Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
Commit | Credits | Log message |
1.1_6 16 Jan 2024 17:24:08 |
Jan Beich (jbeich) |
security/vuxml: add xwayland-devel to 62bb32d7090f list |
1.1_6 16 Jan 2024 17:09:39 |
Emmanuel Vadot (manu) |
security/vuxml: Document xorg-server and xwayland recent vulnerabilities
Sponsored by: Beckhoff Automation GmbH & Co. KG |
1.1_6 12 Jan 2024 08:50:16 |
Hiroki Tagato (tagattie) |
security/vuxml: document electron{26,27} multiple vulnerabilities
Obtained from: https://github.com/electron/electron/releases/tag/v26.6.5,
https://github.com/electron/electron/releases/tag/v27.2.2 |
1.1_6 12 Jan 2024 08:05:31 |
Matthias Fechner (mfechner) |
security/vuxml: document gitlab vulnerabilities |
1.1_6 11 Jan 2024 12:28:25 |
Bernard Spil (brnrd) |
security/vuxml: Document OpenSSL ppc vulnerability |
1.1_6 10 Jan 2024 15:39:25 |
Robert Nagy (rnagy) |
security/vuxml: add www/*chromium < 120.0.6099.216
Obtained
from: https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_9.html |
1.1_6 07 Jan 2024 22:19:22 |
Jason E. Hale (jhale) |
security/vuxml: Fix copypasta typo |
1.1_6 07 Jan 2024 22:01:55 |
Jason E. Hale (jhale) |
security/vuxml: Document QtNetwork buffer overflow
An issue was discovered in the HTTP2 implementation in Qt before 5.15.17,
6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before
6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer
overflow check.
Base Score: 9.8 CRITICAL
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.1_6 06 Jan 2024 16:44:06 |
Dan Langille (dvl) |
security/vuxml: add databases/mantis-php* < 2.25.8
Obtained from https://mantisbt.org/bugs/changelog_page.php?version_id=370
PR: 276146 |
1.1_6 04 Jan 2024 07:42:11 |
Robert Nagy (rnagy) |
security/vuxml: add www/*chromium < 120.0.6099.199
Obtained
from: https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop.html |
1.1_6 04 Jan 2024 05:56:13 |
Hiroki Tagato (tagattie) |
security/vuxml: document electron27 multiple vulnerabilities
Obtained from: https://github.com/electron/electron/releases/tag/v27.2.1 |
1.1_6 04 Jan 2024 05:56:12 |
Hiroki Tagato (tagattie) |
security/vuxml: document electron26 multiple vulnerabilities
Obtained from: https://github.com/electron/electron/releases/tag/v26.6.4 |
1.1_6 02 Jan 2024 06:11:10 |
Philip Paeps (philip) |
security/vuxml: add FreeBSD SA released on 2023-12-19
FreeBSD-SA-23:19.openssl affects all supported releases of FreeBSD.
FreeBSD 12.4 reached its end of life at the end of December 2023. Users
are encouraged to either implement the documented workaround or leverage
an up to date version of OpenSSH from the ports/pkg collection. |
1.1_6 02 Jan 2024 06:11:09 |
Philip Paeps (philip) |
security/vuxml: add 2024 entity |
1.1_6 31 Dec 2023 06:26:05 |
Matthias Andree (mandree) |
security/vuxml: unexpand spaces for gitea 482bb980-99a3-11ee-b5f7-6bd56600d90c |
1.1_6 31 Dec 2023 06:23:12 |
Matthias Andree (mandree) |
security/vuxml: extend openvpn vuln entry to openvpn-devel < g20231109,1
Security: 2fe004f5-83fd-11ee-9f5d-31909fb2f495
Security: CVE-2023-46849
Security: CVE-2023-46850 |
1.1_6 31 Dec 2023 05:57:51 |
Jason E. Hale (jhale) |
security/vuxml: Add www/qt5-webengine
qt5-webengine < 5.15.16.p5_2 is also affected by the following VuXML
IDs:
- 8cdd38c7-8ebb-11ee-86bb-a8a1599412c6
- 4405e9ad-97fe-11ee-86bb-a8a1599412c6 |
1.1_6 30 Dec 2023 23:24:05 |
Jason E. Hale (jhale) |
security/vuxml: Add www/qt6-webengine
qt6-webengine < 6.6.1_1 is also affected by the following VuXML IDs:
- 8cdd38c7-8ebb-11ee-86bb-a8a1599412c6
- 4405e9ad-97fe-11ee-86bb-a8a1599412c6 |
1.1_6 29 Dec 2023 18:24:40 |
Muhammad Moinur Rahman (bofh) Author: Dmitry Wagin |
devel/zookeeper: Update version 3.8.1=>3.8.3
- Fixes critical security vulnerability
- Return to pool
- Add entry in vuxml
PR: 275999
Approved by: submitter is maintainer |
1.1_6 22 Dec 2023 05:23:10 |
Hiroki Tagato (tagattie) |
security/vuxml: document electron multiple vulnerabilities
Obtained from: https://github.com/electron/electron/releases/tag/v26.6.3,
https://github.com/electron/electron/releases/tag/v27.2.0 |
1.1_6 22 Dec 2023 01:24:35 |
Muhammad Moinur Rahman (bofh) Author: Stefan Bethke |
www/gitea: Update version 1.21.0=>1.21.3
- Add relevant vuxml entry
- Move pkg-message to SUB_FILES as we are using PREFIX
Changelog: https://blog.gitea.com/release-of-1.21.3/
PR: 275742
Approved by: submitter is maintainer |
1.1_6 21 Dec 2023 09:45:29 |
Ashish SHUKLA (ashish) |
security/vuxml: document nebula vulnerability |
1.1_6 21 Dec 2023 07:49:30 |
Robert Nagy (rnagy) |
security/vuxml: add www/*chromium < 120.0.6099.129
Obtained
from: https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_20.html |
1.1_6 19 Dec 2023 22:21:58 |
Matthias Andree (mandree) |
security/vuxml: add security/putty[-nogtk] < 0.80 'Terrapin' vulnerability
Security: 91955195-9ebb-11ee-bc14-a703705db3a6
Security: CVE-2023-48795 |
1.1_6 19 Dec 2023 18:06:12 |
Thierry Thomas (thierry) |
security/vuxml: add an entry for slurm-wlm |
1.1_6 17 Dec 2023 10:29:43 |
Dave Cottlehuber (dch) |
security/vuxml: add CouchDB CVE details
Security: CVE-2023-26268
Sponsored by: SkunkWerks, GmbH |
1.1_6 14 Dec 2023 05:03:50 |
Matthias Fechner (mfechner) |
security/vuxml: document gitlab vulnerabilities |
1.1_6 14 Dec 2023 02:10:59 |
Philip Paeps (philip) |
security/vuxml: adjust 12.4 range of FreeBSD SA-23:17.pf
Similar to what I did in 4826396e5d1555b9eebf58cac290490b24bf1243,
adjust the 12.4 releases affected by FreeBSD SA-23:17.pf.
There is no 100% correct way to encode this issue in vuxml. Since the
issue only affects pf.ko, freebsd-update does not rebuild the kernel.
PR: 275743
Reported by: martin@lispworks.com |
1.1_6 13 Dec 2023 12:33:43 |
Robert Nagy (rnagy) |
security/vuxml: add www/*chromium < 120.0.6099.109
Obtained
from: https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_12.html |
1.1_6 13 Dec 2023 06:23:15 |
Philip Paeps (philip) |
security/vuxml: add FreeBSD SA released on 2023-12-12
FreeBSD-SA-23:18.nfsclient affects FreeBSD 14.0 and 13.2. |
1.1_6 13 Dec 2023 03:39:47 |
Jan Beich (jbeich) |
security/vuxml: mark xorg-server < 21.1.10,1 as vulnerable |
1.1_6 11 Dec 2023 08:23:11 |
Robert Nagy (rnagy) |
security/vuxml: add www/*chromium < 120.0.6099.62
Obtained
from: https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop.html |
1.1_6 11 Dec 2023 07:38:52 |
Fernando Apesteguía (fernape) |
secuirty/vuxml: Remove duplicate entry
A previous entry for CVE-2023-41913 was added in
8c6ee1a1c2df0d7a769c1fd50f0366ded3798e86
PR: 275620
Reported by: eugen@
Fixes: eea55ca7b5c621fd4f032b1f256b8472fbae2b15 |
1.1_6 10 Dec 2023 17:07:55 |
Fernando Apesteguía (fernape) |
security/vuxml: Record kafka vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Apache
ZooKeeper.
Note that this only affects SASL Quorum Peer authentication which is
not enabled by default.
Base Score: 9.1 CRITICAL
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
PR: 275611 |
1.1_6 10 Dec 2023 16:57:47 |
Fernando Apesteguía (fernape) |
security/vuxml: Record strongswan buffer overflow
strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated
remote code execution via a DH public value that exceeds the internal buffer in
charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can
occur via a crafted IKE_SA_INIT message.
NVD score not yet provided.
PR: 275620 |
1.1_6 07 Dec 2023 08:54:15 |
Hiroki Tagato (tagattie) |
security/vuxml: document electron25 multiple vulnerabilities
Obtained from: https://github.com/electron/electron/releases/tag/v25.9.8 |
1.1_6 07 Dec 2023 04:49:28 |
Philip Paeps (philip) |
security/vuxml: correct last SA's affected range
FreeBSD-SA-23:17.pf only affects the kernel, not userland. The first
patch level of the kernel without the vulnerability is 13.2_4, not
13.2_7.
Reported by: dvl |
1.1_6 05 Dec 2023 23:01:20 |
Philip Paeps (philip) |
security/vuxml: add FreeBSD SA released on 2023-12-05
FreeBSD-SA-23:17.pf affects all supported releases (12.4, 13.2, 14.0). |
1.1_6 02 Dec 2023 18:42:34 |
Danilo G. Baio (dbaio) |
security/vuxml: Add Varnish Cache vulnerability |
1.1_6 01 Dec 2023 18:12:59 |
Jason E. Hale (jhale) |
security/vuxml: Add www/qt6-webengine
qt6-webengine < 6.6.1 is also affected by the following VuXML IDs:
- 6d9c6aae-5eb1-11ee-8290-a8a1599412c6
- 07ee8c14-68f1-11ee-8290-a8a1599412c6
- a1e27775-7a61-11ee-8290-a8a1599412c6
- 0da4db89-84bf-11ee-8290-a8a1599412c6 |
1.1_6 01 Dec 2023 06:45:57 |
Matthias Fechner (mfechner) |
security/vuxml: document gitlab vulnerabilities |
1.1_6 01 Dec 2023 05:19:49 |
Hiroki Tagato (tagattie) |
security/vuxml: document electron multiple vulnerabilities
Obtained from: https://github.com/electron/electron/releases/tag/v25.9.7,
https://github.com/electron/electron/releases/tag/v26.6.2 |
1.1_6 29 Nov 2023 13:35:20 |
Robert Nagy (rnagy) |
security/vuxml: add www/*chromium < 119.0.6045.199
Obtained
from: https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_28.html |
1.1_6 27 Nov 2023 01:22:00 |
Jason E. Hale (jhale) |
security/vuxml: Add devel/cmake-core
VuXML ID d6c19e8c-6806-11ee-9464-b42e991fc52e also affects the bundled
libcurl in devel/cmake-core < 3.27.8. |
1.1_6 26 Nov 2023 17:28:38 |
Bernard Spil (brnrd) |
security/vuxml: Document MariaDB vulnerability |
1.1_6 26 Nov 2023 12:53:20 |
Jason E. Hale (jhale) |
security/vuxml: Add www/qt5-webengine
VuXML ID 0da4db89-84bf-11ee-8290-a8a1599412c6 also affects
www/qt5-webengine < 5.15.16.p5 |
1.1_6 24 Nov 2023 08:32:26 |
Eugene Grosbein (eugen) |
security/vuxml: document strongSwan vulnerability CVE-2023-41913
Security: a62c0c50-8aa0-11ee-ac0d-00e0670f2660
Security: CVE-2023-41913 |
1.1_6 22 Nov 2023 22:49:01 |
Hiroki Tagato (tagattie) |
security/vuxml: document electron use after free in Garbage Collection
Obtained from: https://github.com/electron/electron/releases/tag/v25.9.6,
https://github.com/electron/electron/releases/tag/v26.6.1 |
1.1_6 16 Nov 2023 20:33:48 |
Robert Nagy (rnagy) |
security/vuxml: add www/*chromium < 119.0.6045.159
Obtained
from: https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_14.html |
1.1_6 16 Nov 2023 09:02:23 |
Hiroki Tagato (tagattie) |
security/vuxml: document electron use after free in WebAudio
Obtained from: https://github.com/electron/electron/releases/tag/v25.9.5,
https://github.com/electron/electron/releases/tag/v26.6.0 |
1.1_6 15 Nov 2023 21:49:26 |
Matthias Andree (mandree) |
security/vuxml: 2.6.0 <= openvpn < 2.6.7 vulnerabilities
Related to:
PR: 275055
Security: 2fe004f5-83fd-11ee-9f5d-31909fb2f495
Security: CVE-2023-46849
Security: CVE-2023-46850
This specifically documents < 2.6.7_1 in order to collect the
regression fix for https://github.com/OpenVPN/openvpn/issues/449
which was a bug newly introduced into 2.6.7. |
1.1_6 15 Nov 2023 14:44:30 |
Fernando Apesteguía (fernape) |
security/vuxml: Record typo3-1{12} vulnerabilities
PR: 275073 275074 |
1.1_6 09 Nov 2023 15:07:59 |
Palle Girgensohn (girgen) |
security/vuxml: add issues for PostgreSQL
https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/ |
1.1_6 09 Nov 2023 06:27:00 |
Hiroki Tagato (tagattie) |
security/vuxml: document electron multiple vulnerabilities
Obtained from: https://github.com/electron/electron/releases/tag/v25.9.4,
https://github.com/electron/electron/releases/tag/v26.5.0 |
1.1_6 08 Nov 2023 22:29:20 |
Daniel Engberg (diizzy) |
security/vuxml: Document libsndfile vulnerability
https://nvd.nist.gov/vuln/detail/CVE-2022-33065 |
1.1_6 08 Nov 2023 18:21:31 |
Robert Nagy (rnagy) |
security/vuxml: add www/*chromium < 119.0.6045.123
Obtained
from: https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop.html |
1.1_6 08 Nov 2023 16:13:42 |
Bernard Spil (brnrd) |
security/vuxml: Document OpenSSL vulnerability |
1.1_6 08 Nov 2023 07:05:29 |
Philip Paeps (philip) |
security/vuxml: add FreeBSD SAs released on 2023-11-08
FreeBSD-SA-23:15.stdio affects 12.4 and 13.2
FreeBSD-SA-23:16.cap_net affects 13.2 |
1.1_6 05 Nov 2023 20:00:54 |
Christian Weisgerber (naddy) |
security/vuxml: document vorbis-tools vulnerability
PR: 274900
Reported by: diizzy |
1.1_6 03 Nov 2023 21:16:08 |
Robert Clausecker (fuz) |
security/vuxml: document optipng vulnerability
PR: 274822
Reported by: Thomas Hurst <tom@hur.st> |
1.1_6 03 Nov 2023 16:15:34 |
Robert Nagy (rnagy) |
security/vuxml: add www/*chromium < 119.0.6045.105
Obtained
from: https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html |
1.1_6 02 Nov 2023 22:29:42 |
Florian Smeets (flo) |
security/vuxml: add phpmyfaq < 3.2.2 |
1.1_6 01 Nov 2023 19:25:27 |
Renato Botelho (garga) |
security/vuxml: Add open-vm-tools vulnerabilities
Sponsored by: Rubicon Communications, LLC ("Netgate") |
1.1_6 01 Nov 2023 07:53:32 |
Matthias Fechner (mfechner) |
security/vuxml: added gitlab vulnerabilities |
1.1_6 27 Oct 2023 22:25:39 |
Craig Leres (leres) |
security/vuxml: Mark zeek < 6.0.2 as vulnerable as per:
https://github.com/zeek/zeek/releases/tag/v6.0.2
This release fixes the following potential DoS vulnerabilities:
- A specially-crafted SSL packet could cause Zeek to leak memory
and potentially crash.
- A specially-crafted series of FTP packets could cause Zeek to
log entries for requests that have already been completed, using
resources unnecessarily and potentially causing Zeek to lose
other traffic.
- A specially-crafted series of SSL packets could cause Zeek to (Only the first 15 lines of the commit message are shown above ) |
1.1_6 27 Oct 2023 18:38:43 |
Robert Nagy (rnagy) |
security/vuxml: add www/*chromium < 118.0.5993.117
Obtained
from: https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_24.html |
1.1_6 25 Oct 2023 12:41:02 |
Jan Beich (jbeich) |
security/vuxml: mark xorg-server < 21.1.9,1 as vulnerable |
1.1_6 25 Oct 2023 08:21:59 |
Fernando Apesteguía (fernape) |
security/vuxml: Register multiple www/squid vulnerabilities
Denial of Service in FTP
Base Score: 8.6
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Request/Response smuggling in HTTP/1.1 and ICAP
Base Score: 9.3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Denial of Service in HTTP Digest Authentication
Base Score: 9.9
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H |
1.1_6 24 Oct 2023 18:24:18 |
Bernard Spil (brnrd) |
security/vuxml: Document OpenSSL vulnerability |
1.1_6 23 Oct 2023 18:08:48 |
Bernard Spil (brnrd) |
security/vuxml: Document MySQL vulnerabilities |
1.1_6 20 Oct 2023 06:08:18 |
Mikael Urankar (mikael) |
security/vuxml: security/vuxml: Document www/rt44 and www/rt50 vulnerabilities |
1.1_6 19 Oct 2023 21:29:28 |
Hiroki Tagato (tagattie) |
security/vuxml: document electron use after free in site isolation
Obtained from: https://github.com/electron/electron/releases/tag/v25.9.2,
https://github.com/electron/electron/releases/tag/v26.4.1 |
1.1_6 19 Oct 2023 10:10:55 |
Bernard Spil (brnrd) |
security/vuxml: Document Apache httpd vulnerabilities |
1.1_6 19 Oct 2023 07:07:25 |
Robert Clausecker (fuz) |
security/vuxml: add games/moonlight-embedded vulnerability
PR: 274452
Reported by: Armin Zhu <lisp_25689@163.com> |
1.1_6 18 Oct 2023 17:28:52 |
Li-Wen Hsu (lwhsu) |
security/vuxml: Document Jenkins Security Advisory 2023-10-18
Sponsored by: The FreeBSD Foundation |
1.1_6 18 Oct 2023 17:17:27 |
Bernard Spil (brnrd) |
security/vuxml: Document Roundcube vulnerability |
1.1_6 18 Oct 2023 14:08:38 |
Yasuhiro Kimura (yasu) |
security/vuxml: Document possible bypassing Unix socket permissions in redis |
1.1_6 14 Oct 2023 22:40:11 |
Sergey A. Osokin (osa) |
security/vuxml: Document a vulnerability in textproc/libcue
PR: 274413 |
1.1_6 14 Oct 2023 12:17:23 |
Thomas Zander (riggs) |
security/vuxml: Document HTTP/2 DoS vulnerability in net/traefik |
1.1_6 13 Oct 2023 20:18:08 |
Joseph Mingrone (jrm) |
security/vuxml: Update version range for samba413 vulnerabilities
Security fixes were back-ported from Samba 4.6.11 to samba413-4.13.17_6
in fe495574527e3f97cbb57438f8c468fad8842e9d.
PR: 273595
Sponsored by: The FreeBSD Foundation |
1.1_6 12 Oct 2023 14:48:21 |
Emmanuel Vadot (manu) |
security/vuxml: Document libXpm recent CVEs
PR: 274266 |
1.1_6 12 Oct 2023 14:48:20 |
Emmanuel Vadot (manu) |
security/vuxml: Document libX11 recent CVEs
PR: 274266 |
1.1_6 12 Oct 2023 11:24:57 |
Robert Nagy (rnagy) |
security/vuxml: add www/*chromium < 118.0.5993.70
Obtained
from: https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html |
1.1_6 12 Oct 2023 07:02:42 |
Hiroki Tagato (tagattie) |
security/vuxml: document electron25 use after free in extensions
Obtained from: https://github.com/electron/electron/releases/tag/v25.9.1 |
1.1_6 11 Oct 2023 22:22:51 |
Po-Chuan Hsieh (sunpoet) |
security/vuxml: Fix bca498407bf9e529936ebb68e9ca257bdd1428de
The pkg audit result before the fix:
curl-8.4.0 is vulnerable:
curl -- SOCKS5 heap buffer overflow
CVE: CVE-2023-38545
WWW:
https://vuxml.FreeBSD.org/freebsd/d6c19e8c-6806-11ee-9464-b42e991fc52e.html
1 problem(s) in 1 installed package(s) found. |
1.1_6 11 Oct 2023 07:44:11 |
Fernando Apesteguía (fernape) |
security/vuxml: Fix description body
Keep the original description body for "make newentry" without parameters. |
1.1_6 11 Oct 2023 07:35:04 |
Fernando Apesteguía (fernape) |
security/vuxml: register ftp/curl heap buffer overflow
Severity: High
CVE-2023-38545 reserved:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545 |
1.1_6 10 Oct 2023 15:33:11 |
Dave Cottlehuber (dch) |
security/vuxml: add h2o-devel vuln details
Security: CVE-2023-44487
Sponsored by: SkunkWerks, GmbH |
1.1_6 05 Oct 2023 01:00:31 |
Wen Heping (wen) |
security/vuxml: Document Django multiple vulnerabilities |
1.1_6 04 Oct 2023 18:40:54 |
Kurt Jaeger (pi) |
security/vuxml: add entry for recent libspf2 CVE-2023-42118
PR: 274215 |
1.1_6 04 Oct 2023 10:14:53 |
Robert Nagy (rnagy) |
security/vuxml: add www/*chromium < 117.0.5938.149
Obtained
from: https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop.html |
1.1_6 04 Oct 2023 01:16:18 |
Philip Paeps (philip) |
security/vuxml: add FreeBSD SAs released on 2023-10-03
FreeBSD-SA-23:12.msdosfs affects 12.4 and 13.2
FreeBSD-SA-23:13.capsicum affects 13.2
FreeBSD-SA-23:14.smccc affects 13.2 |
1.1_6 04 Oct 2023 01:16:18 |
Philip Paeps (philip) |
security/vuxml: fix validation errors
Fix whitespace errors in vid 6e0ebb4a-5e75-11ee-a365-001b217b3468
introduced by commit 36a838e202256d5a528abfc8ff6a66ca7ce4d148. |
1.1_6 02 Oct 2023 05:10:57 |
Wen Heping (wen) |
security/vuxml: Document mediawiki multiple vulnerabilities |
1.1_6 30 Sep 2023 09:22:47 |
Ronald Klop (ronald) |
security/vuxml: add libvpx to the entry
The libvpx port was already updated.
https://chromium.googlesource.com/webm/libvpx/+log/v1.13.0..v1.13.1
Security: CVE-2023-5217 |
1.1_6 29 Sep 2023 23:27:01 |
Guido Falsi (madpilot) |
security/vuxml: Improve affected version ranges of composer vulnerability entry. |
1.1_6 29 Sep 2023 20:56:19 |
Guido Falsi (madpilot) |
security/vuxml: Add devel/php-composer* vulnerability |
1.1_6 29 Sep 2023 10:20:58 |
Robert Nagy (rnagy) |
security/vuxml: add www/*chromium < 117.0.5938.132
Obtained
from: https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html |
1.1_6 29 Sep 2023 09:32:20 |
Fernando Apesteguía (fernape) |
security/vuxml: fix long description warning
Eliminate an annoying warning from "make validate"
Modify entry 441e1e1a-27a5-11ee-a156-080027f5fec9 description and get rid of
empty lines and some expendable words. vuxml.freebsd.org prints all the lines
joined together. |
1.1_6 29 Sep 2023 08:55:40 |
Hiroki Tagato (tagattie) |
security/vuxml: document electron heap buffer overflow in vp8 encoding
Obtained from: https://github.com/electron/electron/releases/tag/v22.3.25,
https://github.com/electron/electron/releases/tag/v24.8.5,
https://github.com/electron/electron/releases/tag/v25.8.4 |