		 otis search for other commits by this committer 
security/vuxml: Document mail/mutt vulnerability

Document mail/mutt vulnerability CVE-2021-3181

PR:		252931
Submitted by:	Derek Schrock <dereks@lifeofadishwasher.com>
Reported by:	Derek Schrock <dereks@lifeofadishwasher.com>
Reviewed by:	osa (mentor)
Approved by:	osa (mentor)
Differential Revision:	https://reviews.freebsd.org/D28308
1.1_5
23 Jan 2021 17:46:01
Revision:562406Original commit files touched by this commit		 gjb search for other commits by this committer 
Fix build.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
1.1_5
23 Jan 2021 14:46:24
Revision:562396Original commit files touched by this commit		 brnrd search for other commits by this committer 
security/vuxml: Add new MySQL vulnerabilities
1.1_5
22 Jan 2021 20:37:53
Revision:562336Original commit files touched by this commit		 rene search for other commits by this committer 
Document new vulnerabilities in www/chromium < 88.0.4324.96

Obtained
from:	https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html
1.1_5
22 Jan 2021 09:33:28
Revision:562282Original commit files touched by this commit		 jhale search for other commits by this committer 
Document CVE-2020-15983 for games/chocolate-doom and games/crispy-doom
1.1_5
22 Jan 2021 00:22:44
Revision:562266Original commit files touched by this commit		 mfechner search for other commits by this committer 
Made clear how to test now entries against the newly formatted file.
1.1_5
22 Jan 2021 00:13:43
Revision:562265Original commit files touched by this commit		 gjb search for other commits by this committer 
Fix build.

Yes, please do FIXME.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
1.1_5
22 Jan 2021 00:09:24
Revision:562264Original commit files touched by this commit		 mfechner search for other commits by this committer 
Added security vulnerability for rubygem-nokogiri.
1.1_5
21 Jan 2021 13:19:10
Revision:562204Original commit files touched by this commit		 bapt search for other commits by this committer 
Split vuln.xml file [2/2]

The vuln.xml file has grown a lot since 2003. To avoid having to unlock
the svn size limitation, the file is now split into 1 file per year up
to the current year + previous one. The split is made based on the date
when the entry has been added.

In order to achieve the split without breaking any consumer we use a standard
XML mechanism via the definition of entities.

While here add a new target make vuln-flat.xml which will expand the entities
in order to be able to regenerate a one uniq file if needed. This useful to for
example allow to test with pkg audit directly given the XML parser used in pkg
does not support custom entities.

The vuxml web site generator has been modified to ensure the vuln.xml file it
provides is the expanded version, so for consumers it is still only one single
file to download.
1.1_5
21 Jan 2021 13:18:50
Revision:562203Original commit files touched by this commit		 bapt search for other commits by this committer 
Split vuln.xml file [1/2]

The vuln.xml file has grown a lot since 2003. To avoid having to unlock
the svn size limitation, the file is now split into 1 file per year up
to the current year + previous one. The split is made based on the date
when the entry has been added.

In order to achieve the split without breaking any consumer we use a standard
XML mechanism via the definition of entities.

While here add a new target make vuln-flat.xml which will expand the entities
in order to be able to regenerate a one uniq file if needed. This useful to for
example allow to test with pkg audit directly given the XML parser used in pkg
does not support custom entities.

The vuxml web site generator has been modified to ensure the vuln.xml file it
provides is the expanded version, so for consumers it is still only one single
file to download.
1.1_5
20 Jan 2021 19:25:15
Revision:562156Original commit files touched by this commit		 mandree search for other commits by this committer 
dns/dnsmasq-devel: mark stale name vulnerable, too

dnsmasq-devel isn't currently in ports, but if someone never
switched to dnsmasq, we should also flag the older dnsmasq-devel
vulnerable.

Security:	5b5cf6e5-5b51-11eb-95ac-7f9491278677
1.1_5
20 Jan 2021 19:11:52
Revision:562153Original commit files touched by this commit		 mandree search for other commits by this committer 
dns/dnsmasq < 2.83 vulnerabilities (buffer overflow, DNS cache poisoning)

Security:	5b5cf6e5-5b51-11eb-95ac-7f9491278677
Security:	CVE-2020-25684
Security:	CVE-2020-25685
Security:	CVE-2020-25686
Security:	CVE-2020-25681
Security:	CVE-2020-25682
Security:	CVE-2020-25683
Security:	CVE-2020-25687
1.1_5
20 Jan 2021 00:25:53
Revision:562103Original commit files touched by this commit		 dmgk search for other commits by this committer 
security/vuxml: Document lang/go vulnerabilities
1.1_5
19 Jan 2021 21:12:19
Revision:562089Original commit files touched by this commit		 jrm search for other commits by this committer 
security/vuxml: Fix range of affected cloud-init versions
1.1_5
19 Jan 2021 20:47:00
Revision:562084Original commit files touched by this commit		 jrm search for other commits by this committer 
security/vuxml: Document vulnerability in cloud-init version 20.4

https://bugs.launchpad.net/cloud-init/+bug/1911680

Reported by:	Mina Galic <me@igalic.co>
1.1_5
18 Jan 2021 08:21:27
Revision:561901Original commit files touched by this commit		 lwhsu search for other commits by this committer 
Document CVE-2020-25074 and CVE-2020-15275 for www/moinmoin
1.1_5
17 Jan 2021 22:23:34
Revision:561880Original commit files touched by this commit		 0mp search for other commits by this committer 
Document ghostscript9-agpl-base vulnerability committed in r544907

PR:		248580
Requested by:	joneum (ports-secteam)
Reported by:	VVD <vvd@unislabs.com>
MFH:		2021Q1
Security:	CVE-2020-15900

Number of commits found: 7640 (showing only 100 on this page)

[First Page]  «  10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20  »  [Last Page]
Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
Security Policy
Privacy
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
mod_securityJun 06
mod_securityJun 06
firefoxJun 05
firefoxJun 05
firefoxJun 05
firefoxJun 05
firefox-esrJun 05
firefox-esrJun 05
firefox-esrJun 05
firefox-esrJun 05
chromiumJun 04
electron34*Jun 04
electron35*Jun 04
electron36*Jun 04
roundcubeJun 03

31 vulnerabilities affecting 276 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities

Last processed:
2025-06-06 18:03:49 UTC


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)

Calculated hourly:
Port count 33308
Broken 120
Deprecated 318
Ignore 239
Forbidden 1
Restricted 2
No CDROM 1
Vulnerable 32
Expired 25
Set to expire 262
Interactive 0
new 24 hours 2
new 48 hours3
new 7 days19
new fortnight43
new month129
Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD 		Valid HTML, CSS, and RSS. Copyright © 2000-2025 Dan Langille. All rights reserved.