| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
1.1_3
12 Jan 2017 23:09:56
   |
lifanov  |
document ansible vulnerabilities
Reviewed by: matthew
Approved by: matthew (mentor)
Security: CVE-2016-9587
Security: https://vuxml.FreeBSD.org/freebsd/a93c3287-d8fd-11e6-be5c-001fbc0f280f.html
Differential Revision: https://reviews.freebsd.org/D9158 |
1.1_3
12 Jan 2017 11:49:44
|
tz |
Document phpmailer vulnerabilities.
Security: CVE-2017-5223
Security:
https://vuxml.FreeBSD.org/freebsd/7ae0be99-d8bb-11e6-9b7f-d43d7e971a1b.html |
1.1_3
12 Jan 2017 08:15:29
|
mat |
Fixup bind9-devel's version for last vuln.
Sponsored by: Absolight |
1.1_3
12 Jan 2017 07:27:14
|
delphij |
Document BIND multiple vulnerabilities. |
1.1_3
11 Jan 2017 17:28:12
|
feld |
Document FreeBSD-SA-17:01.openssh |
1.1_3
11 Jan 2017 11:50:02
|
brnrd |
security/vuxml: Fix version number of libressl-devel |
1.1_3
11 Jan 2017 11:41:08
|
brnrd |
security/vuxml: Document OpenSSL ECDSA P-256 vulnerability
- Affects libressl as well
Security: CVE-2016-7056 |
1.1_3
11 Jan 2017 02:21:58
|
junovitch |
Document Flash vulnerabilities in Adobe Security Bulletin APSB17-02
Security: CVE-2017-2925
Security: CVE-2017-2926
Security: CVE-2017-2927
Security: CVE-2017-2928
Security: CVE-2017-2930
Security: CVE-2017-2931
Security: CVE-2017-2932
Security: CVE-2017-2933
Security: CVE-2017-2934
Security: CVE-2017-2935
Security: CVE-2017-2936
Security: CVE-2017-2937
Security: CVE-2017-2938
Security: https://vuxml.FreeBSD.org/freebsd/2a7bdc56-d7a3-11e6-ae1b-002590263bf5.html |
1.1_3
10 Jan 2017 03:13:53
|
junovitch |
Mention pcsc-lite CVE (it was in next message in cited URL)
While here, fix spacing
PR: 215834 |
1.1_3
09 Jan 2017 18:21:40
|
feld |
Document moinmoin vulnerabilities
PR: 214937
Security: CVE-2016-7146 CVE-2016-7148 CVE-2016-9119 |
1.1_3
09 Jan 2017 18:12:34
|
sunpoet |
Fix openssh-portable version |
1.1_3
09 Jan 2017 17:37:48
|
feld |
Document libvncserver vulnerabilities
PR: 215805
Security: CVE-2016-9941 CVE-2016-9942 |
1.1_3
09 Jan 2017 17:32:04
|
feld |
Document libdwarf vulnerabilities
Security: CVE-2016-5027 CVE-2016-5028 CVE-2016-5029 CVE-2016-5030
Security: CVE-2016-5031 CVE-2016-5032 CVE-2016-5033 CVE-2016-5035
Security: CVE-2016-5037 CVE-2016-5040 CVE-2016-5041 CVE-2016-5043
Security: CVE-2016-5044 CVE-2016-7510 CVE-2016-7511 CVE-2016-8679
Security: CVE-2016-8680 CVE-2016-8681 CVE-2016-9275 CVE-2016-9276
Security: CVE-2016-9480 CVE-2016-9558
PR: 215085 |
1.1_3
09 Jan 2017 17:14:14
|
feld |
Document lynx vulnerabilities
PR: 215464
Security: CVE-2014-3566
Security: CVE-2016-9179 |
1.1_3
09 Jan 2017 16:49:45
|
feld |
Document hdf5 CVEs
PR: 214938
Security: CVE-2016-4330
SecuritY: CVE-2016-4331
Security: CVE-2016-4332
Security: CVE-2016-4333 |
1.1_3
09 Jan 2017 16:25:19
|
feld |
Add additional EoL ports to vuxml
PR: 211975 |
1.1_3
09 Jan 2017 16:07:39
|
feld |
Fix vuxml
CWE cannot be used in <cvename> |
1.1_3
09 Jan 2017 14:24:49
|
lifanov |
security/vuxml: document pcsc-lite vulnerabilities
PR: 215834
Submitted by: Mahdi Mokhtari <mokhi64@gmail.com> (maintainer)
Reviewed by: matthew
Approved by: matthew (mentor)
MFH: 2017Q1 |
1.1_3
09 Jan 2017 13:48:19
|
brnrd |
security/vuxml: Document GnuTLS vulnerabilities |
1.1_3
09 Jan 2017 07:56:16
|
nobutaka |
Modify affected version of w3m entry accordingly since w3m port has been
updated to fixed version.
MFH: 2017Q1 |
1.1_3
07 Jan 2017 23:07:46
|
junovitch |
Tag irssi entry with assigned CVEs, while here wrap at 80 and reference PR
PR: 215800
Security: CVE-2017-5193
Security: CVE-2017-5194
Security: CVE-2017-5195
Security: CVE-2017-5196
Security: https://vuxml.FreeBSD.org/freebsd/3d6be69b-d365-11e6-a071-001e67f15f5a.html |
1.1_3
07 Jan 2017 22:55:03
|
junovitch |
Document last quarter of Tomcat security advisories
Latest advisory is awaiting upstream release
PR: 214599
PR: 215865
Security: CVE-2016-0762
Security: CVE-2016-5018
Security: CVE-2016-6794
Security: CVE-2016-6796
Security: CVE-2016-6797
Security: CVE-2016-6816
Security: CVE-2016-8735
Security: CVE-2016-8745
Security: https://vuxml.FreeBSD.org/freebsd/0b9af110-d529-11e6-ae1b-002590263bf5.html
Security: https://vuxml.FreeBSD.org/freebsd/3ae106e2-d521-11e6-ae1b-002590263bf5.html
Security: https://vuxml.FreeBSD.org/freebsd/e5ec2767-d529-11e6-ae1b-002590263bf5.html |
1.1_3
06 Jan 2017 03:43:55
|
vanilla |
Document irc/irssi.
PR: 215801
Submitted by: Vladimir Krstulja <vlad-fbsd at acheronmedia.com> |
1.1_3
06 Jan 2017 03:18:20
|
junovitch |
Document security issues fixed in CodeIgniter 3.1.0 and 3.1.2
Note the security issue in CodeIgniter 3.1.1 is documented being valid on
PHP 5.3 only.
Security: https://vuxml.FreeBSD.org/freebsd/5e439ee7-d3bd-11e6-ae1b-002590263bf5.html
Security: https://vuxml.FreeBSD.org/freebsd/496160d3-d3be-11e6-ae1b-002590263bf5.html |
1.1_3
04 Jan 2017 10:24:37
|
brnrd |
security/vuxml: Update latest PHP 7 entry
- Vulnerable versions for all the referenced CVEs now known |
1.1_3
02 Jan 2017 17:12:49
|
zi |
- Document multiple vulnerabilities in w3m ports
PR: 215070
Submitted by: kcwu@csie.org
Security: eafa3aec-211b-4dd4-9b8a-a664a3f0917a |
1.1_3
29 Dec 2016 19:29:11
|
brnrd |
security/vuxml: Don't category prefix the <topic> |
1.1_3
29 Dec 2016 19:16:03
|
brnrd |
security/vuxml: Fix entry date on most recent commit |
1.1_3
29 Dec 2016 13:08:32
|
brnrd |
security/vuxml: Document h2o vulnerability
PR: 215587
Submitted by: Dave Cottlehuber <dch@skunkwerks.at> (maintainer) |
1.1_3
29 Dec 2016 11:30:41
|
brnrd |
security/vuxml: Document PHP 0-day vulnerabilities
- Two solved, not referenced in ChangeLog |
1.1_3
29 Dec 2016 11:22:35
|
brnrd |
security/vuxml: Document PHP vulnerabilities
- Vulnerabilities fixed in 7.0.14 |
1.1_3
29 Dec 2016 07:13:00
|
thierry |
Adding tt-rss to the phpmailer's vulnerabilities. |
1.1_3
28 Dec 2016 12:21:28
|
brnrd |
security/vuxml: Document phpmailer vulnerability
- NB: This is not a duplicate
Security: c7656d4c-cb60-11e6-a9a5-b499baebfeaf
Security: CVE-2016-10045 |
1.1_3
27 Dec 2016 20:52:52
|
timur |
Add entry for multiple samba 3.6.* - 4.4.* vulnerabilities.
Security: CVE-2016-2123
CVE-2016-2125
CVE-2016-2126 |
1.1_3
27 Dec 2016 16:07:24
|
pawel |
Document devel/upnp 2 security vulnerabilities:
- unhandled write of files to filesystem via POST by default
- heap buffer overflow in create_url_list function |
1.1_3
27 Dec 2016 10:33:55
|
bapt |
Fix range for exim vulnerability |
1.1_3
26 Dec 2016 11:57:38
|
brnrd |
security/vuxml: Document phpmailer vulnerability |
1.1_3
25 Dec 2016 14:13:29
|
vsevolod |
- Document CVE-2016-9963 for exim |
1.1_3
25 Dec 2016 10:28:52
|
brnrd |
security/vuxml: Document OpenSSH vulnerabilities |
1.1_3
24 Dec 2016 08:56:46
|
sunpoet |
- Fix space/tab: it was not caught by 'make validate' |
1.1_3
24 Dec 2016 08:38:12
|
sunpoet |
- Document cURL vulnerability |
1.1_3
23 Dec 2016 02:52:04
|
junovitch |
Document information disclosure CVEs in SQUID-2016:10 and SQUID-2016:11
PR: 215416
PR: 215418
Security: CVE-2016-10002
Security: CVE-2016-10003
Security: https://vuxml.FreeBSD.org/freebsd/41f8af15-c8b9-11e6-ae1b-002590263bf5.html |
1.1_3
23 Dec 2016 01:29:44
|
junovitch |
Document command execution in vim/neovim via specially crafted files
Reported by: ohaur
Security: CVE-2016-1248
Security: https://vuxml.FreeBSD.org/freebsd/c11629d3-c8ad-11e6-ae1b-002590263bf5.html |
1.1_3
22 Dec 2016 23:39:45
|
bapt |
Add a entry about a XSS concerning www/pligg |
1.1_3
22 Dec 2016 18:47:08
|
brnrd |
security/vuxml: Add severity to recent Apache vulnerabilities |
1.1_3
22 Dec 2016 17:50:21
|
feld |
Document FreeBSD-SA-16:39.ntp |
1.1_3
22 Dec 2016 08:05:36
|
brnrd |
security/vuxml: Document cURL 7.51 vulnerability |
1.1_3
22 Dec 2016 03:21:59
|
junovitch |
Document Joomla! security advisories since 3.4.6 was released.
While here, update entry for 3.4.6 with final advisory information from
JSST page.
A big thanks to Larry Rosenman for reporting the open issues and getting the
port up to date.
PR: 215058
Reported by: Larry Rosenman <ler@lerctr.org>
Security: CVE-2016-8869
Security: CVE-2016-8870
Security: CVE-2016-9081
Security: CVE-2016-9836
Security: CVE-2016-9837
Security: CVE-2016-9838
Security: https://vuxml.FreeBSD.org/freebsd/624b45c0-c7f3-11e6-ae1b-002590263bf5.html
Security: https://vuxml.FreeBSD.org/freebsd/a27d234a-c7f2-11e6-ae1b-002590263bf5.html
Security: https://vuxml.FreeBSD.org/freebsd/c0ef061a-c7f0-11e6-ae1b-002590263bf5.html
Security: https://vuxml.FreeBSD.org/freebsd/f0806cad-c7f1-11e6-ae1b-002590263bf5.html |
1.1_3
22 Dec 2016 02:11:05
|
junovitch |
Document Xen Security Advisory (XSA 202)
Security: CVE-2016-10024
Security: https://vuxml.FreeBSD.org/freebsd/3ae078ca-c7eb-11e6-ae1b-002590263bf5.html |
1.1_3
21 Dec 2016 10:35:21
|
ohauer |
- document Apache httpd-2.4.x defects |
1.1_3
20 Dec 2016 18:07:31
|
brnrd |
security/vuxml: Mark openssl-devel not vulnerable to CVE-2016-2178
PR: 214995
Reported by: Melvyn Sopacua <m.r.sopacua@gmail.com> |
1.1_3
20 Dec 2016 03:13:20
|
junovitch |
Document Xen Security Advisory (XSA 204)
Reported by: royger
Security: CVE-2016-10013
Security: https://vuxml.FreeBSD.org/freebsd/942433db-c661-11e6-ae1b-002590263bf5.html |
1.1_3
16 Dec 2016 08:33:08
|
jbeich |
security/vuxml: oops, seamonkey 2.46 has CVE-2016-9079 fix
https://hg.mozilla.org/releases/mozilla-release/rev/8b8d2820718f |
1.1_3
16 Dec 2016 02:14:29
|
junovitch |
Document two CVEs fixed in Atheme 7.2.7
PR: 209217
Security: CVE-2014-9773
Security: CVE-2016-4478
Security: https://vuxml.FreeBSD.org/freebsd/e47ab5db-c333-11e6-ae1b-002590263bf5.html |
1.1_3
14 Dec 2016 10:19:07
|
jbeich |
security/vuxml: mark www/firefox < 50.1_1,1 as vulnerable |
1.1_3
14 Dec 2016 03:12:28
|
junovitch |
Update Roundcube entry with CVE and Bugtraq ID and switch to more detailed
Mitre verbiage.
PR: 214925
Security: CVE-2016-9920
Security: https://vuxml.FreeBSD.org/freebsd/125f5958-b611-11e6-a9a5-b499baebfeaf.html |
1.1_3
14 Dec 2016 02:58:05
|
junovitch |
Document Wordpress security issues in 4.6.1.
I didn't see any security updates in the 4.7 blog entry but we missed
capturing these fixes from 4.6.1 earlier.
Security: https://vuxml.FreeBSD.org/freebsd/54e50cd9-c1a8-11e6-ae1b-002590263bf5.html |
1.1_3
14 Dec 2016 02:45:54
|
junovitch |
Document Xen Security Advisory (XSA 200)
Reported by: royger
Security: CVE-2016-9932
Security: https://vuxml.FreeBSD.org/freebsd/80a897a2-c1a6-11e6-ae1b-002590263bf5.html |
1.1_3
12 Dec 2016 20:23:58
|
brnrd |
security/vuxml: Document PHP 7.0.13 & 5.6.29 vulnerabilities
- No further detail provided by the PHP project |
1.1_3
09 Dec 2016 19:44:12
|
madpilot |
Document vulnerabilities in net/asterisk11 and net/asterisk13. |
1.1_3
08 Dec 2016 14:15:52
|
feld |
Revise FreeBSD-SA-16:37.libc entry |
1.1_3
07 Dec 2016 00:30:49
|
jhale |
Document vulnerabilities in security/cryptopp
Security: CVE-2015-2141
Security: CVE-2016-3995
Security: CVE-2016-7420 |
1.1_3
06 Dec 2016 20:05:33
|
feld |
Fix a couple <freebsdsa> that were meant to be <freebsdpr> |
1.1_3
06 Dec 2016 20:03:52
|
feld |
Document FreeBSD-SA-16:38.bhyve
Security: CVE-2016-1889 |
1.1_3
06 Dec 2016 19:56:37
|
feld |
Document FreeBSD-SA-16:37.libc
Security: CVE-2016-6559 |
1.1_3
06 Dec 2016 19:55:52
|
feld |
Document FreeBSD-SA-16:36.telnetd
Security: CVE-2016-1888 |
1.1_3
06 Dec 2016 10:04:09
|
brnrd |
security/vuxml: Document Apache HTTP/2 vulnerability
Security: CVE-2016-8740 |
1.1_3
05 Dec 2016 20:21:12
|
rene |
Document new vulnerabilities in www/chromium < 55.0.2883.75
Obtained
from: https://googlechromereleases.blogspot.nl/2016/12/stable-channel-update-for-desktop.html |
1.1_3
04 Dec 2016 23:55:55
|
feld |
Document ImageMagick7 vulnerabilities
PR: 214514
Security: CVE-2016-9298
Security: CVE-2016-8866
Security: CVE-2016-8862 |
1.1_3
04 Dec 2016 23:03:28
|
feld |
Document py-pillow vulnerabilities
PR: 214410
Security: CVE-2016-9189
Security: CVE-2016-9190 |
1.1_3
04 Dec 2016 22:52:26
|
feld |
Document ImageMagick vulnerability
PR: 214520
Security: CVE-2016-9298 |
1.1_3
04 Dec 2016 22:29:11
|
feld |
Document py-cryptography vulnerability
PR: 214915
Security: CVE-2016-9243 |
1.1_3
04 Dec 2016 21:20:25
|
feld |
Document qemu vulnerability
PR: 206725
Security: CVE-2015-1779 |
1.1_3
04 Dec 2016 19:35:14
|
junovitch |
Document Xen Security Advisories (XSAs 185-188, 190-195, 197-198)
PR: 214936
Security: CVE-2016-7092
Security: CVE-2016-7093
Security: CVE-2016-7094
Security: CVE-2016-7154
Security: CVE-2016-7777
Security: CVE-2016-9379
Security: CVE-2016-9380
Security: CVE-2016-9381
Security: CVE-2016-9382
Security: CVE-2016-9383
Security: CVE-2016-9384
Security: CVE-2016-9385 (Only the first 15 lines of the commit message are shown above  ) |
1.1_3
01 Dec 2016 16:46:44
|
marcus |
Add an entry for wireshark < 2.2.2
PR: 214753
Submitted by: Piotr Kubaj <pkubaj@anongoth.pl> |
1.1_3
01 Dec 2016 13:40:50
|
cmt |
document mozilla vulnerabilities CVE-2016-9079
PR: 214978
Approved by: jbeich, rene (mentor, implicit) |
1.1_3
30 Nov 2016 17:18:26
|
tijl |
linux-c7-libgcrypt 1.5.3_1 fixes CVE-2016-6313. |
1.1_3
30 Nov 2016 16:56:37
|
tijl |
Fix a package name. |
1.1_3
30 Nov 2016 16:51:18
|
tijl |
Add linux-*-expat to CVE-2016-0718 entry.
PR: 214951
Security: https://rhn.redhat.com/errata/RHSA-2016-2824.html |
1.1_3
30 Nov 2016 12:07:30
|
vd |
Document ftp/wget's Access List Bypass / Race Condition vulnerability
PR: 214941
Submitted by: Sevan Janiyan <venture37@geeklan.co.uk>
Security: CVE-2016-7098 |
1.1_3
30 Nov 2016 10:48:56
|
rakuco |
Add entry for CVE-2016-9296 in archivers/p7zip. |
1.1_3
30 Nov 2016 03:33:45
|
cy |
Document Apache Subverision vulnerability CVE-2016-8734:
Unrestricted XML entity expansion in mod_dontdothat and Subversion
clients using http(s)://
Reported by: Evgeny Kotkov <kotkov@apache.org>
Security: CVE-2016-8734 |
1.1_3
29 Nov 2016 22:58:53
|
junovitch |
Document libwww vulnerabilities
PR: 214532
Submitted by: Danilo G. Baio <dbaio@bsd.com.br>
Security: CVE-2009-3720
Security: CVE-2009-3560
Security: CVE-2005-3183
Security: https://vuxml.FreeBSD.org/freebsd/18449f92-ab39-11e6-8011-005056925db4.html |
1.1_3
29 Nov 2016 12:50:22
|
jbeich |
security/vuxml: mark www/firefox < 50.0.1,1 as vulnerable |
1.1_3
29 Nov 2016 08:55:55
|
brnrd |
security/vuxml: Document Roundcube vulnerability |
1.1_3
27 Nov 2016 03:25:52
|
junovitch |
Remove trailing period in version and re-wrap Drupal entry at <=80 lines
PR: 214813 |
1.1_3
27 Nov 2016 03:07:49
|
junovitch |
Revise earlier Moodle entry with released advisories (MSA-16-0023 - MSA-16-026)
Security: CVE-2016-8642
Security: CVE-2016-8643
Security: CVE-2016-8644 |
1.1_3
25 Nov 2016 10:11:38
|
tz |
Document Drupal vulnerabilities
PR: 214813
Security: CVE-2016-9449
Security: CVE-2016-9450
Security: CVE-2016-9451
Security: CVE-2016-9452
Security:
https://vuxml.freebsd.org/freebsd/8db24888-b2f5-11e6-8153-00248c0c745d.html
Approved by: mentors (implicit) |
1.1_3
25 Nov 2016 08:16:36
|
matthew |
Document the latest batch of phpMyAdmin security advisories. All 14
of them. |
1.1_3
24 Nov 2016 16:30:30
|
tijl |
Add linux-c7-libgcrypt to CVE-2016-6313 entry.
Presumably a fix will be released with CentOS 7.3.
PR: 214460
Security: https://rhn.redhat.com/errata/RHSA-2016-2674.html |
1.1_3
24 Nov 2016 16:08:28
|
feld |
Document additional MySQL vulnerable versions
No information on which versions of MariaDB or Percona are affected.
PR: 212612
Security: CVE-2016-6662 |
1.1_3
24 Nov 2016 16:05:43
|
feld |
Document MySQL RCE vulnerability
PR: 212612
Security: CVE-2016-6662 |
1.1_3
23 Nov 2016 11:05:05
|
tijl |
Fix linux-*-nss range for CVE-2016-2834.
PR: 214755
Security: https://access.redhat.com/errata/RHSA-2016:2779 |
1.1_3
22 Nov 2016 08:19:25
|
delphij |
Document multiple ntp vulnerabilities. |
1.1_3
21 Nov 2016 16:04:32
|
amdmi3 |
- Document Teeworlds remote code execution |
1.1_3
16 Nov 2016 18:26:03
|
swills |
Document Jenkins Security Advisory 2016-11-16 |
1.1_3
16 Nov 2016 01:58:36
|
junovitch |
Document Moodle security advisories from September (MSA-16-0022) and
November releases.
Security: CVE-2016-7038 |
1.1_3
15 Nov 2016 22:02:54
|
jbeich |
security/vuxml: add entry for r425098, r425099, r425470 |
1.1_3
13 Nov 2016 11:11:02
|
tijl |
Add linux-c6-libgcrypt to CVE-2016-6313 entry.
PR: 214460
Security: https://rhn.redhat.com/errata/RHSA-2016-2674.html |
1.1_3
12 Nov 2016 20:51:11
|
pawel |
Document multimedia/lives security issues |
As an Amazon Associate I earn from qualifying purchases.
