| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
1.1_2
17 Sep 2014 11:04:33
   |
kwm  |
Document new dbus vulnabilities.
MFH: 2014Q3 |
1.1_2
16 Sep 2014 17:35:34
|
osa |
Document nginx security advisory (CVE-2014-3616). |
1.1_2
13 Sep 2014 21:18:57
|
matthew |
Document the latest phpMyAdmin vulnerability
Security: cc627e6c-3b89-11e4-b629-6805ca0b3d42 |
1.1_2
11 Sep 2014 14:09:44
|
brd |
Document CVE-2014-5284 affecting security/ossec-hids-* < 2.8.1.
Reviewed by: zi@ |
1.1_2
09 Sep 2014 21:27:25
|
rene |
Document new vulnerabilities in www/chromium < 37.0.2062.120
Obtained from: http://googlechromereleases.blogspot.nl/
MFH: 2014Q3 |
1.1_2
05 Sep 2014 14:45:48
|
tijl |
Document trafficserver vulnerability
MFH: 2014Q3 |
1.1_2
03 Sep 2014 20:16:29
|
ohauer |
- update vid f927e06c-1109-11e4-b090-20cf30e32f6d
(httpd-2.2.29 was released today)
MFH: 2014Q3 |
1.1_2
26 Aug 2014 16:36:41
|
rene |
Document new vulnerabilities in www/chromium < 37.0.2062.94
Obtained from: http://googlechromereleases.blogspot.nl
MFH: 2014Q3 |
1.1_2
21 Aug 2014 19:46:21
|
zi |
- Document buffer overrun in sysutils/file |
1.1_2
21 Aug 2014 17:13:16
|
lwhsu |
Add missing <package> tag |
1.1_2
21 Aug 2014 17:09:59
|
lwhsu |
Document Django 2014-08-20 vulnerabilty
Reviewed by: koobs |
1.1_2
18 Aug 2014 21:11:32
|
flo |
Record PHP 5.3 vulnerabilities |
1.1_2
17 Aug 2014 19:48:04
|
matthew |
Document the latest phpMyAdmin security advisories.
XSS in view operations page
and
Multiple XSS vulnerabilities in browse table, ENUM editor, monitor, query charts
and table relations pages
Security: fbb01289-2645-11e4-bc44-6805ca0b3d42 |
1.1_2
13 Aug 2014 06:43:35
|
rene |
Document new vulnerabilities in www/chromium < 36.0.1985.143
Submitted by: Carlos Jacobo Puga Media <cpm@fbsd.es>
Obtained from: http://googlechromereleases.blogspot.nl/
MFH: 2014Q3 |
1.1_2
11 Aug 2014 20:19:41
|
ohauer |
- fix package name s/subversion18/subversion/
Thanks to jkim@ for the notice! |
1.1_2
11 Aug 2014 19:06:37
|
zi |
- INSERT URL HERE |
1.1_2
11 Aug 2014 18:52:33
|
ohauer |
- document serf CVE-2014-3504
MFH: 2014Q3 |
1.1_2
11 Aug 2014 18:42:38
|
ohauer |
- document subversion CVE-2014-3522, CVE-2014-3528
MFH: 2014Q3 |
1.1_2
10 Aug 2014 03:07:54
|
osa |
Fix typo.
Found by: rene |
1.1_2
09 Aug 2014 18:26:53
|
osa |
Document nginx vulnerability. |
1.1_2
06 Aug 2014 23:12:58
|
delphij |
Document OpenSSL multiple vulnerabilities. |
1.1_2
03 Aug 2014 21:44:44
|
rakuco |
Document CVE-2014-4607 in net/krfb.
MFH: 2014Q3 |
1.1_2
02 Aug 2014 15:17:54
|
zi |
- Document net/samba4* vulnerability: CVE-2014-3560 |
1.1_2
02 Aug 2014 02:34:44
|
jhale |
- Document vulnerability in security/gpgme (CVE-2014-3564) |
1.1_2
31 Jul 2014 15:23:47
|
rakuco |
Document x11/kdelibs4 vulnerability |
1.1_2
30 Jul 2014 20:54:22
|
cs |
tor -- traffic confirmation attack |
1.1_2
28 Jul 2014 18:38:13
|
cs |
Report serious i2p vulnerability |
1.1_2
25 Jul 2014 14:12:55
|
ohauer |
- document bugzilla Cross Site Request Forgery (CVE-2014-1546)
MFH: 2014Q3 |
1.1_2
24 Jul 2014 20:12:51
|
ohauer |
- document apache22 CVE entries
MFH: 2014Q3 |
1.1_2
23 Jul 2014 16:51:38
|
zi |
- Document vulnerabilities in www/tomcat*: CVE-2014-0096, CVE-2014-0099,
CVE-2014-0075 |
1.1_2
23 Jul 2014 07:50:19
|
delphij |
Document Mozilla multiple vulnerabilities. |
1.1_2
21 Jul 2014 21:36:54
|
rakuco |
Fix the recent Qt vulnerability entry again.
The CVE patch applies to -imageformats in Qt4 but -gui in Qt5. I always get
confused by the different port names...
Noted by antoine@.
MFH: 2014Q3
Security: 904d78b8-0f7e-11e4-8b71-5453ed2e2b49 |
1.1_2
21 Jul 2014 21:20:14
|
swills |
security/vuxml: document security issue in mcollective |
1.1_2
20 Jul 2014 21:47:42
|
matthew |
Update the latest phpMyAdmin entry with CVE numbers and descriptive
text from the security advisories, now that they have been published.
Security: 3f09ca29-0e48-11e4-b17a-6805ca0b3d42 |
1.1_2
20 Jul 2014 17:06:36
|
rakuco |
Fix the list of packages affected by 904d78b8-0f7e-11e4-8b71-5453ed2e2b49.
Submitted by: RyoTa SimaMoto <liangtai.s16@gmail.com>
MFH: 2014Q3 |
1.1_2
19 Jul 2014 20:24:30
|
rakuco |
Document qt4-gui/qt5-gui vulnerability.
MFH: 2014Q3 |
1.1_2
19 Jul 2014 13:46:20
|
ohauer |
- document apache24 CVE entries
until now there is no official CHANGELOG and apache-2.4.10
is not released, so take summary from upstream SVN. |
1.1_2
18 Jul 2014 07:02:34
|
matthew |
Yet another tranche of phpMyAdmin security alerts. In typical style
there has been a software release with warnings that it contains
security fixes, but the Security Advisories are not yet available and
CVE numbers have not yet been published. |
1.1_2
17 Jul 2014 08:29:54
|
rene |
Document new vulnerabilities in www/chromium < 36.0.1985.125
Submitted by: Carlos Jacobo Puga Medina <cpm@fbsd.es> via freebsd-chromium
Obtained from: http://googlechromereleases.blogspot.nl/
MFH: 2014Q3 |
1.1_2
16 Jul 2014 20:12:28
|
rakuco |
Document x11/kdelibs4 vulnerability.
MFH: 2014Q3 |
1.1_2
13 Jul 2014 13:29:22
|
rakuco |
Add entry for mail/postfixadmin.
PR: 189248
MFH: 2014Q3 |
1.1_2
04 Jul 2014 06:38:24
|
swills |
- Add seamonkey to list of things affected by mozilla issue |
1.1_2
03 Jul 2014 14:57:40
|
kwm |
Document more dbus vulnabilities. |
1.1_2
28 Jun 2014 12:09:09
|
riggs |
Add vuln entries for mplayer and mencoder for CVE-2014-4610
(integer overflow in ffmpeg's lzo code)
Approved by: mentors (implicit)
MFH: 2014Q2 |
1.1_2
26 Jun 2014 18:08:03
|
mandree |
Add a vulnerability entry for lzo2. |
1.1_2
24 Jun 2014 14:49:44
|
kuriyama |
Add also gnupg-2.0.24. |
1.1_2
24 Jun 2014 06:48:54
|
matthew |
Update vuln.xml now that advisories have been published. |
1.1_2
24 Jun 2014 00:07:48
|
kuriyama |
Add about gnupg-1.4.17. |
1.1_2
23 Jun 2014 18:29:56
|
zi |
- Document recent samba vulnerabilities (CVE-2014-3493, CVE-2014-0244) |
1.1_2
20 Jun 2014 23:24:19
|
matthew |
Document the latest phpMyAdmin vulnerabilities. Very little
information has been published as yet. What there is here has been
gleaned from the ChangeLog at
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.2.4/phpMyAdmin-4.2.4-notes.html/view
Updates and CVE numbers to follow, as they are made available. |
1.1_2
18 Jun 2014 22:02:27
|
lx |
Add vuln entry for iodine.
Submitted by: Kenta S. |
1.1_2
17 Jun 2014 08:12:08
|
flo |
Document asterisk vulnerabilities |
1.1_2
14 Jun 2014 12:16:57
|
kwm |
Document dbus local dos
MFH: 2014Q2 |
1.1_2
11 Jun 2014 08:06:47
|
rene |
Document new vulnerabilities in www/chromium < 35.0.1916.153
Submitted by: Carlos Jacobo Puga Medina <cpm@fbsd.es>
Obtained from: http://www.googlechromereleases.blogspot.nl/
MFH: 2014Q2 |
1.1_2
10 Jun 2014 20:12:13
|
beat |
Document mozilla vulnerabilities |
1.1_2
05 Jun 2014 12:34:21
|
delphij |
Document OpenSSL multiple vulnerabilities. |
1.1_2
04 Jun 2014 20:15:03
|
mandree |
Fix extraneous <vuxml> open tag on line 88. |
1.1_2
04 Jun 2014 19:07:17
|
wxs |
Fix build. |
1.1_2
04 Jun 2014 18:50:52
|
cy |
Document gnutls CVE-2014-3466 to prevent memory corruption due to server
hello parsing.
Security: CVE-2014-3466 |
1.1_2
03 Jun 2014 19:42:40
|
zi |
- Document vulnerability in security/gnutls3 (CVE-2014-3466) |
1.1_2
29 May 2014 15:27:37
|
feld |
Fixing range of affected versions of mumble 1.2.4 to cover all portrevisions |
1.1_2
29 May 2014 15:24:55
|
miwi |
- Fix formating |
1.1_2
29 May 2014 15:13:25
|
feld |
audio/mumble vulnerabilities
My first foray into this dark, scary vuxml dungeon. |
1.1_2
29 May 2014 09:22:29
|
rea |
VuXML: cancel Exim's CVE-2014-2957
Current port isn't built with DMARC support and has no knobs to enable it. |
1.1_2
28 May 2014 18:36:46
|
zi |
- Document exim vulnerability (CVE-2014-2957) |
1.1_2
26 May 2014 21:01:24
|
eadler |
Undo my poor merge conflict editing.
Reported by: rene, mat |
1.1_2
26 May 2014 20:36:27
|
eadler |
Report the latest flash security issue |
1.1_2
24 May 2014 14:28:28
|
kwm |
Document a bunch of openjpeg vulnabilities.
MFH: 2014Q2 |
1.1_2
20 May 2014 20:36:40
|
rene |
Document new vulnerabilities in www/chromium < 35.0.1916.114
Obtained from: http://googlechromereleases.blogspot.nl/
MFH: 2014Q2 |
1.1_2
17 May 2014 17:58:39
|
zi |
- Add STAGE support
- Add LICENSE
- Cleanup plist-related clever
- Pacify portlint(1)
- Bump PORTREVISION
With hat: ports-secteam |
1.1_1
14 May 2014 10:38:06
|
rene |
Describe new vulnerabilities in www/chromium < 34.0.1847.137
Obtained from: http://googlechromereleases.blogspot.nl/
MFH: 2014Q2 |
1.1_1
13 May 2014 16:31:18
|
kwm |
Record libXfont X Font Service Protocol and Font metadata file handling issues
MFH: 2014Q2 |
1.1_1
13 May 2014 02:07:07
|
knu |
Document CVE-2013-2877 which affects textproc/libxml2. |
1.1_1
13 May 2014 01:59:37
|
knu |
Summary: Oops, the current version is affected, hence <le/> instead of <lt/>. |
1.1_1
13 May 2014 01:55:46
|
knu |
Summary: Fix a typo copied from the original report. |
1.1_1
13 May 2014 01:49:52
|
knu |
Document CVE-2014-0191 which affects textproc/libxml2. |
1.1_1
06 May 2014 07:53:32
|
dinoex |
Document OpenSSL vulnerability
Security: CVE-2014-0198 |
1.1_1
05 May 2014 21:09:44
|
rakuco |
Document qt4-xml vulnerability (CVE-2013-4549). |
1.1_1
04 May 2014 12:43:28
|
zi |
- Document strongSwan vulnerability (CVE-2014-2338)
- Add additional reminder to document port variants |
1.1_1
30 Apr 2014 17:51:30
|
ohauer |
- fix some entries so they are really detected
by old and new pkg audit tools
Approved by: portmgr (bdrewery) |
1.1_1
30 Apr 2014 07:54:12
|
culot |
- Document vulnerabilities in www/mohawk
PR: ports/189082
Submitted by: mohawk <mohawk@bsdsx.fr> |
1.1_1
30 Apr 2014 06:42:34
|
rene |
Document new vulnerabilities in www/chromium < 34.0.1847.132
Obtained from: http://googlechromereleases.blogspot.nl/ |
1.1_1
29 Apr 2014 17:00:46
|
beat |
Document mozilla vulnerabilities |
1.1_1
24 Apr 2014 15:54:50
|
lwhsu |
Add back pakcage ranges for people have ancient packages
Notified by: mat |
1.1_1
23 Apr 2014 13:36:36
|
lwhsu |
Fix Django package names
Submitted by: mat |
1.1_1
23 Apr 2014 13:10:30
|
lwhsu |
Document Django 2014-04-21 vulnerabilty |
1.1_1
23 Apr 2014 01:55:54
|
bdrewery |
- This is not really a quote, I summarized it myself. |
1.1_1
23 Apr 2014 01:54:44
|
bdrewery |
- Document OpenSSL CVE-2010-5298 |
1.1_1
18 Apr 2014 14:56:43
|
ohauer |
- fix entries so issues for bugzilla40/42 are detected
first version found only bugzilla44 issues (tested with pkg audit) |
1.1_1
18 Apr 2014 14:20:15
|
ohauer |
- document bugzilla issues
CVE-2014-1517 is fixed in bugzilla-4.4.3
therefore use two vuxml entries. |
1.1_1
15 Apr 2014 20:21:44
|
swills |
- Add multiple missing entries
PR: ports/188512
Submitted by: Pawel Biernacki <pawel.biernacki@gmail.com> |
1.1_1
13 Apr 2014 12:45:24
|
rene |
Fix typo.
Submitted by: matthew@ |
1.1_1
13 Apr 2014 12:17:20
|
rene |
Mention a vulnerability in japanese/chasen* which exists since 2011-11-08
Obtained from: http://jvn.jp/en/jp/JVN16901583/index.html |
1.1_1
11 Apr 2014 21:41:43
|
zi |
- Correct version ranges for
7ccd4def-c1be-11e3-9d09-000c2980a9f3/5631ae98-be9e-11e3-b5e3-c80aa9043978
Reported by: Tim Zingelman <tez@netbsd.org> |
1.1_1
11 Apr 2014 21:33:41
|
zi |
- Move CVE-2014-0076 to its own entry+add FreeBSD system information as the
affected list does not 100% line up with the vulnerability described in
CVE-2014-0160/5631ae98-be9e-11e3-b5e3-c80aa9043978 |
1.1_1
11 Apr 2014 21:11:17
|
zi |
- Note FreeBSD system vulnerability information for
5631ae98-be9e-11e3-b5e3-c80aa9043978 |
1.1_1
10 Apr 2014 23:58:48
|
bdrewery |
- Mark linux-f10-openssl vulnerabilities
Reported by: frogs on freenode |
1.1_1
09 Apr 2014 14:37:43
|
zi |
- Document recent vulnerability in net/openafs (CVE-2014-0159) |
1.1_1
08 Apr 2014 19:14:35
|
rene |
Document new vulnerabilities in www/chromium < 34.0.1847.116
Obtained from: http://googlechromereleases.blogspot.nl/
MFH: 2014Q2 |
1.1_1
08 Apr 2014 13:40:19
|
knu |
Add mingw32-openssl. |
As an Amazon Associate I earn from qualifying purchases.
