| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
1.1_3
21 Jun 2017 07:27:28
   |
brnrd  |
security/vuxml: Fix entry uppercasing
- Introduced in 443943 |
1.1_3
20 Jun 2017 07:05:15
|
brnrd |
security/vuxml: Document Apache httpd vulnerabilities |
1.1_3
16 Jun 2017 10:52:28
|
cpm |
Document new vulnerabilities in www/chromium < 59.0.3071.104
Obtained
from: https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop_15.html |
1.1_3
15 Jun 2017 21:58:23
|
sunpoet |
Document cURL vulnerability |
1.1_3
15 Jun 2017 20:54:28
|
matthew |
Fix the range of vulnerable versions for p5-RT-Authen-ExternalAuth --
BestPractical have released a tarball of patches, but they've also
pushed 0.27 up to CPAN and that has the fixes incorporated. |
1.1_3
15 Jun 2017 20:42:51
|
matthew |
Document multiple vulnerabilities in www/rt42, www/rt44 and
www/p5-RT-Authen-ExternalAuth |
1.1_3
15 Jun 2017 18:26:53
|
jkim |
Document latest Flash Player vulnerabilities.
https://helpx.adobe.com/security/products/flash-player/apsb17-17.html |
1.1_3
13 Jun 2017 19:56:08
|
jbeich |
security/vuxml: mark firefox < 54 as vulnerable |
1.1_3
10 Jun 2017 06:12:55
|
woodsb02 |
Correct vulnerable versions of security/heimdal after the security fix
was backported in 7.1.0_3
PR: 219657
Security: CVE-2017-6594 |
1.1_3
09 Jun 2017 18:20:05
|
feld |
Document roundcube vulnerability
PR: 219789 |
1.1_3
08 Jun 2017 17:08:50
|
tijl |
Document GNUTLS-SA-2017-4.
Security: https://gnutls.org/security.html#GNUTLS-SA-2017-4 |
1.1_3
08 Jun 2017 00:24:48
|
zi |
- Document remote DoS in irc/irssi |
1.1_3
06 Jun 2017 15:05:42
|
cpm |
Document new vulnerabilities in www/chromium < 59.0.3071.86
Obtained
from: https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop.html |
1.1_3
02 Jun 2017 19:46:51
|
lifanov |
Document vulnerability in sysutils/ansible (CVE-2017-7481) |
1.1_3
01 Jun 2017 15:27:43
|
zi |
- Document authentication bypass in security/duo |
1.1_3
01 Jun 2017 13:50:46
|
zi |
- Document vulnerability in net/freeradius3 (CVE-2017-9148) |
1.1_3
31 May 2017 15:30:02
|
feld |
Document heimdal vulnerability
PR: 219657
Security: CVE-2017-6594 |
1.1_3
30 May 2017 13:21:27
|
tz |
Modify GitLab entries:
- wrap long lines
- add missing modfied |
1.1_3
30 May 2017 10:26:22
|
kwm |
Update imagemagick entry
* Fix indention
* Add ranges to the imagemagick 6 version check, to prep for
ImageMagick patch for the branch.
* Add portepoch's to the imagemagick 6 versions.
* Bump imagemagick 6 version. This version fixes at least one of
the mentioned CVE's.
* Change CVE-2017-8365 to CVE-2017-8765. CVE-2017-8365 is a
libsndfile CVE.
* Add modified tag. |
1.1_3
30 May 2017 08:01:33
|
brnrd |
security/vuxml: Fix latest ImageMagick entry
- Fix case in pkgname
- Add version 7
- add -nox pkgnamesuffix
PR: 219497
Submitted by: Dani <i.dani@outlook.com> |
1.1_3
26 May 2017 12:25:36
|
feld |
Document FreeBSD-SA-17:04.ipfilter |
1.1_3
26 May 2017 12:24:33
|
feld |
Document FreeBSD-SA-17:03.ntp |
1.1_3
26 May 2017 12:23:42
|
feld |
Add missing info for FreeBSD-SA-17:02.openssl |
1.1_3
26 May 2017 07:38:18
|
riggs |
Document remote code execution via subtitles in multimedia/vlc |
1.1_3
25 May 2017 22:12:55
|
mandree |
Document OpenEXR 2.2.0 vulnerabilities
Reported by: Brandon Perry
Security: 803879e9-4195-11e7-9b08-080027ef73ec
Security: CVE-2017-9116
Security: CVE-2017-9115
Security: CVE-2017-9114
Security: CVE-2017-9113
Security: CVE-2017-9112
Security: CVE-2017-9111
Security: CVE-2017-9110 |
1.1_3
25 May 2017 20:51:48
|
brnrd |
security/vuxml: Document ImageMagick vulnerabilities
PR: 219497
Reported by: dani <i.dani@outlook.com> |
1.1_3
24 May 2017 09:31:53
|
brnrd |
security/vuxml: Document samba RCE vulnerability
- Add entry for samba
- Fix tabs/space previous entry
Security: CVE-2017-7494 |
1.1_3
23 May 2017 09:18:05
|
danfe |
Document another round of multiple vulnerabilities found in the kernel
mode layer handler of nVidia GPU display driver.
Security: CVE-2017-0350, CVE-2017-0351, CVE-2017-0352
PR: 219465
Submitted by: Andrew Marks |
1.1_3
22 May 2017 08:58:45
|
dinoex |
- add miniupnpc CVE-2017-8798 |
1.1_3
22 May 2017 08:29:27
|
miwi |
- Fix spelling
Reported by: remko |
1.1_3
22 May 2017 07:16:13
|
joneum |
- Document Wordpress multible vulnerabilities
Approved by: miwi (mentor)
Differential Revision: https://reviews.freebsd.org/D10789 |
1.1_3
19 May 2017 22:59:56
|
madpilot |
Document net/asterisk13 and net/pjsip vulnerabilities. |
1.1_3
18 May 2017 20:08:49
|
ler |
Clean up joomla3 entry.
Submitted by: zi |
1.1_3
18 May 2017 17:21:08
|
ler |
Add cvename |
1.1_3
18 May 2017 17:18:44
|
ler |
Add entry for Joomla3 20170501. |
1.1_3
18 May 2017 10:58:06
|
tz |
Document recent GitLab vulnerabilities.
Security:
https://vuxml.FreeBSD.org/freebsd/9704930c-3bb7-11e7-93f7-d43d7e971a1b.html |
1.1_3
18 May 2017 10:47:25
|
tz |
Fix name of old gitlab-entry, its gitlab instead of rubygem-gitlab |
1.1_3
18 May 2017 10:45:58
|
tz |
Document GitLab vulnerabilities.
Security: CVE-2017-0882
Security:
https://vuxml.FreeBSD.org/freebsd/5d62950f-3bb5-11e7-93f7-d43d7e971a1b.html |
1.1_3
18 May 2017 08:44:08
|
kwm |
Document freetype2 vulnability.
Security: CVE-2017-8105, CVE-2017-8287 |
1.1_3
11 May 2017 20:27:59
|
mandree |
Add openvpn < 2.3.15/< 2.4.2 DoS vuln.
https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAudits
Reported by: Samuli Seppanen
Security: 04cc7bd2-3686-11e7-aa64-080027ef73ec
Security: CVE-2017-7478
Security: CVE-2017-7479 |
1.1_3
11 May 2017 14:23:56
|
girgen |
Add information about vulnerabilities in PostgreSQL
Security: CVE-2017-7484 CVE-2017-7485 CVE-2017-7486 |
1.1_3
10 May 2017 12:02:02
|
tcberner |
Document kauth privilege escalation.
Reviewed by: rakuco
Approved by: rakuco (mentor)
Security: CVE-2017-8422
Differential Revision: https://reviews.freebsd.org/D10660 |
1.1_3
09 May 2017 21:45:41
|
pawel |
Document mail/libetpan null dereference vulnerability |
1.1_3
04 May 2017 21:49:07
|
jkim |
CVE-2017-7867 and CVE-2017-7868 were fixed in r440117. |
1.1_3
03 May 2017 22:41:59
|
cpm |
Document new vulnerability in www/chromium < 58.0.3029.96
Obtained
from: https://chromereleases.googleblog.com/2017/05/stable-channel-update-for-desktop.html |
1.1_3
30 Apr 2017 21:36:36
|
ler |
security/vuxml: Document dovecot2 vulnerability
PR: 218671
Approved by: adamw (mentor, implicit), ports-secteam (maintainer timeout)
Security: CVE-2017-2669 |
1.1_3
29 Apr 2017 17:33:51
|
brnrd |
security/libressl-devel: Mark vulnerabile 2.5.3 |
1.1_3
28 Apr 2017 09:23:30
|
brnrd |
security/vuxml: Document LibreSSL vulnerability
- CVE-2017-8301 TLS verification vulnerability |
1.1_3
27 Apr 2017 03:41:04
|
lwhsu |
Document Jenkins Security Advisory 2017-04-26 |
1.1_3
25 Apr 2017 02:34:59
|
junovitch |
Document security issues fixed in CodeIgniter 3.1.4
Security: https://vuxml.FreeBSD.org/freebsd/df0144fb-295e-11e7-970f-002590263bf5.html |
1.1_3
24 Apr 2017 20:12:59
|
brnrd |
security/vuxml: Document weechat vulnerability
PR: 218852
Submitted by: Jochen Neumeister <joneum@bsdproject.de> |
1.1_3
24 Apr 2017 10:40:58
|
mat |
and make validate for something I did not do.
Pointy hat: acm
Sponsored by: Absolight |
1.1_3
24 Apr 2017 10:37:24
|
mat |
I'm stupid.
Pointy hat: mat
Sponsored by: Absolight |
1.1_3
24 Apr 2017 10:26:59
|
mat |
This was fixed a while ago.
Sponsored by: Absolight |
1.1_3
21 Apr 2017 18:54:31
|
acm |
- Document new vulnerability in www/drupal8 < 8.3.1 |
1.1_3
21 Apr 2017 13:46:50
|
cpm |
Document new vulnerabilities in www/chromium < 58.0.3029.81
Obtained
from: https://chromereleases.googleblog.com/2017/04/stable-channel-update-for-desktop.html |
1.1_3
20 Apr 2017 18:48:10
|
jkim |
Add a separate entry for linux-c7-graphite2. It is not fixed yet. |
1.1_3
20 Apr 2017 18:43:15
|
jkim |
CVE-2017-5436 was fixed by r438984. |
1.1_3
20 Apr 2017 16:54:19
|
jbeich |
security/vuxml: back out r438981 as I've confused already extracted directory |
1.1_3
20 Apr 2017 16:49:21
|
jbeich |
security/vuxml: icu 59.1 doesn't have the fix |
1.1_3
20 Apr 2017 16:00:09
|
jbeich |
security/vuxml: oops, forgot PORTEPOCH from r418152 |
1.1_3
20 Apr 2017 15:56:03
|
jbeich |
security/vuxml: mark icu < 59.1 as vulnerable |
1.1_3
20 Apr 2017 15:29:21
|
jbeich |
security/vuxml: mark old sndfile/samplerate/tiff as vulnerable |
1.1_3
20 Apr 2017 14:25:23
|
sunpoet |
Document cURL vulnerability |
1.1_3
20 Apr 2017 08:39:53
|
jbeich |
security/vuxml: mark some firefox < 53 bundled deps as vulnerable |
1.1_3
20 Apr 2017 02:24:46
|
jbeich |
security/vuxml: mark firefox < 53 as vulnerable |
1.1_3
19 Apr 2017 19:11:11
|
brnrd |
security/vuxml: Document vulnerabilities from Oracle 2017Q2 update |
1.1_3
13 Apr 2017 10:15:14
|
mat |
Adjust the bind9-devel version it was fixed in.
Sponsored by: Absolight |
1.1_3
13 Apr 2017 03:58:32
|
delphij |
Document BIND multiple vulnerabilities. |
1.1_3
07 Apr 2017 14:26:14
|
kami |
security/vuxml: Add id Tech 3 remote code execution
PR: 217911
Reviewed by: delphij, #ports_secteam
Approved by: delphij, #ports_secteam
Security: CVE-2017-6903
Differential Revision: https://reviews.freebsd.org/D10244 |
1.1_3
06 Apr 2017 13:52:54
|
junovitch |
Document Xen Security Advisory (XSA 212)
Security: CVE-2017-7228
Security: https://vuxml.FreeBSD.org/freebsd/90becf7c-1acf-11e7-970f-002590263bf5.html |
1.1_3
06 Apr 2017 13:37:38
|
junovitch |
Update curl version. Patch backported in 437808 instead of version bump. |
1.1_3
05 Apr 2017 16:47:14
|
brnrd |
security/vuxml: Add missing topic
Reported by: Guido Falsi <madpilot@FreeBSD.org> |
1.1_3
05 Apr 2017 14:34:15
|
brnrd |
security/vuxml: Document curl vulnerability |
1.1_3
04 Apr 2017 18:10:17
|
miwi |
- Document django -- multible vulnerabilities |
1.1_3
04 Apr 2017 16:39:29
|
madpilot |
Document net/asterisk13 vulnerability. |
1.1_3
04 Apr 2017 02:27:15
|
danfe |
- Document recent NVIDIA GPU display driver vulnerabilities
- Spell "NVIDIA UNIX driver" consistently throughout the file
PR: 217341 |
1.1_3
30 Mar 2017 21:43:45
|
cpm |
Document new vulnerabilities in www/chromium < 57.0.2987.133
Obtained
from: https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop_29.html |
1.1_3
30 Mar 2017 01:58:06
|
junovitch |
Document Xen Security Advisory (XSA 206)
CVE lists none (yet) assigned
While here, fix a typo on my last Xen entry
Security: https://vuxml.FreeBSD.org/freebsd/47873d72-14eb-11e7-970f-002590263bf5.html |
1.1_3
30 Mar 2017 01:47:42
|
junovitch |
Actually, let's refer to the original entries for these hostapd CVEs
Reflect CVE-2016-4476 / VID 967b852b-1e28-11e6-8dd3-002590263bf5 in cancelled
CVE-2015-5314 is in VID 976567f6-05c5-11e6-94fa-002590263bf5
PR: 217906
Security: https://vuxml.FreeBSD.org/freebsd/976567f6-05c5-11e6-94fa-002590263bf5.html
Security: https://vuxml.FreeBSD.org/freebsd/967b852b-1e28-11e6-8dd3-002590263bf5.html |
1.1_3
29 Mar 2017 16:47:40
|
matthew |
phpMyAdmin: document PMASA-2017-8 -- bypass restrictions on 'no
password' accounts. |
1.1_3
28 Mar 2017 23:19:48
|
feld |
Document hostapd vulnerabilities
PR: 217906 |
1.1_3
25 Mar 2017 00:01:54
|
timur |
Add entry about Samba vulnerability CVE-2017-2619
Security: CVE-2017-2619 |
1.1_3
23 Mar 2017 01:51:39
|
junovitch |
Document Xen Security Advisory (XSA 211)
Security: CVE-2016-9603
Security: https://vuxml.FreeBSD.org/freebsd/af19ecd0-0f6a-11e7-970f-002590263bf5.html |
1.1_3
22 Mar 2017 19:14:32
|
riggs |
Add CVE ID for recent irssi vulnerability
PR: 217878
Submitted by: dor.bsd@xm0.uk (irssi mainainer) |
1.1_3
22 Mar 2017 03:01:06
|
junovitch |
Update hostapd on two older entries.
Fixes were not backported prior. Recent update is v2.6 as noted in advisory.
Security: CVE-2015-5310
Security: CVE-2015-5315
Security: CVE-2015-5316
Security: CVE-2016-4476
Security: CVE-2016-4477
Security: https://vuxml.FreeBSD.org/freebsd/967b852b-1e28-11e6-8dd3-002590263bf5.html
Security: https://vuxml.FreeBSD.org/freebsd/976567f6-05c5-11e6-94fa-002590263bf5.html |
1.1_3
18 Mar 2017 13:57:40
|
riggs |
Document use-after-free vulnerability in irc/irssi
PR: 217878 |
1.1_3
18 Mar 2017 11:00:07
|
brnrd |
security/vuxml: Add DoS vuln for mysql-client
- Fix typo in 5f453b69-abab-4e76-b6e5-2ed0bafcaee3 while here |
1.1_3
18 Mar 2017 09:40:22
|
jbeich |
security/vuxml: mark firefox < 52.0.1 as vulnerable
Note, sandboxing isn't implemented on FreeBSD. |
1.1_3
18 Mar 2017 02:15:27
|
junovitch |
Document Moodle security advisories from January (MSA-17-0001 - MSF-17-0004)
and March releases (details not yet released).
Security: CVE-2017-2576
Security: CVE-2017-2578
Security: CVE-2016-10045
Security: https://vuxml.FreeBSD.org/freebsd/f72d98d1-0b7e-11e7-970f-002590263bf5.html
Security: https://vuxml.FreeBSD.org/freebsd/df45b4bd-0b7f-11e7-970f-002590263bf5.html |
1.1_3
18 Mar 2017 01:47:28
|
junovitch |
Fix incorrect PKGNAME in www/tomcat6 entries. It's been tomcat since r238618.
Pointy hat to: junovitch (for most of them) |
1.1_3
17 Mar 2017 15:34:34
|
acm |
- Document multiple vulnerabilities in www/drupal8
Security: CVE-2017-6377
Security: CVE-2017-6379
Security: CVE-2017-6381
Security: 2730c668-0b1c-11e7-8d52-6cf0497db129 |
1.1_3
16 Mar 2017 23:00:08
|
mandree |
Document PuTTY < 0.68 agent forwarding vuln.
Security: CVE-2017-6542
Security: 9b973e97-0a99-11e7-ace7-080027ef73ec |
1.1_3
16 Mar 2017 11:37:14
|
tijl |
Document latest Flash Player vulnerabilities.
Security: https://helpx.adobe.com/security/products/flash-player/apsb17-07.html |
1.1_3
14 Mar 2017 19:47:38
|
gjb |
Attempt to fix vuxml build.
Sponsored by: The FreeBSD Foundation |
1.1_3
14 Mar 2017 19:43:17
|
brnrd |
security/vuxml: modify most recent mariadb entries
- ChangeLog of 10.0.30 and 10.1.22 refer to CVE-2017-3313
Security: 4d2f9d09-ddb7-11e6-a9a5-b499baebfeaf
Security: CVE-2017-3313 |
1.1_3
12 Mar 2017 21:49:19
|
tijl |
Document mbed TLS Security Advisory 2017-01
Security: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2017-01 |
1.1_3
12 Mar 2017 20:18:59
|
cpm |
Document new vulnerabilities in www/chromium < 57.0.2987.98
Obtained
from: https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html |
1.1_3
11 Mar 2017 23:24:14
|
eugen |
Document several security defects in the Bouncy Castle Crypto APIs
PR: 215507
Approved by: vsevolod (mentor)
Obtained from: https://www.bouncycastle.org/releasenotes.html
Security:
https://vuxml.FreeBSD.org/freebsd/89cf8cd2-0698-11e7-aa3f-001b216d295b |
1.1_3
11 Mar 2017 21:42:07
|
rakuco |
Add entry for CVE-2016-7787 in x11/kde4-runtime.
Security announcement:
https://www.kde.org/info/security/advisory-20160621-1.txt |
As an Amazon Associate I earn from qualifying purchases.
