Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
Commit | Credits | Log message |
1.1_3 18 Jan 2017 11:22:48 |
junovitch |
Document mulitiple PowerDNS vulnerabilities
PR: 216135
PR: 216136
Reported by: Dani <i.dani@outlook.com>
Security: CVE-2016-2120
Security: CVE-2016-7068
Security: CVE-2016-7072
Security: CVE-2016-7073
Security: CVE-2016-7074
Security: https://vuxml.FreeBSD.org/freebsd/e3200958-dd6c-11e6-ae1b-002590263bf5.html |
1.1_3 16 Jan 2017 19:09:08 |
thierry |
Adding www/tt-rss to the phpmailer 5.2.22 vulnerability. |
1.1_3 15 Jan 2017 15:08:23 |
junovitch |
Document groovy remote execution of untrusted code/DoS vulnerability
Security: CVE-2016-6814
Security: https://vuxml.FreeBSD.org/freebsd/4af92a40-db33-11e6-ae1b-002590263bf5.html |
1.1_3 15 Jan 2017 03:03:05 |
junovitch |
Document RabbitMQ Authentication vulnerability
PR: 216026
Submitted by: Vladimir Krstulja <vlad-fbsd@acheronmedia.com>
Security: CVE-2016-9877
Security: https://vuxml.FreeBSD.org/freebsd/6aa956fb-d97f-11e6-a071-001e67f15f5a.html |
1.1_3 15 Jan 2017 02:48:37 |
junovitch |
Amend Irssi 0.8.21 entry. Another CVE was assigned.
PR: 216020
Submitted by: Vladimir Krstulja <vlad-fbsd@acheronmedia.com>
Security: CVE-2017-5356
Security:
https://vuxml.FreeBSD.org/freebsd/3d6be69b-d365-11e6-a071-001e67f15f5a.html |
1.1_3 15 Jan 2017 02:39:28 |
junovitch |
Follow up on r431476's MySQL documentation; cite a source |
1.1_3 15 Jan 2017 02:23:44 |
junovitch |
Mention later OpenSSH VuXML entry supercedes the duplicate |
1.1_3 15 Jan 2017 02:16:21 |
junovitch |
Document Wordpress security issues in 4.7.1.
Note per upstream PHPMailer was updated but "No specific issue appears
to affect WordPress or any of the major plugins we investigated". As such
leave the PHPMailer entry as is at this time.
PR: 216059
Reported by: Jochen Neumeister <joneum@bsdproject.de>
Security: CVE-2017-5487
Security: CVE-2017-5488
Security: CVE-2017-5489
Security: CVE-2017-5490
Security: CVE-2017-5491
Security: CVE-2017-5492
Security: CVE-2017-5493
Security: https://vuxml.FreeBSD.org/freebsd/b180d1fb-dac6-11e6-ae1b-002590263bf5.html |
1.1_3 14 Jan 2017 17:10:58 |
brnrd |
security/vuxml: Document multiple MySQL vulnerabilities |
1.1_3 13 Jan 2017 23:47:07 |
bdrewery |
OpenSSH 7.3.p1_4,1 had SCTP on by default by accident. Suggest fixed rev 5. |
1.1_3 13 Jan 2017 23:40:16 |
bdrewery |
Fix OpenSSH entry as a patch was missed. |
1.1_3 13 Jan 2017 23:25:01 |
bdrewery |
OpenSSH 7.3_2 covers CVE-2016-10009 and CVE-2016-10010 |
1.1_3 13 Jan 2017 16:49:59 |
feld |
Consolidate duplicate openssh vuxml entries |
1.1_3 13 Jan 2017 15:02:29 |
lifanov |
replace wildcard in range with a specific version
Reported by: matthew
Reviewed by: matthew
Approved by: matthew (mentor)
Differential Revision: https://reviews.freebsd.org/D9158 |
1.1_3 12 Jan 2017 23:09:56 |
lifanov |
document ansible vulnerabilities
Reviewed by: matthew
Approved by: matthew (mentor)
Security: CVE-2016-9587
Security: https://vuxml.FreeBSD.org/freebsd/a93c3287-d8fd-11e6-be5c-001fbc0f280f.html
Differential Revision: https://reviews.freebsd.org/D9158 |
1.1_3 12 Jan 2017 11:49:44 |
tz |
Document phpmailer vulnerabilities.
Security: CVE-2017-5223
Security:
https://vuxml.FreeBSD.org/freebsd/7ae0be99-d8bb-11e6-9b7f-d43d7e971a1b.html |
1.1_3 12 Jan 2017 08:15:29 |
mat |
Fixup bind9-devel's version for last vuln.
Sponsored by: Absolight |
1.1_3 12 Jan 2017 07:27:14 |
delphij |
Document BIND multiple vulnerabilities. |
1.1_3 11 Jan 2017 17:28:12 |
feld |
Document FreeBSD-SA-17:01.openssh |
1.1_3 11 Jan 2017 11:50:02 |
brnrd |
security/vuxml: Fix version number of libressl-devel |
1.1_3 11 Jan 2017 11:41:08 |
brnrd |
security/vuxml: Document OpenSSL ECDSA P-256 vulnerability
- Affects libressl as well
Security: CVE-2016-7056 |
1.1_3 11 Jan 2017 02:21:58 |
junovitch |
Document Flash vulnerabilities in Adobe Security Bulletin APSB17-02
Security: CVE-2017-2925
Security: CVE-2017-2926
Security: CVE-2017-2927
Security: CVE-2017-2928
Security: CVE-2017-2930
Security: CVE-2017-2931
Security: CVE-2017-2932
Security: CVE-2017-2933
Security: CVE-2017-2934
Security: CVE-2017-2935
Security: CVE-2017-2936
Security: CVE-2017-2937
Security: CVE-2017-2938
Security: https://vuxml.FreeBSD.org/freebsd/2a7bdc56-d7a3-11e6-ae1b-002590263bf5.html |
1.1_3 10 Jan 2017 03:13:53 |
junovitch |
Mention pcsc-lite CVE (it was in next message in cited URL)
While here, fix spacing
PR: 215834 |
1.1_3 09 Jan 2017 18:21:40 |
feld |
Document moinmoin vulnerabilities
PR: 214937
Security: CVE-2016-7146 CVE-2016-7148 CVE-2016-9119 |
1.1_3 09 Jan 2017 18:12:34 |
sunpoet |
Fix openssh-portable version |
1.1_3 09 Jan 2017 17:37:48 |
feld |
Document libvncserver vulnerabilities
PR: 215805
Security: CVE-2016-9941 CVE-2016-9942 |
1.1_3 09 Jan 2017 17:32:04 |
feld |
Document libdwarf vulnerabilities
Security: CVE-2016-5027 CVE-2016-5028 CVE-2016-5029 CVE-2016-5030
Security: CVE-2016-5031 CVE-2016-5032 CVE-2016-5033 CVE-2016-5035
Security: CVE-2016-5037 CVE-2016-5040 CVE-2016-5041 CVE-2016-5043
Security: CVE-2016-5044 CVE-2016-7510 CVE-2016-7511 CVE-2016-8679
Security: CVE-2016-8680 CVE-2016-8681 CVE-2016-9275 CVE-2016-9276
Security: CVE-2016-9480 CVE-2016-9558
PR: 215085 |
1.1_3 09 Jan 2017 17:14:14 |
feld |
Document lynx vulnerabilities
PR: 215464
Security: CVE-2014-3566
Security: CVE-2016-9179 |
1.1_3 09 Jan 2017 16:49:45 |
feld |
Document hdf5 CVEs
PR: 214938
Security: CVE-2016-4330
SecuritY: CVE-2016-4331
Security: CVE-2016-4332
Security: CVE-2016-4333 |
1.1_3 09 Jan 2017 16:25:19 |
feld |
Add additional EoL ports to vuxml
PR: 211975 |
1.1_3 09 Jan 2017 16:07:39 |
feld |
Fix vuxml
CWE cannot be used in <cvename> |
1.1_3 09 Jan 2017 14:24:49 |
lifanov |
security/vuxml: document pcsc-lite vulnerabilities
PR: 215834
Submitted by: Mahdi Mokhtari <mokhi64@gmail.com> (maintainer)
Reviewed by: matthew
Approved by: matthew (mentor)
MFH: 2017Q1 |
1.1_3 09 Jan 2017 13:48:19 |
brnrd |
security/vuxml: Document GnuTLS vulnerabilities |
1.1_3 09 Jan 2017 07:56:16 |
nobutaka |
Modify affected version of w3m entry accordingly since w3m port has been
updated to fixed version.
MFH: 2017Q1 |
1.1_3 07 Jan 2017 23:07:46 |
junovitch |
Tag irssi entry with assigned CVEs, while here wrap at 80 and reference PR
PR: 215800
Security: CVE-2017-5193
Security: CVE-2017-5194
Security: CVE-2017-5195
Security: CVE-2017-5196
Security: https://vuxml.FreeBSD.org/freebsd/3d6be69b-d365-11e6-a071-001e67f15f5a.html |
1.1_3 07 Jan 2017 22:55:03 |
junovitch |
Document last quarter of Tomcat security advisories
Latest advisory is awaiting upstream release
PR: 214599
PR: 215865
Security: CVE-2016-0762
Security: CVE-2016-5018
Security: CVE-2016-6794
Security: CVE-2016-6796
Security: CVE-2016-6797
Security: CVE-2016-6816
Security: CVE-2016-8735
Security: CVE-2016-8745
Security: https://vuxml.FreeBSD.org/freebsd/0b9af110-d529-11e6-ae1b-002590263bf5.html
Security: https://vuxml.FreeBSD.org/freebsd/3ae106e2-d521-11e6-ae1b-002590263bf5.html
Security: https://vuxml.FreeBSD.org/freebsd/e5ec2767-d529-11e6-ae1b-002590263bf5.html |
1.1_3 06 Jan 2017 03:43:55 |
vanilla |
Document irc/irssi.
PR: 215801
Submitted by: Vladimir Krstulja <vlad-fbsd at acheronmedia.com> |
1.1_3 06 Jan 2017 03:18:20 |
junovitch |
Document security issues fixed in CodeIgniter 3.1.0 and 3.1.2
Note the security issue in CodeIgniter 3.1.1 is documented being valid on
PHP 5.3 only.
Security: https://vuxml.FreeBSD.org/freebsd/5e439ee7-d3bd-11e6-ae1b-002590263bf5.html
Security: https://vuxml.FreeBSD.org/freebsd/496160d3-d3be-11e6-ae1b-002590263bf5.html |
1.1_3 04 Jan 2017 10:24:37 |
brnrd |
security/vuxml: Update latest PHP 7 entry
- Vulnerable versions for all the referenced CVEs now known |
1.1_3 02 Jan 2017 17:12:49 |
zi |
- Document multiple vulnerabilities in w3m ports
PR: 215070
Submitted by: kcwu@csie.org
Security: eafa3aec-211b-4dd4-9b8a-a664a3f0917a |
1.1_3 29 Dec 2016 19:29:11 |
brnrd |
security/vuxml: Don't category prefix the <topic> |
1.1_3 29 Dec 2016 19:16:03 |
brnrd |
security/vuxml: Fix entry date on most recent commit |
1.1_3 29 Dec 2016 13:08:32 |
brnrd |
security/vuxml: Document h2o vulnerability
PR: 215587
Submitted by: Dave Cottlehuber <dch@skunkwerks.at> (maintainer) |
1.1_3 29 Dec 2016 11:30:41 |
brnrd |
security/vuxml: Document PHP 0-day vulnerabilities
- Two solved, not referenced in ChangeLog |
1.1_3 29 Dec 2016 11:22:35 |
brnrd |
security/vuxml: Document PHP vulnerabilities
- Vulnerabilities fixed in 7.0.14 |
1.1_3 29 Dec 2016 07:13:00 |
thierry |
Adding tt-rss to the phpmailer's vulnerabilities. |
1.1_3 28 Dec 2016 12:21:28 |
brnrd |
security/vuxml: Document phpmailer vulnerability
- NB: This is not a duplicate
Security: c7656d4c-cb60-11e6-a9a5-b499baebfeaf
Security: CVE-2016-10045 |
1.1_3 27 Dec 2016 20:52:52 |
timur |
Add entry for multiple samba 3.6.* - 4.4.* vulnerabilities.
Security: CVE-2016-2123
CVE-2016-2125
CVE-2016-2126 |
1.1_3 27 Dec 2016 16:07:24 |
pawel |
Document devel/upnp 2 security vulnerabilities:
- unhandled write of files to filesystem via POST by default
- heap buffer overflow in create_url_list function |
1.1_3 27 Dec 2016 10:33:55 |
bapt |
Fix range for exim vulnerability |
1.1_3 26 Dec 2016 11:57:38 |
brnrd |
security/vuxml: Document phpmailer vulnerability |
1.1_3 25 Dec 2016 14:13:29 |
vsevolod |
- Document CVE-2016-9963 for exim |
1.1_3 25 Dec 2016 10:28:52 |
brnrd |
security/vuxml: Document OpenSSH vulnerabilities |
1.1_3 24 Dec 2016 08:56:46 |
sunpoet |
- Fix space/tab: it was not caught by 'make validate' |
1.1_3 24 Dec 2016 08:38:12 |
sunpoet |
- Document cURL vulnerability |
1.1_3 23 Dec 2016 02:52:04 |
junovitch |
Document information disclosure CVEs in SQUID-2016:10 and SQUID-2016:11
PR: 215416
PR: 215418
Security: CVE-2016-10002
Security: CVE-2016-10003
Security: https://vuxml.FreeBSD.org/freebsd/41f8af15-c8b9-11e6-ae1b-002590263bf5.html |
1.1_3 23 Dec 2016 01:29:44 |
junovitch |
Document command execution in vim/neovim via specially crafted files
Reported by: ohaur
Security: CVE-2016-1248
Security: https://vuxml.FreeBSD.org/freebsd/c11629d3-c8ad-11e6-ae1b-002590263bf5.html |
1.1_3 22 Dec 2016 23:39:45 |
bapt |
Add a entry about a XSS concerning www/pligg |
1.1_3 22 Dec 2016 18:47:08 |
brnrd |
security/vuxml: Add severity to recent Apache vulnerabilities |
1.1_3 22 Dec 2016 17:50:21 |
feld |
Document FreeBSD-SA-16:39.ntp |
1.1_3 22 Dec 2016 08:05:36 |
brnrd |
security/vuxml: Document cURL 7.51 vulnerability |
1.1_3 22 Dec 2016 03:21:59 |
junovitch |
Document Joomla! security advisories since 3.4.6 was released.
While here, update entry for 3.4.6 with final advisory information from
JSST page.
A big thanks to Larry Rosenman for reporting the open issues and getting the
port up to date.
PR: 215058
Reported by: Larry Rosenman <ler@lerctr.org>
Security: CVE-2016-8869
Security: CVE-2016-8870
Security: CVE-2016-9081
Security: CVE-2016-9836
Security: CVE-2016-9837
Security: CVE-2016-9838
Security: https://vuxml.FreeBSD.org/freebsd/624b45c0-c7f3-11e6-ae1b-002590263bf5.html
Security: https://vuxml.FreeBSD.org/freebsd/a27d234a-c7f2-11e6-ae1b-002590263bf5.html
Security: https://vuxml.FreeBSD.org/freebsd/c0ef061a-c7f0-11e6-ae1b-002590263bf5.html
Security: https://vuxml.FreeBSD.org/freebsd/f0806cad-c7f1-11e6-ae1b-002590263bf5.html |
1.1_3 22 Dec 2016 02:11:05 |
junovitch |
Document Xen Security Advisory (XSA 202)
Security: CVE-2016-10024
Security: https://vuxml.FreeBSD.org/freebsd/3ae078ca-c7eb-11e6-ae1b-002590263bf5.html |
1.1_3 21 Dec 2016 10:35:21 |
ohauer |
- document Apache httpd-2.4.x defects |
1.1_3 20 Dec 2016 18:07:31 |
brnrd |
security/vuxml: Mark openssl-devel not vulnerable to CVE-2016-2178
PR: 214995
Reported by: Melvyn Sopacua <m.r.sopacua@gmail.com> |
1.1_3 20 Dec 2016 03:13:20 |
junovitch |
Document Xen Security Advisory (XSA 204)
Reported by: royger
Security: CVE-2016-10013
Security: https://vuxml.FreeBSD.org/freebsd/942433db-c661-11e6-ae1b-002590263bf5.html |
1.1_3 16 Dec 2016 08:33:08 |
jbeich |
security/vuxml: oops, seamonkey 2.46 has CVE-2016-9079 fix
https://hg.mozilla.org/releases/mozilla-release/rev/8b8d2820718f |
1.1_3 16 Dec 2016 02:14:29 |
junovitch |
Document two CVEs fixed in Atheme 7.2.7
PR: 209217
Security: CVE-2014-9773
Security: CVE-2016-4478
Security: https://vuxml.FreeBSD.org/freebsd/e47ab5db-c333-11e6-ae1b-002590263bf5.html |
1.1_3 14 Dec 2016 10:19:07 |
jbeich |
security/vuxml: mark www/firefox < 50.1_1,1 as vulnerable |
1.1_3 14 Dec 2016 03:12:28 |
junovitch |
Update Roundcube entry with CVE and Bugtraq ID and switch to more detailed
Mitre verbiage.
PR: 214925
Security: CVE-2016-9920
Security: https://vuxml.FreeBSD.org/freebsd/125f5958-b611-11e6-a9a5-b499baebfeaf.html |
1.1_3 14 Dec 2016 02:58:05 |
junovitch |
Document Wordpress security issues in 4.6.1.
I didn't see any security updates in the 4.7 blog entry but we missed
capturing these fixes from 4.6.1 earlier.
Security: https://vuxml.FreeBSD.org/freebsd/54e50cd9-c1a8-11e6-ae1b-002590263bf5.html |
1.1_3 14 Dec 2016 02:45:54 |
junovitch |
Document Xen Security Advisory (XSA 200)
Reported by: royger
Security: CVE-2016-9932
Security: https://vuxml.FreeBSD.org/freebsd/80a897a2-c1a6-11e6-ae1b-002590263bf5.html |
1.1_3 12 Dec 2016 20:23:58 |
brnrd |
security/vuxml: Document PHP 7.0.13 & 5.6.29 vulnerabilities
- No further detail provided by the PHP project |
1.1_3 09 Dec 2016 19:44:12 |
madpilot |
Document vulnerabilities in net/asterisk11 and net/asterisk13. |
1.1_3 08 Dec 2016 14:15:52 |
feld |
Revise FreeBSD-SA-16:37.libc entry |
1.1_3 07 Dec 2016 00:30:49 |
jhale |
Document vulnerabilities in security/cryptopp
Security: CVE-2015-2141
Security: CVE-2016-3995
Security: CVE-2016-7420 |
1.1_3 06 Dec 2016 20:05:33 |
feld |
Fix a couple <freebsdsa> that were meant to be <freebsdpr> |
1.1_3 06 Dec 2016 20:03:52 |
feld |
Document FreeBSD-SA-16:38.bhyve
Security: CVE-2016-1889 |
1.1_3 06 Dec 2016 19:56:37 |
feld |
Document FreeBSD-SA-16:37.libc
Security: CVE-2016-6559 |
1.1_3 06 Dec 2016 19:55:52 |
feld |
Document FreeBSD-SA-16:36.telnetd
Security: CVE-2016-1888 |
1.1_3 06 Dec 2016 10:04:09 |
brnrd |
security/vuxml: Document Apache HTTP/2 vulnerability
Security: CVE-2016-8740 |
1.1_3 05 Dec 2016 20:21:12 |
rene |
Document new vulnerabilities in www/chromium < 55.0.2883.75
Obtained
from: https://googlechromereleases.blogspot.nl/2016/12/stable-channel-update-for-desktop.html |
1.1_3 04 Dec 2016 23:55:55 |
feld |
Document ImageMagick7 vulnerabilities
PR: 214514
Security: CVE-2016-9298
Security: CVE-2016-8866
Security: CVE-2016-8862 |
1.1_3 04 Dec 2016 23:03:28 |
feld |
Document py-pillow vulnerabilities
PR: 214410
Security: CVE-2016-9189
Security: CVE-2016-9190 |
1.1_3 04 Dec 2016 22:52:26 |
feld |
Document ImageMagick vulnerability
PR: 214520
Security: CVE-2016-9298 |
1.1_3 04 Dec 2016 22:29:11 |
feld |
Document py-cryptography vulnerability
PR: 214915
Security: CVE-2016-9243 |
1.1_3 04 Dec 2016 21:20:25 |
feld |
Document qemu vulnerability
PR: 206725
Security: CVE-2015-1779 |
1.1_3 04 Dec 2016 19:35:14 |
junovitch |
Document Xen Security Advisories (XSAs 185-188, 190-195, 197-198)
PR: 214936
Security: CVE-2016-7092
Security: CVE-2016-7093
Security: CVE-2016-7094
Security: CVE-2016-7154
Security: CVE-2016-7777
Security: CVE-2016-9379
Security: CVE-2016-9380
Security: CVE-2016-9381
Security: CVE-2016-9382
Security: CVE-2016-9383
Security: CVE-2016-9384
Security: CVE-2016-9385 (Only the first 15 lines of the commit message are shown above ) |
1.1_3 01 Dec 2016 16:46:44 |
marcus |
Add an entry for wireshark < 2.2.2
PR: 214753
Submitted by: Piotr Kubaj <pkubaj@anongoth.pl> |
1.1_3 01 Dec 2016 13:40:50 |
cmt |
document mozilla vulnerabilities CVE-2016-9079
PR: 214978
Approved by: jbeich, rene (mentor, implicit) |
1.1_3 30 Nov 2016 17:18:26 |
tijl |
linux-c7-libgcrypt 1.5.3_1 fixes CVE-2016-6313. |
1.1_3 30 Nov 2016 16:56:37 |
tijl |
Fix a package name. |
1.1_3 30 Nov 2016 16:51:18 |
tijl |
Add linux-*-expat to CVE-2016-0718 entry.
PR: 214951
Security: https://rhn.redhat.com/errata/RHSA-2016-2824.html |
1.1_3 30 Nov 2016 12:07:30 |
vd |
Document ftp/wget's Access List Bypass / Race Condition vulnerability
PR: 214941
Submitted by: Sevan Janiyan <venture37@geeklan.co.uk>
Security: CVE-2016-7098 |
1.1_3 30 Nov 2016 10:48:56 |
rakuco |
Add entry for CVE-2016-9296 in archivers/p7zip. |
1.1_3 30 Nov 2016 03:33:45 |
cy |
Document Apache Subverision vulnerability CVE-2016-8734:
Unrestricted XML entity expansion in mod_dontdothat and Subversion
clients using http(s)://
Reported by: Evgeny Kotkov <kotkov@apache.org>
Security: CVE-2016-8734 |
1.1_3 29 Nov 2016 22:58:53 |
junovitch |
Document libwww vulnerabilities
PR: 214532
Submitted by: Danilo G. Baio <dbaio@bsd.com.br>
Security: CVE-2009-3720
Security: CVE-2009-3560
Security: CVE-2005-3183
Security: https://vuxml.FreeBSD.org/freebsd/18449f92-ab39-11e6-8011-005056925db4.html |
1.1_3 29 Nov 2016 12:50:22 |
jbeich |
security/vuxml: mark www/firefox < 50.0.1,1 as vulnerable |
1.1_3 29 Nov 2016 08:55:55 |
brnrd |
security/vuxml: Document Roundcube vulnerability |
1.1_3 27 Nov 2016 03:25:52 |
junovitch |
Remove trailing period in version and re-wrap Drupal entry at <=80 lines
PR: 214813 |