Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
Commit | Credits | Log message |
1.1_3 23 Nov 2016 11:05:05 |
tijl |
Fix linux-*-nss range for CVE-2016-2834.
PR: 214755
Security: https://access.redhat.com/errata/RHSA-2016:2779 |
1.1_3 22 Nov 2016 08:19:25 |
delphij |
Document multiple ntp vulnerabilities. |
1.1_3 21 Nov 2016 16:04:32 |
amdmi3 |
- Document Teeworlds remote code execution |
1.1_3 16 Nov 2016 18:26:03 |
swills |
Document Jenkins Security Advisory 2016-11-16 |
1.1_3 16 Nov 2016 01:58:36 |
junovitch |
Document Moodle security advisories from September (MSA-16-0022) and
November releases.
Security: CVE-2016-7038 |
1.1_3 15 Nov 2016 22:02:54 |
jbeich |
security/vuxml: add entry for r425098, r425099, r425470 |
1.1_3 13 Nov 2016 11:11:02 |
tijl |
Add linux-c6-libgcrypt to CVE-2016-6313 entry.
PR: 214460
Security: https://rhn.redhat.com/errata/RHSA-2016-2674.html |
1.1_3 12 Nov 2016 20:51:11 |
pawel |
Document multimedia/lives security issues |
1.1_3 11 Nov 2016 23:49:29 |
brnrd |
security/vuxml: Fix version number for OpenSSL 1.1.0c
Reported by: matthew |
1.1_3 11 Nov 2016 10:22:36 |
cpm |
- Fix affected chromium version.
Approved by: rene |
1.1_3 10 Nov 2016 19:23:53 |
brnrd |
security/vuxml: Document new OpenSSL 1.1.0 vulnerabilities |
1.1_3 10 Nov 2016 11:55:24 |
cpm |
Document new vulnerabilities in www/chromium < 54.0.2840.98
Approved by: rene
Obtained
from: https://googlechromereleases.blogspot.nl/2016/11/stable-channel-update-for-desktop_9.html |
1.1_3 10 Nov 2016 10:48:57 |
tijl |
Document latest flash plugin vulnerabilities.
Security: https://helpx.adobe.com/security/products/flash-player/apsb16-37.html |
1.1_3 09 Nov 2016 16:24:22 |
feld |
Document gitlab vulnerability
PR: 214360
Security: CVE-2016-9086 |
1.1_3 06 Nov 2016 13:34:17 |
tijl |
Undocument linux-*-expat vulnerabilities.
linux-*-expat is only used by linux-*-fontconfig to read configuration
files written in XML and by dbus-binding-tool(1) from linux-*-dbus-glib, a
development tool that generates C code from an Introspection XML file to
expose a GObject via D-Bus.
These vulnerabilities are therefore not believed to be exploitable on
FreeBSD and only cause annoying warnings and prevent installation of
linux-*-expat. It also does not look like Red Hat will provide fixes for
these any time soon.
PR: 210155 |
1.1_3 03 Nov 2016 20:34:34 |
rene |
Fix version number in last entry |
1.1_3 03 Nov 2016 20:33:43 |
rene |
Document new vulnerability in www/chromium < 54.0.2840.90
Obtained
from: https://googlechromereleases.blogspot.nl/2016/11/stable-channel-update-for-desktop.html |
1.1_3 02 Nov 2016 17:28:34 |
brnrd |
security/vuxml: Mark correct OpenSSL 1.0.2 and 1.1.0 versions
- "BTW, the issue has been fixed in the official release on September 22nd." |
1.1_3 02 Nov 2016 16:33:01 |
lwhsu |
Fix affected ports versions |
1.1_3 02 Nov 2016 13:26:34 |
feld |
Update openssh vuxml entry to add FreeBSD SA information
Security: CVE-2016-8858
Security: SA-16:33.openssh |
1.1_3 02 Nov 2016 13:19:28 |
feld |
Document openssl vulnerability
Security: CVE-2016-8610 |
1.1_3 02 Nov 2016 12:53:29 |
lwhsu |
Spelling fix |
1.1_3 02 Nov 2016 12:49:18 |
lwhsu |
Document Django vulnerabilities CVE-2016-9013, CVE-2016-9014 |
1.1_3 02 Nov 2016 10:49:45 |
mat |
Fix up bind9-devel's range for CVE-2016-8864.
Sponsored by: Absolight |
1.1_3 02 Nov 2016 08:11:16 |
brnrd |
security/vuxml: Document 2016-11-02 cURL vulnerabilities |
1.1_3 02 Nov 2016 08:01:42 |
delphij |
Document BIND remote DoS vulnerability. |
1.1_3 02 Nov 2016 05:26:39 |
swills |
Document memcached vulnerabilities |
1.1_3 01 Nov 2016 20:35:01 |
brnrd |
security/vuxml: Fix version numbers for MySQL |
1.1_3 01 Nov 2016 20:31:33 |
brnrd |
security/vuxml: Document MySQL/MariaDB vulnerabilities
- New entries added to "Oracle Critical Patch Update Advisory - October 2016"? |
1.1_3 31 Oct 2016 20:36:50 |
rene |
Document new vulnerabilities in www/chromium < 54.0.2840.59
Obtained
from: https://googlechromereleases.blogspot.nl/2016/10/stable-channel-update-for-desktop.html |
1.1_3 29 Oct 2016 18:16:45 |
peter |
Attempt to fix vuxml build after r424916 |
1.1_3 29 Oct 2016 15:19:27 |
feld |
Document openssh DoS
PR: 213640
Security: CVE-2016-8858 |
1.1_3 28 Oct 2016 15:34:17 |
feld |
Document sudo vulnerability |
1.1_3 28 Oct 2016 14:01:00 |
feld |
Document axis2 vulnerabilities
PR: 213791
Security: CVE-2012-6153
Security: CVE-2014-3577 |
1.1_3 28 Oct 2016 13:33:41 |
feld |
Document node vulnerabilities
PR: 213800
Security: CVE-2016-5172 |
1.1_3 28 Oct 2016 04:47:28 |
olivierd |
Document vulnerability in net/py-urllib3 |
1.1_3 27 Oct 2016 13:14:18 |
tijl |
Document latest flash plugin vulnerability.
PR: 213831 |
1.1_3 25 Oct 2016 17:57:29 |
feld |
Fix FreeBSD-SA-16:32.bhyve to correctly document this affects FreeBSD-kernel |
1.1_3 25 Oct 2016 17:56:10 |
feld |
Document revised FreeBSD-SA-16:15.sysarch |
1.1_3 25 Oct 2016 17:51:50 |
feld |
Document FreeBSD-SA-16:32.bhyve |
1.1_3 24 Oct 2016 15:32:21 |
feld |
Document flash vulnerabilities
Differential Revision: https://reviews.freebsd.org/D8266 |
1.1_3 21 Oct 2016 12:51:41 |
mat |
${RM} already has -f.
PR: 213570
Submitted by: mat
Exp-run by: antoine
Sponsored by: Absolight |
1.1_3 21 Oct 2016 11:40:34 |
jbeich |
Reference MFSA for Thunderbird fixed by r423073 |
1.1_3 21 Oct 2016 11:32:25 |
jbeich |
Document recent Firefox vulnerabilities |
1.1_3 18 Oct 2016 18:01:39 |
feld |
Fix some malformed <freebsdpr> entries in vuxml |
1.1_3 18 Oct 2016 17:57:17 |
feld |
Document vulnerability in Apache Axis2
PR: 213546
Security: CVE-2010-3981 |
1.1_3 18 Oct 2016 17:26:07 |
rene |
Document remote denial of service vulnerability in security/tor*
PR: 212952
Submitted by: Neel Chauhan <neel@neelc.org>
Obtained
from: https://blog.torproject.org/blog/tor-0289-released-important-fixes |
1.1_3 18 Oct 2016 14:46:11 |
tz |
Fix wrong range of vulnerable Rails 4 versions
Approved by: pi (mentor) |
1.1_3 14 Oct 2016 12:03:47 |
tz |
Rails 4: Document XSS Vulnerability in Action View and
Unsafe Query Generation Risk in Active Record
Security: CVE-2016-6316
Security:
https://vuxml.freebsd.org/freebsd/43f1c867-654a-11e6-8286-00248c0c745d.html
Security: CVE-2016-6317
Security:
https://vuxml.freebsd.org/freebsd/7e61cf44-6549-11e6-8286-00248c0c745d.html
Approved by: pi(mentor) |
1.1_3 14 Oct 2016 12:01:47 |
tz |
Document multiple security issues of PHP 7.0
Security: CVE-2016-7416
Security: CVE-2016-7412
Security: CVE-2016-7414
Security: CVE-2016-7417
Security: CVE-2016-7413
Security: CVE-2016-7418
Security:
https://vuxml.freebsd.org/freebsd/f471032a-8700-11e6-8d93-00248c0c745d.html
Approved by: pi (mentor) |
1.1_3 14 Oct 2016 11:59:35 |
tz |
Document multiple security issues of PHP 5.6
Security: CVE-2016-7416
Security: CVE-2016-7412
Security: CVE-2016-7414
Security: CVE-2016-7417
Security: CVE-2016-7411
Security: CVE-2016-7413
Security: CVE-2016-7418
Security:
https://vuxml.freebsd.org/freebsd/8d5180a6-86fe-11e6-8d93-00248c0c745d.html
Approved by: pi (mentor) |
1.1_3 12 Oct 2016 04:47:33 |
feld |
Document file-roller vulnerability
PR: 213199
Security: CVE-2016-7162 |
1.1_3 12 Oct 2016 02:01:12 |
feld |
Document Virtualbox vulnerabilities
PR: 204406
Security: CVE-2015-4813
Security: CVE-2015-4896 |
1.1_3 12 Oct 2016 01:37:49 |
feld |
Document ImageMagick vulnerabilities
PR: 213032 |
1.1_3 12 Oct 2016 01:28:23 |
feld |
Document libgd vulnerabilities
PR: 213023 |
1.1_3 12 Oct 2016 01:22:04 |
feld |
Document libvncserver vulnerabilities
PR: 212380
Security: CVE-2014-6051
Security: CVE-2014-6052
Security: CVE-2014-6053
Security: CVE-2014-6054
Security: CVE-2014-6055 |
1.1_3 12 Oct 2016 01:17:13 |
feld |
Document OpenOffice vulnerability
PR: 212379
Security: CVE-2014-3575 |
1.1_3 12 Oct 2016 00:49:00 |
feld |
Document mupdf vulnerabilites
PR: 212207
Security: CVE-2016-6525
Security: CVE-2016-6265 |
1.1_3 11 Oct 2016 19:59:56 |
feld |
Fix OpenSSL vuln version range
Reported by: mat |
1.1_3 11 Oct 2016 15:07:54 |
feld |
Document openjpeg vulnerability
PR: 212672
Security: CVE-2016-5157
Security: CVE-2016-7163 |
1.1_3 11 Oct 2016 15:02:52 |
feld |
Document redis vulnerability
PR: 211709
Security: CVE-2013-7458 |
1.1_3 10 Oct 2016 16:20:06 |
feld |
Fix typo in vuxml topic |
1.1_3 10 Oct 2016 12:43:45 |
feld |
Document FreeBSD-SA-16:31.libarchive |
1.1_3 10 Oct 2016 12:42:13 |
feld |
Document FreeBSD-SA-16:30.portsnap |
1.1_3 10 Oct 2016 12:41:35 |
feld |
Document FreeBSD SA-16:29.bspatch |
1.1_3 10 Oct 2016 12:40:50 |
feld |
Add FreeBSD SA info to recent BIND vulnerability |
1.1_3 10 Oct 2016 12:39:09 |
feld |
Add FreeBSD SA info to recent OpenSSL vulnerability |
1.1_3 09 Oct 2016 07:49:26 |
riggs |
Document code execution vulnerability in mkvtoolnix < 9.4.1 |
1.1_3 08 Oct 2016 13:43:13 |
kwm |
Update the libXfixes version. The old version was still affected by the
vulnabilities. |
1.1_3 07 Oct 2016 18:00:32 |
kwm |
Document X.org client libraries insufficient validation of data from
the X server vulnabilities.
Security: CVE-2016-5407 |
1.1_3 30 Sep 2016 09:40:28 |
tijl |
Add linux-c6-openssl to recent OpenSSL vulnerabilities.
PR: 213082
Security: https://rhn.redhat.com/errata/RHSA-2016-1940.html |
1.1_3 28 Sep 2016 12:55:20 |
mat |
Add bind9-devel to the latest BIND9 vuln.
Sponsored by: Absolight |
1.1_3 28 Sep 2016 08:00:08 |
delphij |
Document BIND remote DoS vulnerability. |
1.1_3 28 Sep 2016 02:20:17 |
wen |
- Document the security vulnerability in py-django, py-django18 and py-django19.
PR: 213033
Submitted by: vlad-fbsd@acheronmedia.com
Security: CVE-2016-7401 |
1.1_3 27 Sep 2016 21:00:06 |
brnrd |
security/vuxml: Update recent OpenSSL vuln (add LibreSSL)
- Add libressl and libressl-devel |
1.1_3 26 Sep 2016 13:45:12 |
brnrd |
security/vuxml: Add 2016-09-26 OpenSSL entries |
1.1_3 23 Sep 2016 13:37:02 |
feld |
Document affected FreeBSD versions for recent OpenSSL vulnerabilities |
1.1_3 22 Sep 2016 14:31:34 |
feld |
Remove extra / invalid CVE entry for OpenSSL |
1.1_3 22 Sep 2016 12:51:09 |
feld |
Update range of vulnerable irssi versions |
1.1_3 22 Sep 2016 12:17:04 |
brnrd |
security/vuxml: Add new OpenSSL 1.0.2 and 1.1.0 vulnerabilities
- 2016-09-22 security advisory |
1.1_3 21 Sep 2016 21:03:46 |
feld |
Document that chinese/irssi is vulnerable as well |
1.1_3 21 Sep 2016 20:59:52 |
feld |
Document irssi vulnerabilities
PR: 212888
Security: CVE-2016-7044
Security: CVE-2016-7045 |
1.1_3 20 Sep 2016 17:01:30 |
jbeich |
Document recent Firefox vulnerabilities |
1.1_3 18 Sep 2016 14:17:58 |
brnrd |
security/vuxml: Fix curl version ranges |
1.1_3 16 Sep 2016 20:16:04 |
rene |
Document new vulnerabilities in www/chromium < 53.0.2785.113
Obtained
from: https://googlechromereleases.blogspot.nl/2016/09/stable-channel-update-for-desktop_13.html |
1.1_3 16 Sep 2016 16:17:48 |
riggs |
Document CVE 2016-6662: zero-day remote vulnerability in mysql ports
PR: 212612
Submitted by: mokhi64@gmail.com (mysql57-* maintainer)
Reported by: rootservice@gmail.com
Security: CVE 2016-6662 |
1.1_3 15 Sep 2016 07:46:55 |
matthew |
Document security problems in dropbear
PR: 212699
Submitted by: pkubaj@anongoth.pl |
1.1_3 14 Sep 2016 09:31:35 |
brnrd |
security/vuxml: Document www/h2o vulnerability
PR: 211892
Submitted by: Dave Cottlehuber <dch@skunkwerks.at> (maintainer)
Reviewed by: brnrd
MFH: 2016Q3
Security: 08664d42-7989-11e6-b7a8-74d02b9a84d5 |
1.1_3 14 Sep 2016 07:28:07 |
brnrd |
ftp/curl: Document integer overflow vuln |
1.1_3 13 Sep 2016 19:10:33 |
rene |
Add vulnerabilities for www/chromium < 53.0.2785.92
Obtained
from: https://googlechromereleases.blogspot.nl/2016/08/stable-channel-update-for-desktop_31.html |
1.1_3 13 Sep 2016 17:59:22 |
rene |
Belatedly add vulnerabilities for www/chromium < 52.0.2743.116
Obtained
from: https://googlechromereleases.blogspot.nl/2016/08/stable-channel-update-for-desktop.html |
1.1_3 13 Sep 2016 08:05:42 |
delphij |
Document MySQL root code execution vulnerability. |
1.1_3 12 Sep 2016 20:22:00 |
gjb |
Fix build.
Sponsored by: The FreeBSD Foundation |
1.1_3 12 Sep 2016 20:05:47 |
johans |
Document WolfSSL vulnerabilities (< 3.6.8)
PR: 205936
Submitted by: Christoph Moench-Tegeder |
1.1_3 09 Sep 2016 13:31:30 |
tijl |
Add entry for GNUTLS-SA-2016-3. |
1.1_3 09 Sep 2016 11:02:05 |
cmt |
document mozilla vulnerabilities (<48, <45.3esr)
PR: 212463
Approved by: jbeich (maintainer), rene (mentor) |
1.1_3 08 Sep 2016 20:52:39 |
madpilot |
Document asterisk vulnerabilities. |
1.1_3 06 Sep 2016 17:08:31 |
tijl |
- Add linux-*-tiff information to existing tiff vulnerabilities.
- Like r419692, cancel a gif2tiff vulnerability that upstream marked
WONTFIX: http://bugzilla.maptools.org/show_bug.cgi?id=2536
PR: 211552 |
1.1_3 06 Sep 2016 14:22:55 |
feld |
Document vulnerability in irc/inspircd
No CVEs have been assigned at this time. |
1.1_3 06 Sep 2016 08:37:04 |
mandree |
Add CVE-2016-7123 for resolved mailman CSRF.
PR: 212378
Reported by: Sevan Janiyan
Security: CVE-2016-7123
Security: 9e50dcc3-740b-11e6-94a2-080027ef73ec |