| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
1.1_3
07 Oct 2017 00:07:13
   |
swills  |
update versions for tomcat issue |
1.1_3
07 Oct 2017 00:06:11
|
swills |
Document tomcat issue |
1.1_3
04 Oct 2017 07:56:03
|
brnrd |
security/vuxml: Document latest cURL vulnerability |
1.1_3
03 Oct 2017 15:47:26
|
zi |
- Re-add 6887828f-0229-11e0-b84d-00262d5ed8ee as cancelled, instead of purging
it
Submitted by: Mathieu Arnold <mat@FreeBSD.org> |
1.1_3
03 Oct 2017 13:41:15
|
feld |
Document FreeBSD-SA-17:06.openssh |
1.1_3
03 Oct 2017 13:40:26
|
feld |
Document FreeBSD-SA-17:05.heimdal |
1.1_3
03 Oct 2017 05:54:04
|
jbeich |
security/vuxml: seamonkey 2.49.1 build2 uses gecko from firefox 52.4 |
1.1_3
02 Oct 2017 19:19:10
|
mandree |
fix typo in dnsmasq < 2.78 entries
Security: b77b5646-a778-11e7-ac58-b499baebfeaf |
1.1_3
02 Oct 2017 15:15:13
|
brnrd |
security/vuxml: Fix title on latest entry |
1.1_3
02 Oct 2017 14:06:27
|
brnrd |
security/vuxml: Document dnsmasq vulnerabilities |
1.1_3
29 Sep 2017 16:37:20
|
zi |
- Add a warning if the description section seems unnecessarily large
Submitted by: Vladimir Krstulja
Approved by: ports-secteam (with hat) |
1.1_3
29 Sep 2017 16:28:22
|
zi |
- Condense additional entries where description >4500 characters
Approved by: ports-secteam (with hat) |
1.1_3
29 Sep 2017 15:51:08
|
zi |
- Condense entries whose description is >5000 characters
Approved by: ports-secteam (with hat) |
1.1_3
29 Sep 2017 15:31:32
|
zi |
- Add date format validation
Submitted by: Vladimir Krstulja (via IRC) |
1.1_3
29 Sep 2017 15:28:54
|
zi |
- Purge another batch of superceded www/chromium entries to give us additional
headroom under the 5M vuln.xml file size limit
Approved by: ports-secteam (with hat) |
1.1_3
29 Sep 2017 15:23:57
|
swills |
Document phpmyfaq issues |
1.1_3
29 Sep 2017 15:17:49
|
swills |
Document wordpress issues |
1.1_3
29 Sep 2017 15:17:04
|
zi |
- Fix invalid date entries
- Purge 6887828f-0229-11e0-b84d-00262d5ed8ee as it has been superceded by other
entries and it is massive. (We have hit 5M on vuln.xml) |
1.1_3
29 Sep 2017 13:20:16
|
swills |
Fix date format
While here, correct some grammar
PR: 222683
Submitted by: Vladimir Krstulja <vlad-fbsd@acheronmedia.com> |
1.1_3
28 Sep 2017 22:47:58
|
jbeich |
security/vuxml: mark firefox < 56 as vulnerable |
1.1_3
28 Sep 2017 20:53:46
|
swills |
Document sam2p issue |
1.1_3
28 Sep 2017 14:53:43
|
swills |
docuent libraw issue |
1.1_3
27 Sep 2017 21:16:36
|
mandree |
Extend OpenVPN security issue to slave ports.
Security: CVE-2017-12166
Security: 3dd6ccf4-a3c6-11e7-a52e-0800279f2ff8 |
1.1_3
27 Sep 2017 21:13:24
|
mandree |
Document OpenVPN <2.4.4 CVE-2017-12166 legacy vuln.
Security: CVE-2017-12166
Security: 3dd6ccf4-a3c6-11e7-a52e-0800279f2ff8 |
1.1_3
27 Sep 2017 16:50:21
|
rakuco |
Fix version range for libzip's CVE-2017-14107 (r450692).
I am going to land a fix for libzip 1.1.3 (the version currently in the ports
tree) instead of updating the port to 1.3.0. 1.3.0 has a different SOVERSION
number, which also requires updating dependent ports and makes MFH'ing the fix
more difficult.
PR: 222638 |
1.1_3
27 Sep 2017 15:38:47
|
swills |
Document ImageMagick issue |
1.1_3
27 Sep 2017 15:33:46
|
sunpoet |
Update rubygem-geminabox vulnerability |
1.1_3
27 Sep 2017 15:20:31
|
swills |
Document libofx issue |
1.1_3
27 Sep 2017 14:36:02
|
swills |
Correct version of libbson issue |
1.1_3
26 Sep 2017 21:32:56
|
swills |
Document sugarcrm issue |
1.1_3
26 Sep 2017 18:31:50
|
swills |
Document libzip issue |
1.1_3
26 Sep 2017 18:14:30
|
swills |
Document libbson issue |
1.1_3
26 Sep 2017 17:44:24
|
swills |
Document multiple vulnerabilities in tcpdump |
1.1_3
26 Sep 2017 14:48:25
|
swills |
Document libraw issue |
1.1_3
26 Sep 2017 14:46:57
|
swills |
Document libraw issue |
1.1_3
26 Sep 2017 14:39:02
|
swills |
Document issue in gd |
1.1_3
26 Sep 2017 14:37:01
|
swills |
Document issue in php and gd |
1.1_3
26 Sep 2017 13:20:00
|
swills |
Document ledger vulnerabilities |
1.1_3
26 Sep 2017 12:19:09
|
swills |
Document aacplusenc issue |
1.1_3
26 Sep 2017 12:12:25
|
swills |
Document ansible issue |
1.1_3
25 Sep 2017 14:48:13
|
swills |
Add second CVE To geminabox entry, update versions affected |
1.1_3
25 Sep 2017 11:05:15
|
brnrd |
security/vuxml: Document WeeChat 1.9 vulnerability |
1.1_3
24 Sep 2017 19:08:19
|
sunpoet |
Document Perl vulnerability |
1.1_3
22 Sep 2017 21:45:56
|
cpm |
Document new vulnerabilities in www/chromium < 61.0.3163.100
Obtained
from: https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop_21.html |
1.1_3
19 Sep 2017 20:12:53
|
madpilot |
Add new asterisk ports vulnerability. |
1.1_3
19 Sep 2017 18:17:33
|
jbeich |
security/vuxml: adjust for seamonkey 2.49.1 |
1.1_3
19 Sep 2017 16:59:15
|
sunpoet |
Document Ruby vulnerability |
1.1_3
19 Sep 2017 15:49:00
|
sunpoet |
Document rubygem-geminabox vulnerability |
1.1_3
19 Sep 2017 12:23:01
|
brd |
Add new entry for Apache "OptionsBleed"
Reviewed by: zi |
1.1_3
14 Sep 2017 10:12:21
|
tz |
Document GitLab vulnerabilities
Security: CVE-2017-5029
Security: CVE-2016-4738
Security:
https://vuxml.FreeBSD.org/freebsd/6a177c87-9933-11e7-93f7-d43d7e971a1b.html |
1.1_3
13 Sep 2017 13:22:14
|
ashish |
- Add emacs-devel to the list of affected packages by emacs vulnerability
- Move it to the top, didn't realize this before. Sorry |
1.1_3
12 Sep 2017 19:48:41
|
jkim |
Document latest Flash Player vulnerabilities.
https://helpx.adobe.com/security/products/flash-player/apsb17-28.html |
1.1_3
12 Sep 2017 14:53:35
|
ashish |
- Correct package name in Emacs vulnerability
- Also add emacs-nox11 to the list |
1.1_3
12 Sep 2017 13:25:17
|
ashish |
- Document emacs vulnerability |
1.1_3
10 Sep 2017 16:54:03
|
ume |
Document cyrus-imapd vulnerability
Security: CVE-2017-14230 |
1.1_3
07 Sep 2017 20:13:17
|
sunpoet |
Fix indent |
1.1_3
06 Sep 2017 20:08:12
|
sunpoet |
Document Django vulnerability |
1.1_3
06 Sep 2017 18:25:04
|
truckman |
Correct vulnerability range for atril and atril-lite.
PR: 221867
Submitted by: rkoberman@gmail.com
Security: CVE-2017-1000083 |
1.1_3
06 Sep 2017 12:01:30
|
cpm |
Document new vulnerabilities in www/chromium < 61.0.3163.79
Obtained
from: https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop.html |
1.1_3
02 Sep 2017 16:52:00
|
feld |
Cancel CVE-2017-6419 for security/clamav
This only affected clamav-devel / the unreleased code for 0.99.3. |
1.1_3
02 Sep 2017 16:43:49
|
feld |
Document clamav vulnerability
PR: 221608
Security: CVE-2017-6419 |
1.1_3
01 Sep 2017 19:36:50
|
feld |
Document gdk-pixbuf2 vulnerabilities
Security: CVE-2017-2862 CVE-2017-2870 |
1.1_3
01 Sep 2017 07:32:36
|
madpilot |
Document vulnerabilities in asterisk ports. |
1.1_3
30 Aug 2017 15:46:55
|
cpm |
Document libgcrypt side-channel attack vulnerability
Security: CVE-2017-0379 |
1.1_3
30 Aug 2017 15:08:52
|
cpm |
Update pspp version range to 1.0.1 |
1.1_3
29 Aug 2017 18:19:34
|
jrm |
security/vuxml: Add entry for multiple rubygems vulnerabilities reported
2017-08-29 at
https://www.ruby-lang.org/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/
Approved by: swills |
1.1_3
26 Aug 2017 12:59:27
|
tobik |
Document vulnerabilities of www/kanboard
PR: 221826 |
1.1_3
24 Aug 2017 01:01:44
|
swills |
Document issues in poppler
PR: 220608 |
1.1_3
23 Aug 2017 12:54:48
|
tz |
Document vulnerabilities of mail/phpmailer |
1.1_3
22 Aug 2017 22:55:31
|
woodsb02 |
Document salt security vulnerability
Obtained
from: https://docs.saltstack.com/en/latest/topics/releases/2017.7.1.html |
1.1_3
22 Aug 2017 20:31:49
|
cpm |
Document dnsdist vulnerabilities
Obtained from: https://dnsdist.org/security-advisories/index.html |
1.1_3
22 Aug 2017 18:22:06
|
swills |
Document security vulnerability in evince and atril
PR: 220713
Submitted by: Vladimir Krstulja <vlad-fbsd@acheronmedia.com> |
1.1_3
22 Aug 2017 17:22:33
|
swills |
Document SquirrelMail vulnerability |
1.1_3
22 Aug 2017 07:40:00
|
cpm |
Document vulnerabilities in math/pspp < 1.0.0
Obtained
from: https://www.cvedetails.com/vulnerability-list/vendor_id-72/product_id-38732/year-2017/GNU-Pspp.html |
1.1_3
20 Aug 2017 07:54:09
|
kwm |
Update the latest libsoup entry with the fixed version. |
1.1_3
19 Aug 2017 04:13:45
|
acm |
- Add entry about drupal8 vulnerabilities |
1.1_3
17 Aug 2017 10:45:47
|
brnrd |
security/vuxml: Document devel/libsoup vulnerability |
1.1_3
16 Aug 2017 15:15:34
|
dbaio |
security/vuxml: Document Zabbix vulnerability
Security: CVE-2017-2824 |
1.1_3
15 Aug 2017 19:18:16
|
dbaio |
security/vuxml: Document vulnerability in sysutils/py-supervisor
PR: 221539
Submitted by: Franz Glasner <f.glasner@feldmann-mg.com>
Security: CVE-2017-11610 |
1.1_3
15 Aug 2017 09:01:20
|
tz |
Fix typo in affected versions of GitLab vulnerabilities |
1.1_3
14 Aug 2017 22:42:53
|
feld |
Document freeradius vulnerabilities |
1.1_3
12 Aug 2017 18:58:32
|
sunpoet |
Document Mercurial vulnerability |
1.1_3
11 Aug 2017 22:05:23
|
brnrd |
security/vuxml: Update recent MySQL entry
- Changelog reveals MariaDB 10.0.31 and 10.1.25 vulnerable |
1.1_3
11 Aug 2017 16:34:39
|
adamw |
Match both dovecot and dovecot2.
Submitted by: mat |
1.1_3
11 Aug 2017 16:09:26
|
adamw |
Chase dovecot2's rename to dovecot.
Reported by: remko |
1.1_3
11 Aug 2017 13:59:57
|
lev |
Add CVE-2017-9800 for subversion ports.
Security: http://subversion.apache.org/security/CVE-2017-9800-advisory.txt |
1.1_3
11 Aug 2017 08:05:10
|
tz |
Document GitLab vulnerabilities
Security: CVE-2017-12426
Security:
https://vuxml.FreeBSD.org/freebsd/abcc5ad3-7e6a-11e7-93f7-d43d7e971a1b.html |
1.1_3
11 Aug 2017 00:03:39
|
dbaio |
security/vuxml: Consolidate duplicate Apache Commons FileUpload entries
This also remove a wrong entry that marks tomcat 6 as vulnerable
Approved by: ports-secteam (zi)
Differential Revision: https://reviews.freebsd.org/D11941 |
1.1_3
10 Aug 2017 14:11:07
|
girgen |
Add CVE:s fixed in latest PostgreSQL release |
1.1_3
10 Aug 2017 05:54:24
|
jkim |
Document latest Flash Player vulnerabilities.
https://helpx.adobe.com/security/products/flash-player/apsb17-23.html |
1.1_3
09 Aug 2017 07:18:42
|
brnrd |
security/vuxml: Document today's cURL vulnerabilities |
1.1_3
09 Aug 2017 00:27:45
|
dbaio |
security/vuxml: Document axis2 vulnerability
Security: CVE-2016-1000031 |
1.1_3
08 Aug 2017 17:25:43
|
jbeich |
security/vuxml: mark firefox < 55 as vulnerable |
1.1_3
08 Aug 2017 16:48:21
|
feld |
Update sqlite3 vuxml entry
The lower bound was incorrect. It has existed much longer than 3.17.0. |
1.1_3
08 Aug 2017 13:29:43
|
feld |
Document sqlite3 vulnerability
Security: CVE-2017-10989 |
1.1_3
05 Aug 2017 03:37:00
|
feld |
Fix Strongswan entries
PR: 220874 |
1.1_3
02 Aug 2017 18:43:23
|
feld |
Document varnish vulnerability
Security: https://varnish-cache.org/security/VSV00001.html |
1.1_3
02 Aug 2017 00:28:29
|
cpm |
Document new vulnerabilities in www/chromium < 60.0.3112.78
Obtained
from: https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html |
1.1_3
29 Jul 2017 14:45:29
|
dbaio |
security/vuxml: Document vulnerability in cacti v1.1.13
Security: CVE-2017-11691 |
1.1_3
27 Jul 2017 09:55:29
|
mm |
security/vuxml: fix indent in last entry |
As an Amazon Associate I earn from qualifying purchases.
