| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
1.1_4
03 Dec 2019 03:04:35
   |
wen  |
- Document Django multiple vulnerabilities |
1.1_4
28 Nov 2019 15:44:53
|
decke |
Document net-im/py-matrix-synapse vulnerabilities
PR: 241574
Submitted by: Sascha Biberhofer <ports@skyforge.at> |
1.1_4
28 Nov 2019 07:02:12
|
mfechner |
Document gitlab-ce vulnerability. |
1.1_4
27 Nov 2019 19:04:25
|
mfechner |
Document www/gitlab-ce vulnerabilities. |
1.1_4
27 Nov 2019 16:32:49
|
kwm |
Document webkit2-gtk3 vulnabilities |
1.1_4
26 Nov 2019 11:51:30
|
kai |
security/vuxml: Document net/py-urllib3 issues
PR: 229322
Security: CVE-2018-20060
CVE-2019-11236
CVE-2019-11324 |
1.1_4
25 Nov 2019 21:45:06
|
dch |
security/vuxml: add FreeBSD kernel entries for recent Intel CVEs
PR: 241931
Submitted by: Miroslav Lachman <000.fbsd@quip.cz>
Reviewed by: dch
Approved by: joneum (ports-secteam)
Security: CVE-2019-11135
Security: CVE-2019-11139
Security: CVE-2018-12126
Security: CVE-2018-12127
Security: CVE-2018-12130
Security: CVE-2018-11091
Security: CVE-2017-5715
Security: CVE-2018-12207
Sponsored by: SkunkWerks, GmbH |
1.1_4
25 Nov 2019 09:18:43
|
joneum |
Add entry for security/clamav
PR: 242118
Sponsored by: Netzkommune GmbH |
1.1_4
23 Nov 2019 12:50:59
|
joneum |
Add entry for dns/unbound
PR: 242075
Sponsored by: Netzkommune GmbH |
1.1_4
22 Nov 2019 11:15:10
|
kai |
security/vuxml: Document www/gitea issues
PR: 241981
Submitted by: Nils Johannsen <nilsjohannsen@gmx.de> (based on)
Approved by: stb@lassitu.de (maintainer) |
1.1_4
22 Nov 2019 09:03:50
|
madpilot |
Document asterisk vulnerabilities. |
1.1_4
22 Nov 2019 09:01:54
|
madpilot |
Remove extra whitespace. |
1.1_4
20 Nov 2019 10:57:40
|
zeising |
Document intel drm driver vulnerabilities
Document intel drm driver vulnerabilities related to Intel 2019.2 IPU [1].
[1]
https://blogs.intel.com/technology/2019/11/ipas-november-2019-intel-platform-update-ipu |
1.1_4
19 Nov 2019 08:25:04
|
joneum |
Add entry for www/squid
PR: 241976
Sponsored by: Netzkommune GmbH |
1.1_4
18 Nov 2019 18:13:57
|
sunpoet |
Document libidn2 vulnerability |
1.1_4
15 Nov 2019 22:46:16
|
naddy |
Document vulnerabilities in GNU cpio < 2.13. |
1.1_4
13 Nov 2019 23:45:36
|
sunpoet |
Document libmad vulnerability |
1.1_4
12 Nov 2019 21:38:20
|
gjb |
Fix build.
Sponsored by: Rubicon Communications, LLC (netgate.com) |
1.1_4
12 Nov 2019 21:01:03
|
rene |
Document new vulnerability in www/chromium < 78.0.3904.97 |
1.1_4
12 Nov 2019 08:16:35
|
joneum |
fix typo
Sponsored by: Netzkommune GmbH |
1.1_4
12 Nov 2019 07:42:06
|
joneum |
Add entry for wordpress
Sponsored by: Netzkommune GmbH |
1.1_4
07 Nov 2019 12:09:25
|
dmgk |
security/vuxml: Document nexus2-oss vulnerabilities
PR: 241308
Approved by: tz (mentor, implicit) |
1.1_4
07 Nov 2019 11:55:10
|
danfe |
Adjust affected GNU patch package version after r516964. |
1.1_4
06 Nov 2019 21:48:53
|
tz |
security/vuxml: Document PHP RCE issues |
1.1_4
03 Nov 2019 03:11:07
|
wen |
- Document mediawiki's multiple vulnerabilities |
1.1_4
02 Nov 2019 14:33:45
|
brnrd |
security/vuxml: Document MySQL quarterly vulns |
1.1_4
02 Nov 2019 12:26:06
|
rakuco |
Adjust entry 381deebb-f5c9-11e9-9c4f-74d435e60b7c for sysutils/file.
Upstream version 5.37 is vulnerable, but the update to 5.37 in the ports tree
was landed with a fix for the CVE entry.
PR: 241424 |
1.1_4
02 Nov 2019 12:19:34
|
rakuco |
Add entry for heap buffer overflow in sysutils/file.
PR: 241424
Submitted by: Nathan Owens <ndowens04@gmail.com>
Approved by: jharris@widomaker.com (maintainer) |
1.1_4
31 Oct 2019 20:43:57
|
kwm |
Document webkit-gtk3 vulnerabilities. |
1.1_4
31 Oct 2019 12:03:22
|
dmgk |
Document www/gitea information disclosure vulnerability
PR: 241599
Submitted by: stb@lassitu.de (maintainer)
Approved by: tz (mentor, implicit) |
1.1_4
31 Oct 2019 09:14:19
|
gjb |
Fix build.
Sponsored by: Rubicon Communications, LLC (Netgate) |
1.1_4
31 Oct 2019 02:02:21
|
timur |
Add entry about Samba vulnerabilities
o CVE-2019-10218:
Malicious servers can cause Samba client code to return filenames containing
path separators to calling code.
o CVE-2019-14833:
When the password contains multi-byte (non-ASCII) characters, the check
password script does not receive the full password string.
o CVE-2019-14847:
Users with the "get changes" extended access right can crash the AD DC LDAP
server by requesting an attribute using the range= syntax.
Security: CVE-2019-10218
CVE-2019-14833
CVE-2019-14847
Sponsored by: my wife |
1.1_4
30 Oct 2019 18:47:59
|
mfechner |
Document gitlab vulnerabilities. |
1.1_4
24 Oct 2019 17:08:53
|
feld |
Add missing FreeBSD SAs
Security: FreeBSD-SA-19:24.mqueuefs
Security: FreeBSD-SA-19:23.midi
Security: FreeBSD-SA-19:22.mbuf
Security: FreeBSD-SA-19:21.bhyve
Security: FreeBSD-SA-19:20.bsnmp
Security: FreeBSD-SA-19:19.mldv2
Security: FreeBSD-SA-19:18.bzip2 |
1.1_4
24 Oct 2019 16:45:05
|
feld |
Document Varnish VSV00004 Workspace information leak |
1.1_4
24 Oct 2019 10:38:57
|
rodrigo |
Document potential bypass of Runas user restrictions in sudo
PR: 241244
Submitted by: Yasuhiro KIMURA <yasu@utahime.org> |
1.1_4
23 Oct 2019 17:46:36
|
sunpoet |
Document rubygem-loofah vulnerability |
1.1_4
19 Oct 2019 09:52:18
|
wen |
- Document python37 multiple vulnerabilities. |
1.1_4
15 Oct 2019 14:43:02
|
kai |
security/vuxml: Document graphics/py-pillow issue
PR: 241268
Security: CVE-2019-16865 |
1.1_4
11 Oct 2019 17:36:37
|
pi |
security/vuxml: mongodb vulnerabilities
- CVE-2019-2386, CVE-2019-2389, CVE-2019-2390
PR: 239717
Submitted by: Ronald Klop <ronald-lists@klop.ws> |
1.1_4
09 Oct 2019 12:31:58
|
egypcio |
security/vuxml: add CVE-2011-2767 [www/mod_perl2]
https://nvd.nist.gov/vuln/detail/CVE-2011-2767 |
1.1_4
06 Oct 2019 05:52:58
|
cy |
Take PORTEPOCH into account.
PR: 241066
Reported by: tobik |
1.1_4
06 Oct 2019 01:48:50
|
cy |
Document two new Xpdf vulnerabilities: CVE-2019-16927 and CVE-2019-9877.
PR: 241066
Security: https://nvd.nist.gov/vuln/detail/CVE-2019-16927
Security: https://nvd.nist.gov/vuln/detail/CVE-2019-9877
Security: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9877
Security: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16927 |
1.1_4
03 Oct 2019 19:28:42
|
sunpoet |
Document unbound vulnerability |
1.1_4
02 Oct 2019 19:24:50
|
sunpoet |
Document ruby vulnerability |
1.1_4
02 Oct 2019 16:20:16
|
mfechner |
Document gitlab vulnerabilities. |
1.1_4
02 Oct 2019 16:16:25
|
mfechner |
Document gitlab vulnerabilities. |
1.1_4
02 Oct 2019 16:06:43
|
mfechner |
Documented gitlab vulnerabilities. |
1.1_4
02 Oct 2019 09:43:49
|
kai |
security/vuxml: Document net-mgmt/cacti issue
PR: 240999
Reported by: Michael Muenz <m.muenz@gmail.com>
Security: CVE-2019-16723 |
1.1_4
29 Sep 2019 13:09:04
|
vsevolod |
Fix misprint |
1.1_4
29 Sep 2019 08:26:15
|
vsevolod |
Document RCE in Exim: CVE-2019-16928 |
1.1_4
28 Sep 2019 11:51:00
|
dmgk |
security/vuxml: Add entry for lang/go and lang/go-devel CVE-2019-16276
Approved by: araujo (mentor)
Differential Revision: https://reviews.freebsd.org/D21802 |
1.1_4
27 Sep 2019 19:30:18
|
tobik |
Document databases/mantis vulnerabilities |
1.1_4
25 Sep 2019 23:07:20
|
lwhsu |
Document Jenkins Security Advisory 2019-09-25
Sponsored by: The FreeBSD Foundation |
1.1_4
23 Sep 2019 09:01:55
|
tijl |
Add linux-c6-openssl to CVE-2019-1559 entry.
Security: https://access.redhat.com/errata/RHSA-2019:2471 |
1.1_4
20 Sep 2019 15:56:44
|
pi |
security/vuxml: add CVEs for net/kea
PR: 240399
Submitted by: Andrey Pevnev <apevnev@me.com> |
1.1_4
19 Sep 2019 12:43:20
|
pi |
security/vuxml: add entry for CVE-2019-15903 in expat < 2.2.8
PR: 240613
Submitted by: Sergei Vyshenski <svysh.fbsd@gmail.com> (maintainer) |
1.1_4
19 Sep 2019 09:40:37
|
tijl |
Document Mbed TLS side channel attack on deterministic ECDSA.
Security: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-10 |
1.1_4
17 Sep 2019 22:50:11
|
leres |
security/vuxml: Mark bro < 2.6.4 as vulnerable as per:
https://raw.githubusercontent.com/zeek/zeek/3b5a9f88ece1d274edee897837e280ef751bde94/NEWS
The issue is inproper data handling of data that is either either
empty or unterminated, resulting in invalid memory access or heap
buffer over-read.
Approved by: matthew (mentor, implicit) |
1.1_4
16 Sep 2019 11:45:32
|
pi |
security/vuxml: fix vuln.xml entry for expat
PR: 238864
Submitted by: tobik |
1.1_4
16 Sep 2019 11:19:51
|
pi |
security/vuxml: document expat2 pre-2.2.7 vulnerability
PR: 238864
Submitted by: Sergei Vyshenski <svysh.fbsd@gmail.com> |
1.1_4
16 Sep 2019 06:05:59
|
brnrd |
security/vuxml: Fix latest openssl entry
Reported by: tobik |
1.1_4
14 Sep 2019 21:17:26
|
sunpoet |
Document curl vulnerability |
1.1_4
11 Sep 2019 08:30:57
|
brnrd |
security/vuxml: Document OpenSSL vulnerabilities |
1.1_4
11 Sep 2019 00:33:36
|
jkim |
Document the latest Flash Player vulnerabilities.
https://helpx.adobe.com/security/products/flash-player/apsb19-46.html |
1.1_4
07 Sep 2019 21:07:45
|
mandree |
Document devel/oniguruma < 6.9.3 vulnerabilities.
PR: 240368
Reported by: Pascal Christen
Obtained from: MITRE
Security: a8d87c7a-d1b1-11e9-a616-0992a4564e7c
Security: CVE-2019-13224
Security: CVE-2019-13225 |
1.1_4
07 Sep 2019 13:43:29
|
feld |
Document recent xymon-server CVEs |
1.1_4
06 Sep 2019 12:46:11
|
joneum |
Add entry for wordpress
Sponsored by: Netzkommune GmbH |
1.1_4
06 Sep 2019 10:37:07
|
vsevolod |
Document Exim vulnerability |
1.1_4
06 Sep 2019 07:53:14
|
madpilot |
Document asterisk vulnerabilities. |
1.1_4
03 Sep 2019 23:32:13
|
timur |
Add entry about CVE-2019-10197
On a Samba SMB server for all versions of Samba from 4.9.0 clients are
able to escape outside the share root directory if certain
configuration parameters set in the smb.conf file.
Security: CVE-2019-10197 |
1.1_4
03 Sep 2019 21:32:10
|
jbeich |
security/vuxml: mark firefox < 69 as vulnerable |
1.1_4
03 Sep 2019 14:33:03
|
zi |
- Document www/varnish6 vulnerability |
1.1_4
02 Sep 2019 08:13:50
|
cpm |
Document libgcrypt ECDSA side-channel attack vulnerability
Security: CVE-2019-13627 |
1.1_4
31 Aug 2019 09:04:11
|
sunpoet |
Update ruby version
PR: 240227
Reported by: Trond Endrestol <Trond.Endrestol@ximalas.info> |
1.1_4
30 Aug 2019 07:01:44
|
tobik |
Document www/webkit2-gtk3 vulnerabilities
PR: 240196 |
1.1_4
30 Aug 2019 05:45:24
|
mfechner |
Document www/gitlab-ce vulnerabilities. |
1.1_4
30 Aug 2019 00:07:37
|
sunpoet |
Document RDoc vulnerability |
1.1_4
28 Aug 2019 15:58:10
|
ler |
security/vuxml: document dovecot,dovecot-pigeonhole vulns |
1.1_4
28 Aug 2019 15:36:03
|
lwhsu |
Document Jenkins Security Advisory 2019-08-28
Sponsored by: The FreeBSD Foundation |
1.1_4
28 Aug 2019 14:29:40
|
jbeich |
security/vuxml: mark cliqz < 1.28.2 as vulnerable
PR: 239994
Submitted by: Santhosh Raju |
1.1_4
25 Aug 2019 18:34:49
|
dch |
security/vuxml: Document multiple vulnerabilities in www/h2o*
http://blog.kazuhooku.com/2019/08/h2o-version-226-230-beta2-released.html
PR: 239843
Reported by: Kazuho Oku
Approved by: jrm (mentor, implicit)
Security: CVE-2019-9512
Security: CVE-2019-9514
Security: CVE-2019-9515
Sponsored by: SkunkWerks, GmbH |
1.1_4
23 Aug 2019 21:16:53
|
kai |
security/vuxml: Document www/gitea issues
PR: 240046
Submitted by: stb@lassitu.de (maintainer) |
1.1_4
23 Aug 2019 06:33:16
|
pi |
security/vuxml: Document multiple vulnerabilities in ClamAV
PR: 240020
Submitted by: Yasuhiro KIMURA <yasu@utahime.org> (clamav maintainer) |
1.1_4
20 Aug 2019 22:22:08
|
bhughes |
security/vuxml: document recent Node.js vulnerabilities
https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/
Sponsored by: Miles AS |
1.1_4
20 Aug 2019 14:26:34
|
riggs |
Document vlc vulnerabilities prior to release 3.0.8 |
1.1_4
19 Aug 2019 17:08:52
|
joneum |
Add dns/nsd
PR: 239964
Reported by: Jaap Akkerhuis <jaap@NLnetLabs.nl>
Sponsored by: Netzkommune GmbH |
1.1_4
18 Aug 2019 23:24:00
|
olgeni |
security/vuxml: add vuxml entry for webmin and usermin (CVE-2019-15107). |
1.1_4
18 Aug 2019 17:04:34
|
pi |
security/vuxml: add vuxml entry for gitea
PR: 239930
Submitted by: stb@lassitu.de |
1.1_4
18 Aug 2019 15:21:51
|
zeising |
Document x11/xdm vulnerability CVE-2013-2179 |
1.1_4
18 Aug 2019 09:28:33
|
mfechner |
Document libgit2 vulnerabilities. |
1.1_4
17 Aug 2019 11:07:33
|
joneum |
Add www/apache24
Sponsored by: Netzkommune GmbH |
1.1_4
16 Aug 2019 18:11:39
|
sunpoet |
Document nghttp2 vulnerability |
1.1_4
16 Aug 2019 12:09:29
|
tijl |
Document CUPS CVE-2019-8675 and CVE-2019-8696.
Security: https://github.com/apple/cups/releases/tag/v2.2.12 |
1.1_4
15 Aug 2019 21:22:36
|
kai |
security/vuxml: Update entry for security/doas
* Add a reference to OpenBSD's tech mailinglist that explains the issues
with doas(1)'s environmetal security in further detail.
* Clarify the origins of the reporting sources and fix a grammar nit.
PR: 239629
Reported by: Sander Bos |
1.1_4
15 Aug 2019 16:19:36
|
riggs |
Document http/2 denial of service in net/traefik before 1.7.14 |
1.1_4
14 Aug 2019 12:24:45
|
joneum |
Edit entry for www/nginx
Sponsored by: Netzkommune GmbH |
1.1_4
14 Aug 2019 07:22:39
|
joneum |
Add entry for www/nginx and www/nginx-devel
Sponsored by: Netzkommune GmbH |
1.1_4
13 Aug 2019 20:51:40
|
sunpoet |
Document rubygem-nokogiri vulnerability |
1.1_4
13 Aug 2019 05:02:03
|
mfechner |
Document www/gitlab-ce vulnerabilities. |
As an Amazon Associate I earn from qualifying purchases.
