notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)

/commits.php is going away

I'm proposing to take /commits.php away - it mainly duplicates the home page. Details in this GitHub issue.
Port details
vuxml Vulnerability and eXposure Markup Language DTD
1.1_5 security on this many watch lists=30 search for ports that depend on this port Find issues related to this port Report an issue related to this port View this port on Repology. pkg-fallout 1.1_5Version of this port present on the latest quarterly branch.
Maintainer: ports-secteam@FreeBSD.org search for ports maintained by this maintainer
Port Added: 2004-02-12 14:24:23
Last Update: 2021-10-27 15:48:14
Commit Hash: 653d4d2
People watching this port, also watch:: gnupg, libxml2, curl, nmap, zip
Also Listed In: textproc
License: BSD2CLAUSE
Description:
SVNWeb : git
pkg-plist: as obtained via: make generate-plist
Expand this list (13 items)
Collapse this list.
  1. /usr/local/share/licenses/vuxml-1.1_5/catalog.mk
  2. /usr/local/share/licenses/vuxml-1.1_5/LICENSE
  3. /usr/local/share/licenses/vuxml-1.1_5/BSD2CLAUSE
  4. @xmlcatmgr share/xml/dtd/vuxml/catalog
  5. @xmlcatmgr share/xml/dtd/vuxml/catalog.xml
  6. share/xml/dtd/vuxml/vuxml-10.dtd
  7. share/xml/dtd/vuxml/vuxml-11.dtd
  8. share/xml/dtd/vuxml/vuxml-model-10.mod
  9. share/xml/dtd/vuxml/vuxml-model-11.mod
  10. share/xml/dtd/vuxml/xml1.dcl
  11. @owner
  12. @group
  13. @mode
Collapse this list.
Dependency lines:
  • vuxml>0:security/vuxml
To install the port:
cd /usr/ports/security/vuxml/ && make install clean
To add the package, run one of these commands:
  • pkg install security/vuxml
  • pkg install vuxml
PKGNAME: vuxml
Flavors: there is no flavor information for this port.
distinfo:
Packages (timestamps in pop-ups are UTC):
vuxml
ABIlatestquarterly
FreeBSD:11:aarch641.1_31.1_4
FreeBSD:11:amd641.1_51.1_5
FreeBSD:11:armv61.1_21.1_4
FreeBSD:11:i3861.1_51.1_5
FreeBSD:11:mips--
FreeBSD:11:mips641.1_31.1_4
FreeBSD:12:aarch641.1_31.1_5
FreeBSD:12:amd641.1_51.1_5
FreeBSD:12:armv61.1_31.1_4
FreeBSD:12:armv71.1_31.1_4
FreeBSD:12:i3861.1_51.1_5
FreeBSD:12:mips--
FreeBSD:12:mips641.1_31.1_4
FreeBSD:12:powerpc64-1.1_5
FreeBSD:13:aarch641.1_51.1_5
FreeBSD:13:amd641.1_51.1_5
FreeBSD:13:armv61.1_51.1_5
FreeBSD:13:armv71.1_51.1_5
FreeBSD:13:i3861.1_51.1_5
FreeBSD:13:mips--
FreeBSD:13:mips64--
FreeBSD:13:powerpc641.1_51.1_5
FreeBSD:14:aarch641.1_5-
FreeBSD:14:amd641.1_5-
FreeBSD:14:armv61.1_5-
FreeBSD:14:armv71.1_5-
FreeBSD:14:i3861.1_5-
FreeBSD:14:mips--
FreeBSD:14:mips64--
FreeBSD:14:powerpc641.1_5-
 

Dependencies
NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
Runtime dependencies:
  1. xmlcatmgr : textproc/xmlcatmgr
  2. xsltproc : textproc/libxslt
  3. VERSION : textproc/xhtml-modularization
  4. xhtml-basic10.dtd : textproc/xhtml-basic
  5. python3.8 : lang/python38
There are no ports dependent upon this port

Configuration Options:
Options name:

USES:

FreshPorts was unable to extract/find any pkg message
Master Sites:
Expand this list (1 items)
Collapse this list.
  1. http://www.vuxml.org/dtd/vuxml-1/
Collapse this list.

Number of commits found: 6453 (showing only 100 on this page)

[First Page]  «  1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11  »  [Last Page]

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
22 Jan 2021 09:33:28
Original commit files touched by this commit Revision:562282  1.1_5
jhale search for other commits by this committer
Document CVE-2020-15983 for games/chocolate-doom and games/crispy-doom
22 Jan 2021 00:22:44
Original commit files touched by this commit Revision:562266  1.1_5
mfechner search for other commits by this committer
Made clear how to test now entries against the newly formatted file.
22 Jan 2021 00:13:43
Original commit files touched by this commit Revision:562265  1.1_5
gjb search for other commits by this committer
Fix build.

Yes, please do FIXME.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
22 Jan 2021 00:09:24
Original commit files touched by this commit Revision:562264  1.1_5
mfechner search for other commits by this committer
Added security vulnerability for rubygem-nokogiri.
21 Jan 2021 13:19:10
Original commit files touched by this commit Revision:562204  1.1_5
bapt search for other commits by this committer
Split vuln.xml file [2/2]

The vuln.xml file has grown a lot since 2003. To avoid having to unlock
the svn size limitation, the file is now split into 1 file per year up
to the current year + previous one. The split is made based on the date
when the entry has been added.

In order to achieve the split without breaking any consumer we use a standard
XML mechanism via the definition of entities.

While here add a new target make vuln-flat.xml which will expand the entities
in order to be able to regenerate a one uniq file if needed. This useful to for
example allow to test with pkg audit directly given the XML parser used in pkg
does not support custom entities.

The vuxml web site generator has been modified to ensure the vuln.xml file it
provides is the expanded version, so for consumers it is still only one single
file to download.
21 Jan 2021 13:18:50
Original commit files touched by this commit Revision:562203  1.1_5
bapt search for other commits by this committer
Split vuln.xml file [1/2]

The vuln.xml file has grown a lot since 2003. To avoid having to unlock
the svn size limitation, the file is now split into 1 file per year up
to the current year + previous one. The split is made based on the date
when the entry has been added.

In order to achieve the split without breaking any consumer we use a standard
XML mechanism via the definition of entities.

While here add a new target make vuln-flat.xml which will expand the entities
in order to be able to regenerate a one uniq file if needed. This useful to for
example allow to test with pkg audit directly given the XML parser used in pkg
does not support custom entities.

The vuxml web site generator has been modified to ensure the vuln.xml file it
provides is the expanded version, so for consumers it is still only one single
file to download.
20 Jan 2021 19:25:15
Original commit files touched by this commit Revision:562156  1.1_5
mandree search for other commits by this committer
dns/dnsmasq-devel: mark stale name vulnerable, too

dnsmasq-devel isn't currently in ports, but if someone never
switched to dnsmasq, we should also flag the older dnsmasq-devel
vulnerable.

Security:	5b5cf6e5-5b51-11eb-95ac-7f9491278677
20 Jan 2021 19:11:52
Original commit files touched by this commit Revision:562153  1.1_5
mandree search for other commits by this committer
dns/dnsmasq < 2.83 vulnerabilities (buffer overflow, DNS cache poisoning)

Security:	5b5cf6e5-5b51-11eb-95ac-7f9491278677
Security:	CVE-2020-25684
Security:	CVE-2020-25685
Security:	CVE-2020-25686
Security:	CVE-2020-25681
Security:	CVE-2020-25682
Security:	CVE-2020-25683
Security:	CVE-2020-25687
20 Jan 2021 00:25:53
Original commit files touched by this commit Revision:562103  1.1_5
dmgk search for other commits by this committer
security/vuxml: Document lang/go vulnerabilities
19 Jan 2021 21:12:19
Original commit files touched by this commit Revision:562089  1.1_5
jrm search for other commits by this committer
security/vuxml: Fix range of affected cloud-init versions
19 Jan 2021 20:47:00
Original commit files touched by this commit Revision:562084  1.1_5
jrm search for other commits by this committer
security/vuxml: Document vulnerability in cloud-init version 20.4

https://bugs.launchpad.net/cloud-init/+bug/1911680

Reported by:	Mina Galic <me@igalic.co>
18 Jan 2021 08:21:27
Original commit files touched by this commit Revision:561901  1.1_5
lwhsu search for other commits by this committer
Document CVE-2020-25074 and CVE-2020-15275 for www/moinmoin
17 Jan 2021 22:23:34
Original commit files touched by this commit Revision:561880  1.1_5
0mp search for other commits by this committer
Document ghostscript9-agpl-base vulnerability committed in r544907

PR:		248580
Requested by:	joneum (ports-secteam)
Reported by:	VVD <vvd@unislabs.com>
MFH:		2021Q1
Security:	CVE-2020-15900
14 Jan 2021 20:37:35
Original commit files touched by this commit Revision:561590  1.1_5
bhughes search for other commits by this committer
security/vuxml: document Node.js January 2021 Security Releases

https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/

Sponsored by:	Miles AS
14 Jan 2021 12:03:01
Original commit files touched by this commit Revision:561551  1.1_5
mfechner search for other commits by this committer
Document gitlab vulnerability.
14 Jan 2021 07:30:32
Original commit files touched by this commit Revision:561541  1.1_5
riggs search for other commits by this committer
Document integer overflow in wavpack (CVE-2020-35738).
13 Jan 2021 17:32:00
Original commit files touched by this commit Revision:561491  1.1_5
lwhsu search for other commits by this committer
Document Jenkins Security Advisory 2021-01-13

Sponsored by:	The FreeBSD Foundation
12 Jan 2021 21:20:08
Original commit files touched by this commit Revision:561382  1.1_5
flo search for other commits by this committer
Document phpmyfaq vulnerability
12 Jan 2021 04:27:21
Original commit files touched by this commit Revision:561298  1.1_5
cy search for other commits by this committer
Document sudo CVE-2021-23239.
10 Jan 2021 08:26:39
Original commit files touched by this commit Revision:561020  1.1_5
sunpoet search for other commits by this committer
Document cairosvg vulnerability
09 Jan 2021 20:06:20
Original commit files touched by this commit Revision:560889  1.1_5
mfechner search for other commits by this committer
Document gitlab vulnerabilities.
07 Jan 2021 15:09:22
Original commit files touched by this commit Revision:560715  1.1_5
rene search for other commits by this committer
Document new vulnerabilities in www/chromium < 87.0.4280.141

Obtained
from:	https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop.html
06 Jan 2021 14:11:35
Original commit files touched by this commit Revision:560521  1.1_5
pi search for other commits by this committer
security/vuxml: add dovecot CVE-2020-24386

PR:		252415
Submitted by:	Evilham <contact@evilham.com>
Relnotes:	https://dovecot.org/pipermail/dovecot-news/2021-January/000448.html
01 Jan 2021 16:05:45
Original commit files touched by this commit Revision:559841  1.1_5
adamw search for other commits by this committer
security/vuxml: Add entry for gitea < 1.13.1

PR:		252310
Submitted by:	maintainer
01 Jan 2021 04:31:37
Original commit files touched by this commit Revision:559800  1.1_5
jrm search for other commits by this committer
Document inspircd vulnerabilitiy

PR:		252291
Reported by:	Sadie Powell <sadie@witchery.services>
28 Dec 2020 13:15:58
Original commit files touched by this commit Revision:559468  1.1_5
riggs search for other commits by this committer
Document CVE-2020-0543 for Intel CPUs.

PR:		247197
Submitted by:	spam123@bitbert.com
22 Dec 2020 22:44:24
Original commit files touched by this commit Revision:558949  1.1_5
madpilot search for other commits by this committer
Document new asterisk vulnerabilities.
22 Dec 2020 14:16:44
Original commit files touched by this commit Revision:558911  1.1_5
otis search for other commits by this committer
Document vulns for powerdns and postsrsd

Reviewed by:	osa (mentor)
Approved by:	osa (mentor)
Differential Revision:	https://reviews.freebsd.org/D27706
19 Dec 2020 13:16:16
Original commit files touched by this commit Revision:558451  1.1_5
riggs search for other commits by this committer
Correct entries for mantis and libX11 (missing PORTEPOCH in package string).

PR:		251168
Submitted by:	zab@zltech.eu
17 Dec 2020 21:09:37
Original commit files touched by this commit Revision:558329  1.1_5
swills search for other commits by this committer
Document vault issue
15 Dec 2020 01:32:04
Original commit files touched by this commit Revision:558123  1.1_5
philip search for other commits by this committer
security/vuxml: Note FreeBSD 11.4 fix for CVE-2020-1971
13 Dec 2020 14:49:08
Original commit files touched by this commit Revision:557986  1.1_5
sunpoet search for other commits by this committer
Document jasper vulnerability
13 Dec 2020 00:28:14
Original commit files touched by this commit Revision:557876  1.1_5
dbaio search for other commits by this committer
security/vuxml: Document net-im/py-matrix-synapse issue

PR:		251768
Submitted by:	contact@evilham.com
Security:	CVE-2020-26257
12 Dec 2020 18:37:13
Original commit files touched by this commit Revision:557848  1.1_5
brnrd search for other commits by this committer
security/vuxml: Document p11-kit vulnerabilities
12 Dec 2020 16:23:56
Original commit files touched by this commit Revision:557834  1.1_5
brnrd search for other commits by this committer
security/vuxml: Document Unbound/NSD vuln
12 Dec 2020 15:38:35
Original commit files touched by this commit Revision:557831  1.1_5
brnrd search for other commits by this committer
security/vuxml: Update LibreSSL vuln

 * for 2020Q4 branch which is on 3.1
11 Dec 2020 10:38:39
Original commit files touched by this commit Revision:557712  1.1_5
brnrd search for other commits by this committer
security/vuxml: Document LibreSSL vulnerability
11 Dec 2020 10:32:08
Original commit files touched by this commit Revision:557711  1.1_5
fluffy search for other commits by this committer
security/vuxml: add 19 CVE entries related to www/glpi

PR:		251754
Submitted by:	Mathias Monnerville
10 Dec 2020 09:59:00
Original commit files touched by this commit Revision:557424  1.1_5
philip search for other commits by this committer
security/vuxml: FreeBSD 11.4 is vulnerable to CVE-2020-1971

As noted in FreeBSD-SA-20:33.openssl, this vulnerability is also known
to affect OpenSSL versions included in FreeBSD 11.4.  However, the
OpenSSL project is only giving patches for that version to premium
support contract holders.  The FreeBSD project does not have access to
these patches and recommends FreeBSD 11.4 users to either upgrade to
FreeBSD 12.x or leverage up to date versions of OpenSSL in the ports/pkg
system. The FreeBSD Project may update this advisory to include FreeBSD
11.4 should patches become publicly available.
10 Dec 2020 06:02:22
Original commit files touched by this commit Revision:557415  1.1_5
philip search for other commits by this committer
security/vuxml: add FreeBSD SA to OpenSSL entry

Reference FreeBSD-SA-20:33.openssl and note the fixed patch releases in
the recent OpenSSL entry.
09 Dec 2020 10:36:09
Original commit files touched by this commit Revision:557361  1.1_5
brnrd search for other commits by this committer
security/vuxml: cURL vulnerabilities
08 Dec 2020 16:21:52
Original commit files touched by this commit Revision:557296  1.1_5
brnrd search for other commits by this committer
security/vuxml: Document OpenSSL NULL pointer dereference
07 Dec 2020 23:53:41
Original commit files touched by this commit Revision:557253  1.1_5
mfechner search for other commits by this committer
Document gitlab-ce vulnerabilities.
06 Dec 2020 22:01:12
Original commit files touched by this commit Revision:557178  1.1_5
swills search for other commits by this committer
Document consul issue

PR:		251418
Submitted by:	brd
05 Dec 2020 11:43:31
Original commit files touched by this commit Revision:557050  1.1_5
rene search for other commits by this committer
Document new vulnerabilities in www/chromium < 87.0.4280.88
04 Dec 2020 17:26:41
Original commit files touched by this commit Revision:556994  1.1_5
zi search for other commits by this committer
- Unbreak build after previous commit
04 Dec 2020 16:56:32
Original commit files touched by this commit Revision:556988  1.1_5
adamw search for other commits by this committer
security/vuxml: Add entry for gitea < 1.13.0

PR:		251577
Submitted by:	maintainer
02 Dec 2020 10:03:15
Original commit files touched by this commit Revision:556810  1.1_5
philip search for other commits by this committer
security/vuxml: add FreeBSD SA-20:32.rtsold
02 Dec 2020 10:03:10
Original commit files touched by this commit Revision:556809  1.1_5
philip search for other commits by this committer
security/vuxml: add FreeBSD SA-20:31.icmp6
01 Dec 2020 19:37:28
Original commit files touched by this commit Revision:556787  1.1_5
zeising search for other commits by this committer
vuxml: document xorg-server vulnerabilities

Document new vulnerabilities in xorg-server and sub ports:
CVE-2020-14360 and CVE-2020-25712

These issues can lead to privileges elevations for authorized clients
on systems where the X server is running privileged.
27 Nov 2020 00:34:50
Original commit files touched by this commit Revision:556424  1.1_5
brd search for other commits by this committer
vuxml: Add entry for nomad < 0.12.6
22 Nov 2020 15:48:55
Original commit files touched by this commit Revision:556059  1.1_5
adamw search for other commits by this committer
vuxml: Add entry for gitea < 1.12.6
21 Nov 2020 22:14:16
Original commit files touched by this commit Revision:556019  1.1_5
bhughes search for other commits by this committer
security/vuxml: document Node.js November 2020 Security Releases

https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/

Sponsored by:	Miles AS
21 Nov 2020 14:41:33
Original commit files touched by this commit Revision:555985  1.1_5
riggs search for other commits by this committer
Document CVE-2020-28896 for mutt 2.0.2.

PR:		251278
Submitted by:	dereks@lifeofadishwasher.com
Security:	CVE-2020-28896
16 Nov 2020 11:13:15
Original commit files touched by this commit Revision:555466  1.1_5
fluffy search for other commits by this committer
VuXML: document mozjpeg and libjpeg-turbo recent vulnerabilities

PR:		250190
Submitted by:	daniel.engberg.lists@pyret.net
14 Nov 2020 21:02:17
Original commit files touched by this commit Revision:555145  1.1_5
pi search for other commits by this committer
security/vuxml: add entries for databases/mantis

PR:		251141
Submitted by:	Zoltan Alexanderson Besse <zab@zltech.eu>
12 Nov 2020 21:26:35
Original commit files touched by this commit Revision:554989  1.1_5
dmgk search for other commits by this committer
security/vuxml: Document lang/go vulnerabilities
12 Nov 2020 06:14:51
Original commit files touched by this commit Revision:554931  1.1_5
rhurlin search for other commits by this committer
security/vuxml: New entry for sysutils/py-salt vulnerabilities

There are three security vulnerabilities described for sysutils/py-salt
in version 3002[1]: CVE-2020-16846, CVE-2020-17490, and VE-2020-25592.

[1] https://docs.saltstack.com/en/latest/topics/releases/3002.1.html

It is planned to update the port sysutils/py-salt soon, see PR 251013

Reported by:	michael.glaus@hostpoint.ch (in PR 251013)
Approved by:	tcberner (mentor)
Differential Revision:	https://reviews.freebsd.org/D27189
10 Nov 2020 23:56:31
Original commit files touched by this commit Revision:554861  1.1_5
truckman search for other commits by this committer
Document vulnerability in editors/openoffice-4 < 4.1.8 and openoffice-devel

CVE-2020-13958 Unrestricted actions leads to arbitrary code execution
in crafted documents

A vulnerability in Apache OpenOffice scripting events allows an
attacker to construct documents containing hyperlinks pointing to
an executable on the target users file system. These hyperlinks can
be triggered unconditionally. In fixed versions no internal protocol
may be called from the document event handler and other hyperlinks
require a control-click.

<https://www.openoffice.org/security/cves/CVE-2020-13958.html>
09 Nov 2020 17:08:12
Original commit files touched by this commit Revision:554733  1.1_5
tcberner search for other commits by this committer
Prefer graphics/ligvrsvg2-rust over graphics/librsvg2

- switch to the more modern version of librsvg2 on architectures
  supporting rust
- this will fix some graphical issues on these architectures

PR:		250276
Exp-run by:	antoine
Submitted by:	tobik
Differential Revision:	https://reviews.freebsd.org/D18878
09 Nov 2020 14:05:41
Original commit files touched by this commit Revision:554724  1.1_4
lwhsu search for other commits by this committer
Fix CVE name for 07c7ae7a-224b-11eb-aa6e-e0d55e2a8bf9

Sponsored by:	The FreeBSD Foundation
09 Nov 2020 05:28:06
Original commit files touched by this commit Revision:554670  1.1_4
tcberner search for other commits by this committer
Document vulnerability in textproc/raptor2

From [1], [2], [3]:
raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF
Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML
writer, leading to heap-based buffer overflows (sometimes seen in
raptor_qname_format_as_xml).

[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18926
[2] https://www.debian.org/security/2020/dsa-4785
[3] https://www.openwall.com/lists/oss-security/2017/06/07/1

PR:		250971
Security:	CVE-2017-18926
08 Nov 2020 12:47:38
Original commit files touched by this commit Revision:554452  1.1_4
dbaio search for other commits by this committer
security/vuxml: Document www/py-notebook issue

Fix open redirect vulnerability GHSA-c7vm-f5p4-8fqh (CVE to be assigned).
07 Nov 2020 17:40:34
Original commit files touched by this commit Revision:554412  1.1_4
brnrd search for other commits by this committer
security/vuxml: Document addl. MariaDB vulns
05 Nov 2020 22:38:13
Original commit files touched by this commit Revision:554163  1.1_4
madpilot search for other commits by this committer
Document asterisk vulnerabilities.
03 Nov 2020 19:50:03
Original commit files touched by this commit Revision:554018  1.1_4
rene search for other commits by this committer
Document new vulnerabilities in www/chromium < 86.0.4240.183

Obtained
from:	https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop.html
02 Nov 2020 20:23:35
Original commit files touched by this commit Revision:553926  1.1_4
mfechner search for other commits by this committer
Document gitlab vulnerabilities.
02 Nov 2020 19:07:13
Original commit files touched by this commit Revision:553925  1.1_4
joneum search for other commits by this committer
Add entry for wordpress

Sponsored by:	Netzkommune GmbH
31 Oct 2020 21:26:52
Original commit files touched by this commit Revision:553795  1.1_4
timur search for other commits by this committer
Add an entry about recent Samba vulnerabilities

Security:	CVE-2020-14318
		CVE-2020-14323
		CVE-2020-14383
31 Oct 2020 02:38:09
Original commit files touched by this commit Revision:553726  1.1_4
fluffy search for other commits by this committer
security/vuxml: Document stack overflow in tmux

PR:		250737
28 Oct 2020 10:25:25
Original commit files touched by this commit Revision:553531  1.1_4
fernape search for other commits by this committer
security/vuxml: Add entry for multimedia/motion

Follow up commit for 553525.

For some reason, "Use MHD function for url decoding" actually means fixing
CVE-2020-26566

PR:	250660
22 Oct 2020 08:38:22
Original commit files touched by this commit Revision:552950  1.1_4
tcberner search for other commits by this committer
print/freetype2: document vulnerability

PR:		250375
Security:	CVE-2020-15999
21 Oct 2020 17:32:05
Original commit files touched by this commit Revision:552875  1.1_4
brnrd search for other commits by this committer
security/vuxml: Document 2020Q4 MySQL vulnerabilities
21 Oct 2020 08:22:19
Original commit files touched by this commit Revision:552856  1.1_4
rene search for other commits by this committer
Document new vulnerabilities in www/chromium < 86.0.4240.111

Obtained
from:	https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop_20.html
19 Oct 2020 09:24:05
Original commit files touched by this commit Revision:552725  1.1_4
dch search for other commits by this committer
security/vuxml: add powerdns-recursor

PR:		250318
Submitted by:	Ralf van der Enden <tremere@cainites.net>
Reported by:	michael.glaus@hostpoint.ch
Sponsored by:	SkunkWerks, GmbH
18 Oct 2020 15:38:26
Original commit files touched by this commit Revision:552671  1.1_4
brnrd search for other commits by this committer
security/vuxml: Document MariaDB vulnerabilities
17 Oct 2020 14:17:23
Original commit files touched by this commit Revision:552577  1.1_4
dbaio search for other commits by this committer
security/vuxml: Update entry date for the last issue added (r552574)
17 Oct 2020 13:50:26
Original commit files touched by this commit Revision:552574  1.1_4
dbaio search for other commits by this committer
security/vuxml: Document net-im/py-matrix-synapse issue

PR:		249948
Submitted by:	Sascha Biberhofer <ports@skyforge.at>
Security:	CVE-2020-26891
17 Oct 2020 13:08:24
Original commit files touched by this commit Revision:552566  1.1_4
joneum search for other commits by this committer
Add entry for drupal7

Sponsored by:	Netzkommune GmbH
13 Oct 2020 22:35:45
Original commit files touched by this commit Revision:552291  1.1_4
jkim search for other commits by this committer
Document the latest Flash Player vulnerability.

https://helpx.adobe.com/security/products/flash-player/apsb20-58.html
10 Oct 2020 18:01:51
Original commit files touched by this commit Revision:552013  1.1_4
sunpoet search for other commits by this committer
Document rails vulnerability
09 Oct 2020 05:32:21
Original commit files touched by this commit Revision:551745  1.1_4
pi search for other commits by this committer
security/vuxml: add CVEs for www/payara

- CVE-2020-6950 Eclipse Mojarra vulnerable to path trasversal flaw
  via either loc/con parameters
- CVE-2019-12086 A Polymorphic Typing issue was discovered in
  FasterXML jackson-databind 2.x before 2.9.9
- some more

PR:		250207
Submitted by:	Dmytro Bilokha <dmytro@posteo.net>
07 Oct 2020 21:21:58
Original commit files touched by this commit Revision:551666  1.1_4
leres search for other commits by this committer
security/vuxml: Mark zeek < 3.0.11 as vulnerable as per:

    https://github.com/zeek/zeek/releases/tag/v3.0.11

A memory leak in multipart MIME code has potential for remote
exploitation and cause for Denial of Service via resource exhaustion.

While we're here fix missing cite for "zeek < 3.0.10" entry.
07 Oct 2020 10:53:24
Original commit files touched by this commit Revision:551629  1.1_4
rene search for other commits by this committer
Document new vulnerabilities in www/chromium < 86.0.4240.75

Obtained
from:	https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop.html
05 Oct 2020 17:25:55
Original commit files touched by this commit Revision:551528  1.1_4
sunpoet search for other commits by this committer
Document libexif vulnerability
04 Oct 2020 06:03:48
Original commit files touched by this commit Revision:551355  1.1_4
tcberner search for other commits by this committer
vuxml: fix version check in r551354
04 Oct 2020 05:49:10
Original commit files touched by this commit Revision:551354  1.1_4
tcberner search for other commits by this committer
vuxml: document deskutils/kdeconnect-kde vulnerability

KDE Project Security Advisory
=============================

Title:           KDE Connect: packet manipulation can be exploited in a Denial
of Service attack
Risk Rating:     Important
CVE:             CVE-2020-26164
Versions:        kdeconnect <= 20.08.1
Author:          Albert Vaca Cintora <albertvaka@gmail.com>
Date:            2 October 2020

Overview
========
(Only the first 15 lines of the commit message are shown above View all of this commit message)
03 Oct 2020 17:21:33
Original commit files touched by this commit Revision:551333  1.1_4
tcberner search for other commits by this committer
vuxml: document vulnerability in devel/upnp

Security:	CVE-2020-13848
02 Oct 2020 07:30:37
Original commit files touched by this commit Revision:550914  1.1_4
mfechner search for other commits by this committer
Document gitlab vulnerabilities.
30 Sep 2020 20:29:18
Original commit files touched by this commit Revision:550746  1.1_4
thierry search for other commits by this committer
Add recent tt-rss issues.

PR:		249472
Submitted by:	Derek Schrock (tt-rss's maintainer)
MFC after:	1 day
Security:	https://community.tt-rss.org/t/heads-up-several-vulnerabilities-fixed/3799
28 Sep 2020 11:23:28
Original commit files touched by this commit Revision:550420  1.1_4
pi search for other commits by this committer
security/vuxml: Add CVE-2020-1945: Apache Ant insecure temporary file
vulnerability

PR:		248098
Submitted by:	mikael
28 Sep 2020 09:42:55
Original commit files touched by this commit Revision:550413  1.1_4
pi search for other commits by this committer
security/vuxml: add entry dns/powerdns below 4.3.1

- CVE-2020-17482

PR:		249560
Submitted by:	Ralf van der Enden <tremere@cainites.net>
Relnotes:	https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2020-05.html
26 Sep 2020 13:10:26
Original commit files touched by this commit Revision:550181  1.1_4
zeising search for other commits by this committer
vuxml: Update pango entry for CVE-2019-1010238

Update the pango entry for CVE-2019-1010238.
Since the fix to pango wasn't applied properly the first time around, the
pango version with the fix needed to be bumpt in the vuxml entry.
22 Sep 2020 19:00:08
Original commit files touched by this commit Revision:549622  1.1_4
rene search for other commits by this committer
Document new vulnerabilities in www/chromium < 85.0.4183.121

Obtained
from:	https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop_21.html
22 Sep 2020 17:23:51
Original commit files touched by this commit Revision:549611  1.1_4
tcberner search for other commits by this committer
security/vuxml: document libxml2 vulnerabilities

PR:		249386
21 Sep 2020 21:07:57
Original commit files touched by this commit Revision:549530  1.1_4
dbaio search for other commits by this committer
security/vuxml: Document net-im/py-matrix-synapse issue

PR:		249375
Submitted by:	Denis Kasak <dkasak@termina.org.uk>
Submitted by:	Sascha Biberhofer <ports@skyforge.at> (earlier version)
20 Sep 2020 11:36:50
Original commit files touched by this commit Revision:549092  1.1_4
fluffy search for other commits by this committer
- Document python35 multiple vulnerabilities

PR:		249187
20 Sep 2020 00:36:02
Original commit files touched by this commit Revision:549077  1.1_4
timur search for other commits by this committer
Add an entry about CVE-2020-1472 - Unauthenticated domain takeover via netlogon
("ZeroLogon")

Security:	CVE-2020-1472
19 Sep 2020 12:22:27
Original commit files touched by this commit Revision:548968  1.1_4
brnrd search for other commits by this committer
security/vuxml: Document Nextcloud 19.0.1 vuln
18 Sep 2020 09:26:23
Original commit files touched by this commit Revision:548878  1.1_4
mandree search for other commits by this committer
www/webkit2-gtk3: Multiple Vulnerabilities (vuxml entry)

PR:		247892
Submitted by:	rob2g2 <spam123@bitbert.com>
Security:	CVE-2020-9802
Security:	CVE-2020-9803
Security:	CVE-2020-9805
Security:	CVE-2020-9806
Security:	CVE-2020-9807
Security:	CVE-2020-9843
Security:	CVE-2020-9850
Security:	CVE-2020-13753

Number of commits found: 6453 (showing only 100 on this page)

[First Page]  «  1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11  »  [Last Page]