Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
Commit | Credits | Log message |
1.1_1 24 Oct 2008 16:56:30 |
miwi |
- Fix libxine entry |
1.1_1 22 Oct 2008 21:02:51 |
stas |
- Whitespace fix in last entry. |
1.1_1 22 Oct 2008 20:55:59 |
delphij |
Document drupal multiple vulnerabilities.
Submitted by: Nick Hilliard <nick foobar org> |
1.1_1 22 Oct 2008 20:02:12 |
delphij |
Newer version of wordpress-mu has resolved the security vulnerability,
I have verified the code with respect to older release and to wordpress
changeset.
Reviewed by: stas |
1.1_1 20 Oct 2008 16:19:08 |
mezz |
The libxml2-2.6.32_1 now have two security fixed. If I edit it incorrect,
please fix it for me. |
1.1_1 19 Oct 2008 13:21:12 |
nobutaka |
Document libxine denial of service vulnerability. |
1.1_1 18 Oct 2008 12:52:11 |
miwi |
- Fix formating from previous entry |
1.1_1 18 Oct 2008 02:15:23 |
tabthorpe |
- Fix previous commit |
1.1_1 17 Oct 2008 22:31:17 |
tabthorpe |
- Document linux-flashplugin -- multiple vulnerabilities
Reviewed by: stas |
1.1_1 15 Oct 2008 09:19:59 |
delphij |
Document libxml2 vulnerabilities. |
1.1_1 12 Oct 2008 16:49:39 |
miwi |
- Fix a small typo |
1.1_1 12 Oct 2008 16:37:10 |
miwi |
- Document drupal -- multiple vulnerabilities |
1.1_1 10 Oct 2008 22:40:01 |
delphij |
Document cups multiple vulnerabilities. |
1.1_1 10 Oct 2008 18:58:32 |
ale |
Update mysql entries. |
1.1_1 10 Oct 2008 10:00:19 |
miwi |
- Fix formating and remove whitespaces from previous commit. |
1.1_1 10 Oct 2008 09:41:09 |
itetcu |
Add two www/opera vulnarabilities which affect versions <9.60.20081004
PR: ports/127941
Submitted by: Arjan van Leeuwen (opera maintainer) |
1.1_1 02 Oct 2008 22:37:27 |
stas |
- Capitalize "Secunia" word in all entries.
Reviewed by: tabthorpe |
1.1_1 01 Oct 2008 21:31:33 |
stas |
- Mplayer vulnerability has been fixed in 0.99.11_7. |
1.1_1 30 Sep 2008 20:46:02 |
stas |
- Document mysql-client input validation vulnerability. |
1.1_1 30 Sep 2008 20:13:08 |
stas |
- Document mplayer integer overflows. |
1.1_1 29 Sep 2008 22:56:48 |
simon |
Bump copyright year. |
1.1_1 29 Sep 2008 22:45:46 |
simon |
Really fix firefox 3 part of the latest mozilla entry. Now it doesn't
match fixed firefox 2 versions.
Cluebat: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
Pointyhat: simon (for too quick review of last update) |
1.1_1 29 Sep 2008 11:46:06 |
miwi |
- Fix bad firefox3 specification
PR: 127712
Reported by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
Reviewed by: simon |
1.1_1 27 Sep 2008 23:48:48 |
mnag |
lighttpd -- multiple vulnerabilities |
1.1_1 26 Sep 2008 23:07:17 |
miwi |
- Fix last thunderbird entrys
- Bump modified date |
1.1_1 26 Sep 2008 21:43:26 |
miwi |
- Cleanup previous entry. |
1.1_1 26 Sep 2008 21:38:31 |
brix |
Add irc/bitlbee entry. |
1.1_1 26 Sep 2008 21:10:18 |
simon |
- Update samba entries so they don't match upcomming Samba 3.2 which
doesn't have PORTEPOCH in the version number.
- Bump modified date for all updated entries.
Requested by: timur |
1.1_1 24 Sep 2008 14:59:54 |
miwi |
- Fix firefox version
Reported by: bsam@ |
1.1_1 24 Sep 2008 12:39:42 |
miwi |
- Fix a typo (s/reportss/reports)
Submitted by: tabthorpe/remko |
1.1_1 24 Sep 2008 12:09:44 |
miwi |
- Document mozilla -- multiple vulnerabilities |
1.1_1 23 Sep 2008 21:51:39 |
miwi |
- Mark ftp/proftpd as safe
- Add more references to the last phpMyAdmin entry |
1.1_1 23 Sep 2008 19:13:12 |
tabthorpe |
- Document squirrelmail -- Session hijacking vulnerability |
1.1_1 23 Sep 2008 10:07:44 |
miwi |
- Fix discovery from my previous commit |
1.1_1 23 Sep 2008 10:06:00 |
miwi |
- Document proftpd -- Long Command Processing Vulnerability |
1.1_1 23 Sep 2008 09:21:19 |
miwi |
- Document phpmyadmin -- cross-site scripting vulnerability |
1.1_1 19 Sep 2008 20:44:08 |
miwi |
- Document gallery -- multiple vulnerabilities
Approved by: portmgr (secteam blanked) |
1.1_1 17 Sep 2008 17:10:49 |
miwi |
- Replace phpmyadmin with phpMyAdmin to fix portaudit
Note:
portaudit does not flag phpmyadmin as vulnerable,
so we need to change it to the pkgname (phpMyAdmin).
Reported by: glarkin@
Reviewed by: simon
Discussion on: ports-security@
Approved by: portmgr (secteam blanked) |
1.1_1 17 Sep 2008 08:41:27 |
miwi |
- Document phpmyadmin -- Code execution vulnerability
Approved by: portmgr (secteam blanked) |
1.1_1 15 Sep 2008 09:07:31 |
miwi |
- Fix previous commit
Approved by: portmgr (secteam blanked) |
1.1_1 15 Sep 2008 02:03:18 |
glarkin |
- Mark www/twiki FORBIDDEN due to security exploit
Approved by: beech (mentor, implicit)
Approved by: portmgr (pav)
Security: http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2008-3195 |
1.1_1 12 Sep 2008 09:41:16 |
miwi |
- corrects the bid number from me previous commit
Approved by: portmgr (secteam blanked) |
1.1_1 12 Sep 2008 09:12:18 |
miwi |
- Document neon -- NULL pointer dereference in Digest domain support
Approved by: portmgr (secteam blanked) |
1.1_1 12 Sep 2008 04:31:17 |
delphij |
Document clamav CHM parser DoS issue.
Approved by: portmgr (vuxml blanket) |
1.1_1 11 Sep 2008 11:45:37 |
miwi |
- Document horde -- multiple vulnerabilities
Approved by: portmgr (secteam blanked) |
1.1_1 11 Sep 2008 07:52:32 |
miwi |
- Document python -- multiple vulnerabilities
Reviewed by: remko/tabthorpe
Approved by: portmgr (secteam blanked) |
1.1_1 10 Sep 2008 12:09:27 |
miwi |
- Mark www/wordpress and german/wordpress as safe
Approved by: portmgr (secteam approved: remko, blanket vuxml) |
1.1_1 10 Sep 2008 10:53:03 |
stas |
- Document wordpress, rails and mysql vulnerabilties.
Reviewed by: remko
Approved by: portmgr (secteam approved: remko, blanket vuxml) |
1.1_1 08 Sep 2008 22:33:54 |
brd |
Extend the Nagios entry to cover Nagios 3.x < 3.0.2. This covers the edge case
of `portupgrade -o net-mgmt/nagios-devel nagios'.
Approved by: portmgr (simon@ using secteam blanket) |
1.1_1 05 Sep 2008 16:44:26 |
remko |
Add FreeBSD-SA-08:09.icmp6 |
1.1_1 05 Sep 2008 16:39:02 |
remko |
Add FreeBSD-SA-08:08.nmount |
1.1_1 05 Sep 2008 16:34:12 |
remko |
Add FreeBSD-SA-08:07.amd64.
Hat: secteam |
1.1_1 04 Sep 2008 14:00:12 |
ale |
Update for php5 safe_mode fix. |
1.1_1 26 Aug 2008 19:34:35 |
simon |
Fix XML in openvpn-devel entry: – was used but as vuln.xml does
not import HTML named entities this is not allowed - use –
instead which produces the same end result. |
1.1_1 25 Aug 2008 22:12:34 |
miwi |
- Document opera -- multiple vulnerabilities |
1.1_1 21 Aug 2008 02:32:39 |
mnag |
gnutls -- "gnutls_handshake()" Denial of Service |
1.1_1 20 Aug 2008 23:37:41 |
delphij |
Use joomla15 as name for the vulnerability |
1.1_1 20 Aug 2008 23:33:52 |
delphij |
Document joomla flaw in the reset token validation |
1.1_1 19 Aug 2008 21:40:03 |
thierry |
Register a Buffer Overflow Vulnerability in CDF 3.2. |
1.1_1 18 Aug 2008 22:57:28 |
miwi |
- Clean up whitespace a bit
- Wrap long lines where appropriate
- Fix previous commit |
1.1_1 18 Aug 2008 22:38:23 |
miwi |
- Fix drupal5 version |
1.1_1 18 Aug 2008 22:29:41 |
miwi |
- Document drupal - multiple vulnerabilities |
1.1_1 16 Aug 2008 07:05:02 |
stas |
- Document recent ruby vulnerabilities. |
1.1_1 15 Aug 2008 19:34:25 |
miwi |
- fix make validate
Pointy hat to: skv |
1.1_1 15 Aug 2008 19:31:02 |
miwi |
- Fix previous commit. |
1.1_1 15 Aug 2008 16:26:01 |
skv |
Document bugzilla directory traversal vulnerability. |
1.1_1 10 Aug 2008 21:30:29 |
miwi |
- Document openvpn-devel -- arbitrary code execution
PR: 126352 (based on)
Submitted by: Matthias Andree <matthias.andree@gmx.de> |
1.1_1 04 Aug 2008 09:58:36 |
miwi |
- Fix kdewebdev conflict with upcommig kdewebdev4
Reviewed by: simon |
1.1_1 28 Jul 2008 12:29:24 |
skv |
Fix vuxml-entries for 'devel/bugzilla*'. |
1.1_1 18 Jul 2008 16:34:47 |
miwi |
- Fix portversion |
1.1_1 18 Jul 2008 16:18:55 |
miwi |
- Document phpmyadmin -- cross site request forgery vulnerabilites |
1.1_1 13 Jul 2008 22:31:45 |
miwi |
- Document drupal - multiple vulnerabilities |
1.1_1 13 Jul 2008 20:47:45 |
remko |
Add the latest security advisory to vuxml.
Hat: secteam |
1.1_1 09 Jul 2008 16:44:34 |
naddy |
Document poppler -- uninitialized pointer. |
1.1_1 04 Jul 2008 14:37:36 |
tabthorpe |
- Document py-pylons -- Path traversal bug |
1.1_1 03 Jul 2008 13:30:15 |
tabthorpe |
- Document FreeType 2 -- Multiple Vulnerabilities
PR: ports/124917
Submitted by: Nick Barkas <snb threerings.net> |
1.1_1 01 Jul 2008 16:31:45 |
barner |
Document revised patch for CVE-2008-2711. |
1.1_1 28 Jun 2008 23:39:48 |
miwi |
- Document phpmyadmin - Cross Site Scripting Vulnerability
PR: 124900 |
1.1_1 28 Jun 2008 22:35:11 |
delphij |
Update squid SNMP DoS vulnerability to cover squid 3.0STABLE6 as well.
Submitted by: Thomas-Martin Seck <tmseck web de> |
1.1_1 24 Jun 2008 15:10:45 |
tabthorpe |
- Document apache -- multiple vulnerabilities
Reviewed by: delphij |
1.1_1 22 Jun 2008 21:08:08 |
stas |
- Add missing <code></code> block around safe_mode.
Pointy hat to: me |
1.1_1 22 Jun 2008 18:21:32 |
stas |
- Add a note to php-posix entry, that
safe_mode is considred to be insecure
by FreeBSD Security Team.
- Add <code> blocks around function
names.
Suggested by: simon |
1.1_1 22 Jun 2008 09:17:51 |
stas |
- Document php5-posix directory traversal vulnerability. |
1.1_1 21 Jun 2008 14:46:14 |
mezz |
Fix the Firefox 3 part, it has no multiple vulnerabilities.
Reviewed by: remko |
1.1_1 21 Jun 2008 14:01:09 |
tabthorpe |
- Document vim -- Vim Shell Command Injection Vulnerabilities
Reviewed by: remko, miwi |
1.1_1 21 Jun 2008 11:24:53 |
stas |
- Document recent ruby vulnerabilities. |
1.1_1 20 Jun 2008 10:58:43 |
miwi |
- Clean up whitespace a bit
- Wrap long lines where appropriate
Reviewed by: remko |
1.1_1 20 Jun 2008 07:48:38 |
barner |
Document potiential crash in fetchmail < 6.3.8_6 (in -v -v verbose mode). |
1.1_1 15 Jun 2008 21:05:45 |
simon |
Unbreak VuXML.org build: Use correct syntax for CVE name in latest
moinmoin entry. |
1.1_1 15 Jun 2008 12:26:19 |
flz |
Document xorg -- multiple vulnerabilities. |
1.1_1 14 Jun 2008 05:30:18 |
tabthorpe |
- Document moinmoin -- superuser privilege escalation
Notified by: Janos Mohacsi |
1.1_1 13 Jun 2008 04:10:02 |
oliver |
add an error about courier-authlib < 0.60.6 |
1.1_1 08 Jun 2008 16:33:49 |
hrs |
Fix 2747fc39-915b-11dc-9239-001c2514716c. zh-xpdf, ja-xpdf, and
ko-xpdf have nothing to do with "multiple remote Stream.CC
vulnerabilities" because they are packages which just install
additional data files. |
1.1_1 01 Jun 2008 21:04:34 |
brix |
Add entry for www/ikiwiki.
Approved by: erwin (mentor, implicit) |
1.1_1 31 May 2008 10:17:03 |
brix |
Avoid confusion about backported www/ikiwiki security fix by not
mentioning version 2.48 in the entry.
Approved by: erwin (mentor, implicit) |
1.1_1 31 May 2008 09:54:53 |
brix |
Add www/ikiwiki entry.
Approved by: erwin (mentor, implicit) |
1.1_1 30 May 2008 12:53:28 |
tabthorpe |
- Fix range on previous commit
Noticed by: miwi |
1.1_1 30 May 2008 11:59:51 |
tabthorpe |
- Document linux-flashplugin -- unspecified remote code execution
vulnerability |
1.1_1 28 May 2008 22:26:48 |
wxs |
Document XSS vulnerabilities in nagios and nagios-devel.
PR: ports/123893 ports/123894
Submitted by: Jarrod Sayers <jarrod@netleader.com.au> (maintainer)
Reviewed by: miwi
Approved by: garga (mentor, implicit) |
1.1_1 27 May 2008 23:50:23 |
wxs |
Document spamdyke open relay vulnerability.
PR: ports/124013
Reviewed by: miwi
Approved by: garga (mentor), miwi |