notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)

/commits.php is going away

I'm proposing to take /commits.php away - it mainly duplicates the home page. Details in this GitHub issue.
Port details
vuxml Vulnerability and eXposure Markup Language DTD
1.1_5 security on this many watch lists=30 search for ports that depend on this port Find issues related to this port Report an issue related to this port View this port on Repology. pkg-fallout 1.1_5Version of this port present on the latest quarterly branch.
Maintainer: ports-secteam@FreeBSD.org search for ports maintained by this maintainer
Port Added: 2004-02-12 14:24:23
Last Update: 2021-10-14 18:31:11
Commit Hash: 5cc1cb5
People watching this port, also watch:: gnupg, libxml2, curl, nmap, zip
Also Listed In: textproc
License: BSD2CLAUSE
Description:
SVNWeb : git
pkg-plist: as obtained via: make generate-plist
Expand this list (13 items)
Collapse this list.
  1. /usr/local/share/licenses/vuxml-1.1_5/catalog.mk
  2. /usr/local/share/licenses/vuxml-1.1_5/LICENSE
  3. /usr/local/share/licenses/vuxml-1.1_5/BSD2CLAUSE
  4. @xmlcatmgr share/xml/dtd/vuxml/catalog
  5. @xmlcatmgr share/xml/dtd/vuxml/catalog.xml
  6. share/xml/dtd/vuxml/vuxml-10.dtd
  7. share/xml/dtd/vuxml/vuxml-11.dtd
  8. share/xml/dtd/vuxml/vuxml-model-10.mod
  9. share/xml/dtd/vuxml/vuxml-model-11.mod
  10. share/xml/dtd/vuxml/xml1.dcl
  11. @owner
  12. @group
  13. @mode
Collapse this list.
Dependency lines:
  • vuxml>0:security/vuxml
To install the port: cd /usr/ports/security/vuxml/ && make install clean
To add the package, run one of these commands:
  • pkg install security/vuxml
  • pkg install vuxml
PKGNAME: vuxml
Flavors: there is no flavor information for this port.
distinfo:
Packages (timestamps in pop-ups are UTC):
vuxml
ABIlatestquarterly
FreeBSD:11:aarch641.1_31.1_4
FreeBSD:11:amd641.1_51.1_5
FreeBSD:11:armv61.1_21.1_4
FreeBSD:11:i3861.1_51.1_5
FreeBSD:11:mips--
FreeBSD:11:mips641.1_31.1_4
FreeBSD:12:aarch641.1_31.1_5
FreeBSD:12:amd641.1_51.1_5
FreeBSD:12:armv61.1_31.1_4
FreeBSD:12:armv71.1_31.1_4
FreeBSD:12:i3861.1_51.1_5
FreeBSD:12:mips--
FreeBSD:12:mips641.1_31.1_4
FreeBSD:12:powerpc64-1.1_5
FreeBSD:13:aarch641.1_51.1_5
FreeBSD:13:amd641.1_51.1_5
FreeBSD:13:armv61.1_51.1_5
FreeBSD:13:armv71.1_51.1_5
FreeBSD:13:i3861.1_51.1_5
FreeBSD:13:mips--
FreeBSD:13:mips64--
FreeBSD:13:powerpc641.1_51.1_5
FreeBSD:14:aarch641.1_5-
FreeBSD:14:amd641.1_5-
FreeBSD:14:armv61.1_5-
FreeBSD:14:armv71.1_5-
FreeBSD:14:i3861.1_5-
FreeBSD:14:mips--
FreeBSD:14:mips64--
FreeBSD:14:powerpc641.1_5-
 

Dependencies
NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
Runtime dependencies:
  1. xmlcatmgr : textproc/xmlcatmgr
  2. xsltproc : textproc/libxslt
  3. VERSION : textproc/xhtml-modularization
  4. xhtml-basic10.dtd : textproc/xhtml-basic
  5. python3.8 : lang/python38
There are no ports dependent upon this port

Configuration Options:
Options name:

USES:

FreshPorts was unable to extract/find any pkg message
Master Sites:
Expand this list (1 items)
Collapse this list.
  1. http://www.vuxml.org/dtd/vuxml-1/
Collapse this list.

Number of commits found: 6447 (showing only 100 on this page)

[First Page]  «  1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11  »  [Last Page]

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
17 Apr 2021 16:31:10
 files touched by this commit commit hash:7031bbf81b99685426aae961c474a4e85bdef13c  1.1_5
brd search for other commits by this committer
Document sysutils/consul vulnerabilities
15 Apr 2021 22:55:36
 files touched by this commit commit hash:d227a2fea96ed1c7d39c6088164ea8d5357b4e97  1.1_5
0mp search for other commits by this committer
Document accountsservice vulnerability
15 Apr 2021 14:46:59
 files touched by this commit commit hash:bc32e1b3c9bb4cd5a415e6ed3924835ecaefc197  1.1_5
0mp search for other commits by this committer
Document textproc/mdbook vulnerability
15 Apr 2021 14:32:58
 files touched by this commit commit hash:d6ac57abb92763eb47a1d65ae42406568ed3df96  1.1_5
mfechner search for other commits by this committer
Document gitlab vulnerabilities.
15 Apr 2021 13:51:53
 files touched by this commit commit hash:4ec0339f7320234aa2a0739ddb7b6b04598b9226  1.1_5
rene search for other commits by this committer
Document new vulnerabilities in www/chromium < 90.0.4430.72
14 Apr 2021 17:47:31
 files touched by this commit commit hash:34921a9d57dfccc296c4ac2aff7d3ed4d11e1923  1.1_5
rene search for other commits by this committer
Document new vulnerabilities in www/chromium < 89.0.4389.128

Obtained
from:	https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop.html
13 Apr 2021 15:50:29
 files touched by this commit commit hash:f7859bc7347197ffe57ef514a1b9774704b1f93e  1.1_5
manu search for other commits by this committer
security/vuxml: Document xorg-server vuln
12 Apr 2021 18:29:50
 files touched by this commit commit hash:8497a2d690681142cd0ed97c01a9f1940d4cf277  1.1_5
adamw search for other commits by this committer
security/vuxml: Add entry for gitea < 1.14.0

PR:		254976
Submitted by:	Stefan Bethke
12 Apr 2021 02:04:57
 files touched by this commit commit hash:6715140e8ba4290273585001a21a49bd5d0a793b  1.1_5
swills search for other commits by this committer
security/vuxml: Document syncthing issue
10 Apr 2021 07:13:03
 files touched by this commit commit hash:1d4cfc12c8fa8c58010c2468a2181bcc96302e36  1.1_5
riggs search for other commits by this committer
security/vuxml: Document information disclosure vulnerability in python.
PR:		254780
Reported by:	yasu@utahime.org
Security:	CVE-2021-3426
10 Apr 2021 06:31:41
 files touched by this commit commit hash:1e8993822a938afd8bd61f5914150ed173a394bb  1.1_5
riggs search for other commits by this committer
security/vuxml: Document 2 vulnerabilities in ftp/curl
Security:	CVE-2021-22876
		CVE-2021-22890

PR:		254772
Reported by:	yasu@utahime.org
09 Apr 2021 22:08:57
 files touched by this commit commit hash:b3cd19559e13396d1f4da829fb2f2f6a8cd043eb  1.1_5
adamw search for other commits by this committer
security/vuxml: Add entry for gitea < 1.13.7

PR:	254930
Submitted by:	Stefan Bethke
08 Apr 2021 04:36:09
 files touched by this commit commit hash:48c9ebfaf8c1f2f890a9eefa06a0862d3767bc91  1.1_5
nc search for other commits by this committer
Document multiple vulnerabilities in security/clamav

PR:		254861
Submitted by:	Yasuhiro Kimura <yasu AT utahime DOT org>
08 Apr 2021 00:43:00
 files touched by this commit commit hash:80690bd29e8384316ecda1808f8965269e051c29  1.1_5
lwhsu search for other commits by this committer
Document Jenkins Security Advisory 2021-04-07

Sponsored by:	The FreeBSD Foundation
07 Apr 2021 18:58:57
 files touched by this commit commit hash:9d9b2b96740807ae005915f3a3d212557b52f1ed  1.1_5
bhughes search for other commits by this committer
security/vuxml: document Node.js April 2021 Security Releases

https://nodejs.org/en/blog/vulnerability/april-2021-security-releases/
07 Apr 2021 16:10:15
 files touched by this commit commit hash:01b07b7e020b9a5809980a3c85fd5ef73c9a354e  1.1_5
lcook search for other commits by this committer
security/vuxml: Document upnp stack overflow vulnerability

Approved by:		fernape (mentor)
Differential Revision:	https://reviews.freebsd.org/D29618
07 Apr 2021 11:24:15
 files touched by this commit commit hash:86fc557be0a913534306ca1451e9862b65a3f7dc  1.1_5
philip search for other commits by this committer
security/vuxml: add FreeBSD SA-21:10.jail_mount
07 Apr 2021 11:24:14
 files touched by this commit commit hash:ea0a0473cb840eba059195fb2b36d912f60ec060  1.1_5
philip search for other commits by this committer
security/vuxml: add FreeBSD SA-21:09.accept_filter
07 Apr 2021 11:24:14
 files touched by this commit commit hash:f5644310b27dc209f0c508945c2630a8cdf3b6ec  1.1_5
philip search for other commits by this committer
security/vuxml: add FreeBSD SA-21:08.vm
07 Apr 2021 11:24:14
 files touched by this commit commit hash:5fc1c8e1322f9a3fddf86ad129697cfb01c864ba  1.1_5
philip search for other commits by this committer
security/vuxml: add FreeBSD SA to CVE-2021-3449/50

Note that FreeBSD 12.2 prior to FreeBSD 12.2-RELEASE-p5 was vulnerable
to CVE-2021-3449 and CVE-2021-3450.  Reference FreeBSD-SA-21:07.openssl.
06 Apr 2021 14:31:13
 files touched by this commit commit hash:135fdeebb99c3569e42d8162b265e15d29bd937d  1.1_5
mat search for other commits by this committer
all: Remove all other $FreeBSD keywords.
06 Apr 2021 14:31:07
 files touched by this commit commit hash:305f148f482daf30dcf728039d03d019f88344eb  1.1_5
mat search for other commits by this committer
Remove # $FreeBSD$ from Makefiles.
06 Apr 2021 13:53:57
 files touched by this commit commit hash:cbbdab46f9b73b3593fb453c4a2523936d569e15  1.1_5
meta search for other commits by this committer
security/vuxml: Document XML round-trip vulnerability of REXML in Ruby

Document XML round-trip vulnerability of REXML in Ruby.

PR:		254793
Reported by:	Yasuhiro Kimura <yasu@utahime.org>
Security:	CVE-2021-28965
06 Apr 2021 08:49:52
 files touched by this commit commit hash:5952f85233d1ae2e1f530a18780e86d8ba31a34d  1.1_5
rene search for other commits by this committer
Add vuln-flat.xml to the ignore list and remove the one committed by accident
06 Apr 2021 08:46:51
 files touched by this commit commit hash:a8416100c4e9b0dd5090c78d09ef6a94293b3c02  1.1_5
rene search for other commits by this committer
Document new vulnerabilities in www/chromium < 89.0.4389.114

Obtained from: 
https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_30.html
06 Apr 2021 08:01:53
 files touched by this commit commit hash:b1a2d52166abffd763c903ff7a5bf5dfb84c13a2  1.1_5
mfechner search for other commits by this committer
Document gitlab-ce vulnerabilities.
28 Mar 2021 21:37:55
Original commit files touched by this commit Revision:569416  1.1_5
mandree search for other commits by this committer
security/linux-c7-nettle: mark vulnerable, too

See https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=254355#c14

PR:		254355
Reported by:	Graham Perrin <grahamperrin@gmail.com>
28 Mar 2021 03:20:57
Original commit files touched by this commit Revision:569371  1.1_5
timur search for other commits by this committer
Add entry about recent Samba4* vulnerabilities:

CVE-2020-27840: An anonymous attacker can crash the Samba AD DC LDAP server by
sending easily crafted DNs as part of a bind request. More serious heap
corruption is likely also possible.
CVE-2021-20277: User-controlled LDAP filter strings against the AD DC LDAP
server may crash the LDAP server.

Security:	CVE-2020-27840
		CVE-2021-20277
27 Mar 2021 11:12:22
Original commit files touched by this commit Revision:569321  1.1_5
mandree search for other commits by this committer
vuln.xml: mention nettle < 3.7.2 ECDSA verify bugs

Security:	80f9dbd3-8eec-11eb-b9e8-3525f51429a0
26 Mar 2021 08:09:29
Original commit files touched by this commit Revision:569246  1.1_5
brnrd search for other commits by this committer
security/vuxml: Document High OpenSSL vulnerabilities

 * While here, fix incorrect year in ec04f3d0-8cd9-11eb-bb9f-206a8a720317
24 Mar 2021 20:02:59
Original commit files touched by this commit Revision:569157  1.1_5
cy search for other commits by this committer
security/vuxml: Document spamassassin CVE-2020-1946

PR:		254526
Security:	https://s.apache.org/ng9u9
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-1946
24 Mar 2021 03:15:10
Original commit files touched by this commit Revision:569083  1.1_5
adamw search for other commits by this committer
security/vuxml: Add entry for gitea < 1.13.6

PR:		254515
Submitted by:	maintainer
21 Mar 2021 18:30:58
Original commit files touched by this commit Revision:568929  1.1_5
adamw search for other commits by this committer
security/vuxml: Add entry for gitea < 1.13.5

PR:		254468
Submitted by:	maintainer
18 Mar 2021 20:52:08
Original commit files touched by this commit Revision:568762  1.1_5
bdrewery search for other commits by this committer
OpenSSH CVE-2021-28041 fixed in 8.4.p1_4,1.

Also add flavored package names.
18 Mar 2021 19:30:13
Original commit files touched by this commit Revision:568757  1.1_5
bdrewery search for other commits by this committer
Document OpenSSH CVE-2021-28041

PR:	254258
Submitted by:	Yasuhiro Kimura
18 Mar 2021 14:05:02
Original commit files touched by this commit Revision:568741  1.1_5
mfechner search for other commits by this committer
Document gitlab vulnerability.
18 Mar 2021 00:27:13
Original commit files touched by this commit Revision:568705  1.1_5
mandree search for other commits by this committer
fixup PORTEPOCH for dnsmasq-devel

which used to be at 3 already earlier. Adjust vuxml entry accordingly.

Security:	CVE-2021-3448
Security:	5b72b1ff-877c-11eb-bd4f-2f1d57dafe46
18 Mar 2021 00:23:04
Original commit files touched by this commit Revision:568704  1.1_5
mandree search for other commits by this committer
fixup version range for dnsmasq[-devel] to 2.85.r1,1 not 2.85r1,1

Security:	5b72b1ff-877c-11eb-bd4f-2f1d57dafe46
Security:	CVE-2021-3448
18 Mar 2021 00:09:51
Original commit files touched by this commit Revision:568701  1.1_5
mandree search for other commits by this committer
vuxml: Add dnsmasq < 2.85 cache poisoning vulnerability.

This affects only certain dnsmasq configurations,
and use of dnsmasq with NetworkManager.

Security:	CVE-2021-3448
17 Mar 2021 13:04:11
Original commit files touched by this commit Revision:568653  1.1_5
swills search for other commits by this committer
Document minio issue
16 Mar 2021 15:42:01
Original commit files touched by this commit Revision:568571  1.1_5
brnrd search for other commits by this committer
security/vuxml: Document LibreSSL potential use-after-free
16 Mar 2021 08:50:09
Original commit files touched by this commit Revision:568546  1.1_5
rene search for other commits by this committer
Document new vulnerabilities in www/chromium < 89.0.4389.90

Obtained
from:	https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_12.html
15 Mar 2021 20:16:33
Original commit files touched by this commit Revision:568503  1.1_5
crees search for other commits by this committer
Document CVE-2015-4645 in sysutils/squashfs-tools

Security:	CVE-2015-4645
11 Mar 2021 14:01:40
Original commit files touched by this commit Revision:568095  1.1_5
fernape search for other commits by this committer
security/vuxml: Fix www/gitea entry.

s/1.13.24/1.13.4

PR:	254130
Reported by:	clubok@gmx.net
10 Mar 2021 23:37:43
Original commit files touched by this commit Revision:568051  1.1_5
dmgk search for other commits by this committer
security/vuxml: Document lang/go vulnerabilities
10 Mar 2021 18:45:25
Original commit files touched by this commit Revision:568030  1.1_5
nc search for other commits by this committer
Document vulnerabilities in www/gitea < 1.13.4

PR:		254130
Submitted by:	stb AT lassitu DOT de (maintainer)
10 Mar 2021 14:03:45
Original commit files touched by this commit Revision:568002  1.1_5
lwhsu search for other commits by this committer
Document vulnerabilities in databases/mantis <2.24.4

PR:		252612
Submitted by:	Zoltan ALEXANDERSON BESSE <zab@zltech.eu>
09 Mar 2021 06:26:48
Original commit files touched by this commit Revision:567892  1.1_5
bhughes search for other commits by this committer
security/vuxml: document Node.js February 2021 Security Releases

https://nodejs.org/en/blog/vulnerability/february-2021-security-releases/

Sponsored by:	Miles AS
05 Mar 2021 21:18:20
Original commit files touched by this commit Revision:567419  1.1_5
mfechner search for other commits by this committer
Document gitlab vulnerabilities.
04 Mar 2021 19:48:40
Original commit files touched by this commit Revision:567337  1.1_5
madpilot search for other commits by this committer
Report new asterisk vulnerability.
04 Mar 2021 09:51:55
Original commit files touched by this commit Revision:567296  1.1_5
rene search for other commits by this committer
Document new vulnerabilities in www/chromium < 89.0.4389.72

Obtained
from:	https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop.html
03 Mar 2021 18:18:08
Original commit files touched by this commit Revision:567244  1.1_5
sunpoet search for other commits by this committer
Document jasper vulnerability
03 Mar 2021 06:41:42
Original commit files touched by this commit Revision:567027  1.1_5
ohauer search for other commits by this committer
- add CVE entries for saltstack
02 Mar 2021 15:17:24
Original commit files touched by this commit Revision:566966  1.1_5
osa search for other commits by this committer
Fix the redis5 affected versions.
27 Feb 2021 01:49:47
Original commit files touched by this commit Revision:566651  1.1_5
swills search for other commits by this committer
Document vault issue
25 Feb 2021 02:33:13
Original commit files touched by this commit Revision:566520  1.1_5
philip search for other commits by this committer
security/vuxml: add FreeBSD SA-21:04.jail_remove
25 Feb 2021 02:33:10
Original commit files touched by this commit Revision:566519  1.1_5
philip search for other commits by this committer
security/vuxml: add FreeBSD SA-21:06.xen
25 Feb 2021 02:33:06
Original commit files touched by this commit Revision:566518  1.1_5
philip search for other commits by this committer
security/vuxml: add FreeBSD SA-21:05.jail_chdir
25 Feb 2021 02:33:03
Original commit files touched by this commit Revision:566517  1.1_5
philip search for other commits by this committer
security/vuxml: add FreeBSD SA-21:03.pam_login_access
23 Feb 2021 13:57:29
Original commit files touched by this commit Revision:566398  1.1_5
osa search for other commits by this committer
Document integer overflow on 32-bit systems (CVE-2021-21309):
o) databases/redis5
o) databases/redis
o) databases/redis-devel
23 Feb 2021 01:04:03
Original commit files touched by this commit Revision:566361  1.1_5
leres search for other commits by this committer
security/vuxml: Mark zeek < 3.0.13 as vulnerable as per:

    https://github.com/zeek/zeek/releases/tag/v3.0.13

Fix ASCII Input reader's treatment of input files containing
null-bytes. An input file containing null-bytes could lead to a
buffer-over-read, crash Zeek, and be exploited to cause Denial of
Service.
20 Feb 2021 16:38:05
Original commit files touched by this commit Revision:566165  1.1_5
adridg search for other commits by this committer
Add vuxml entry for textproc/raptor2 CVE

PR:		251102
20 Feb 2021 02:36:44
Original commit files touched by this commit Revision:566136  1.1_5
lwhsu search for other commits by this committer
Connect vuln-2020.xml (2/2)
20 Feb 2021 02:36:27
Original commit files touched by this commit Revision:566135  1.1_5
lwhsu search for other commits by this committer
Connect vuln-2020.xml (1/2)
20 Feb 2021 02:35:06
Original commit files touched by this commit Revision:566133  1.1_5
lwhsu search for other commits by this committer
Split out vuln-2020.xml
20 Feb 2021 02:20:27
Original commit files touched by this commit Revision:566132  1.1_5
lwhsu search for other commits by this committer
Document  Jenkins Security Advisory 2021-02-19

Sponsored by:	The FreeBSD Foundation
18 Feb 2021 20:41:01
Original commit files touched by this commit Revision:565978  1.1_5
madpilot search for other commits by this committer
Report new asterisk vulnerabilities.
18 Feb 2021 18:18:01
Original commit files touched by this commit Revision:565962  1.1_5
brnrd search for other commits by this committer
security/openssl-devel: Mark vulnerable CVE-2021-23841

MFH:		2021Q1
Security:	96a21236-707b-11eb-96d8-d4c9ef517024
17 Feb 2021 18:30:12
Original commit files touched by this commit Revision:565782  1.1_5
sunpoet search for other commits by this committer
Document rails vulnerability
17 Feb 2021 12:47:30
Original commit files touched by this commit Revision:565499  1.1_5
rene search for other commits by this committer
Document new vulnerabilities in www/chromium < 88.0.4324.182

Obtained
from:	https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_16.html
16 Feb 2021 17:35:59
Original commit files touched by this commit Revision:565421  1.1_5
brnrd search for other commits by this committer
security/vuxml: Document OpenSSL 1.1.1i vulnerabilities
12 Feb 2021 20:44:33
Original commit files touched by this commit Revision:565063  1.1_5
mandree search for other commits by this committer
openexr/ilmbase < v2.5.5 security vulnerabilities

https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v2.5.5

Security:	98044aba-6d72-11eb-aed7-1b1b8a70cc8b
12 Feb 2021 13:28:01
Original commit files touched by this commit Revision:565016  1.1_5
mfechner search for other commits by this committer
Document gitlab vulnerabilities.
12 Feb 2021 04:47:11
Original commit files touched by this commit Revision:564994  1.1_5
nc search for other commits by this committer
Add security/vuxml entry for CVE-2021-21291 affecting www/oauth2-proxy < 7.0.0.

While I'm here, fix formatting for mod_dav_svn CVE-2020-17525 vuxml entry,

MFH:		2021Q1
10 Feb 2021 17:45:04
Original commit files touched by this commit Revision:564888  1.1_5
gjb search for other commits by this committer
Fix build.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
10 Feb 2021 17:09:37
Original commit files touched by this commit Revision:564881  1.1_5
lev search for other commits by this committer
 Document https://subversion.apache.org/security/CVE-2020-17525-advisory.txt.
07 Feb 2021 02:54:24
Original commit files touched by this commit Revision:564589  1.1_5
adamw search for other commits by this committer
security/vuxml: Add entry for gitea < 1.13.2

PR:		253295
Submitted by:	maintainer
06 Feb 2021 00:05:23
Original commit files touched by this commit Revision:564167  1.1_5
rene search for other commits by this committer
Document new vulnerability in www/chromium < 88.0.4324.150

Obtained
from:	https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_4.html
03 Feb 2021 20:06:09
Original commit files touched by this commit Revision:563959  1.1_5
rene search for other commits by this committer
Document new vulnerabilities in www/chromium < 88.0.4324.146

Obtained
from:	https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop.html
02 Feb 2021 07:50:22
Original commit files touched by this commit Revision:563788  1.1_5
mfechner search for other commits by this committer
Document gitlab-ce vulnerabilities.
31 Jan 2021 21:55:28
Original commit files touched by this commit Revision:563534  1.1_5
swills search for other commits by this committer
Document minio issue
29 Jan 2021 06:47:50
Original commit files touched by this commit Revision:563173  1.1_5
philip search for other commits by this committer
security/vuxml: add FreeBSD SA-21:02.xenoom
29 Jan 2021 06:47:47
Original commit files touched by this commit Revision:563172  1.1_5
philip search for other commits by this committer
security/vuxml: add FreeBSD SA-21:01.fsdisclosure
28 Jan 2021 12:51:17
Original commit files touched by this commit Revision:563133  1.1_5
lcook search for other commits by this committer
security/vuxml: Document graphics/pngcheck vulnerability

PR:			253019
Approved by:		fernape (mentor)
Differential Revision:	https://reviews.freebsd.org/D28308
26 Jan 2021 20:28:56
Original commit files touched by this commit Revision:562998  1.1_5
cy search for other commits by this committer
Document sudo CVE-2021-3156.

 * When invoked as sudoedit, the same set of command line options
   are now accepted as for "sudo -e".  The -H and -P options are
   now rejected for sudoedit and "sudo -e" which matches the sudo
   1.7 behavior.  This is part of the fix for CVE-2021-3156.

 * Fixed a potential buffer overflow when unescaping backslashes
   in the command's arguments.  Normally, sudo escapes special
   characters when running a command via a shell (sudo -s or sudo
   -i).  However, it was also possible to run sudoedit with the -s
   or -i flags in which case no escaping had actually been done,
   making a buffer overflow possible.  This fixes CVE-2021-3156.

PR:		253034
Reported by:	"Todd C. Miller" <Todd.Miller@sudo.ws> via mailing list
		emaste
Obtained from:	sudo
26 Jan 2021 17:56:21
Original commit files touched by this commit Revision:562967  1.1_5
sunpoet search for other commits by this committer
Document py-pysaml2 vulnerability
26 Jan 2021 13:21:47
Original commit files touched by this commit Revision:562658  1.1_5
lwhsu search for other commits by this committer
Document Jenkins Security Advisory 2021-01-26

Sponsored by:	The FreeBSD Foundation
25 Jan 2021 17:16:21
Original commit files touched by this commit Revision:562587  1.1_5
bapt search for other commits by this committer
Rework vuxml a bit to make them validable again

modify tidy.xsl to make it generates manually the xml declaration
xsl is not able to generate a list of entity otherwise.

Remove copyright form included files, they are redudundant anyway and
in the end only the vuln.xml file is distribued with entities expanded

Rework a bit the entity declaration in order for the document to look
great after expansion (as it did before we introduced the expansion
mechanism)

All validation are now processed direcly on the flattened file.

This is based on a patch from mfechner here

Submitted by:		mfechner
Differential Revision:	https://reviews.freebsd.org/D28299
25 Jan 2021 17:16:14
Original commit files touched by this commit Revision:562586  1.1_5
bapt search for other commits by this committer
Rework the entity declaration

when expanded they will look better (as when the file was not split)

While here cleanup some indentation
25 Jan 2021 15:50:43
Original commit files touched by this commit Revision:562571  1.1_5
bapt search for other commits by this committer
Fix indentation
23 Jan 2021 18:19:40
Original commit files touched by this commit Revision:562408  1.1_5
otis search for other commits by this committer
security/vuxml: Document mail/mutt vulnerability

Document mail/mutt vulnerability CVE-2021-3181

PR:		252931
Submitted by:	Derek Schrock <dereks@lifeofadishwasher.com>
Reported by:	Derek Schrock <dereks@lifeofadishwasher.com>
Reviewed by:	osa (mentor)
Approved by:	osa (mentor)
Differential Revision:	https://reviews.freebsd.org/D28308
23 Jan 2021 17:46:01
Original commit files touched by this commit Revision:562406  1.1_5
gjb search for other commits by this committer
Fix build.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
23 Jan 2021 14:46:24
Original commit files touched by this commit Revision:562396  1.1_5
brnrd search for other commits by this committer
security/vuxml: Add new MySQL vulnerabilities
22 Jan 2021 20:37:53
Original commit files touched by this commit Revision:562336  1.1_5
rene search for other commits by this committer
Document new vulnerabilities in www/chromium < 88.0.4324.96

Obtained
from:	https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html
22 Jan 2021 09:33:28
Original commit files touched by this commit Revision:562282  1.1_5
jhale search for other commits by this committer
Document CVE-2020-15983 for games/chocolate-doom and games/crispy-doom
22 Jan 2021 00:22:44
Original commit files touched by this commit Revision:562266  1.1_5
mfechner search for other commits by this committer
Made clear how to test now entries against the newly formatted file.
22 Jan 2021 00:13:43
Original commit files touched by this commit Revision:562265  1.1_5
gjb search for other commits by this committer
Fix build.

Yes, please do FIXME.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
22 Jan 2021 00:09:24
Original commit files touched by this commit Revision:562264  1.1_5
mfechner search for other commits by this committer
Added security vulnerability for rubygem-nokogiri.
21 Jan 2021 13:19:10
Original commit files touched by this commit Revision:562204  1.1_5
bapt search for other commits by this committer
Split vuln.xml file [2/2]

The vuln.xml file has grown a lot since 2003. To avoid having to unlock
the svn size limitation, the file is now split into 1 file per year up
to the current year + previous one. The split is made based on the date
when the entry has been added.

In order to achieve the split without breaking any consumer we use a standard
XML mechanism via the definition of entities.

While here add a new target make vuln-flat.xml which will expand the entities
in order to be able to regenerate a one uniq file if needed. This useful to for
example allow to test with pkg audit directly given the XML parser used in pkg
does not support custom entities.

The vuxml web site generator has been modified to ensure the vuln.xml file it
provides is the expanded version, so for consumers it is still only one single
file to download.
21 Jan 2021 13:18:50
Original commit files touched by this commit Revision:562203  1.1_5
bapt search for other commits by this committer
Split vuln.xml file [1/2]

The vuln.xml file has grown a lot since 2003. To avoid having to unlock
the svn size limitation, the file is now split into 1 file per year up
to the current year + previous one. The split is made based on the date
when the entry has been added.

In order to achieve the split without breaking any consumer we use a standard
XML mechanism via the definition of entities.

While here add a new target make vuln-flat.xml which will expand the entities
in order to be able to regenerate a one uniq file if needed. This useful to for
example allow to test with pkg audit directly given the XML parser used in pkg
does not support custom entities.

The vuxml web site generator has been modified to ensure the vuln.xml file it
provides is the expanded version, so for consumers it is still only one single
file to download.

Number of commits found: 6447 (showing only 100 on this page)

[First Page]  «  1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11  »  [Last Page]