| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
1.1_1
28 Feb 2010 20:25:10
  |
nox  |
Attempt to properly take care of the ooo3 -RC and -devel ports too (doh!)
Feature safe: yes |
1.1_1
28 Feb 2010 13:07:55
|
beat |
- Document thunderbird3 vulnerabilities
Approved by: miwi
Feature safe: yes |
1.1_1
26 Feb 2010 21:20:05
|
nox |
Document openoffice -- multiple vulnerabilities
Reviewed by: delphij
Feature safe: yes |
1.1_1
18 Feb 2010 10:02:51
|
beat |
- Document mozilla -- multiple vulnerabilities
Approved by: miwi (secteam)
Feature safe: yes |
1.1_1
16 Feb 2010 18:06:33
|
delphij |
Document lighttpd remote DoS vulnerability.
Reported by: Dan Rowe <dan dracosplace com>
Feature safe: yes |
1.1_1
15 Feb 2010 06:29:30
|
delphij |
Update www/squid and www/squid30 to address Squid HTCP Packet Processing
NULL Pointer Dereference vulnerability (SQUID-2010:2) |
1.1_1
13 Feb 2010 21:55:50
|
nox |
Document linux-flashplugin -- multiple vulnerabilities.
Reviewed by: miwi |
1.1_1
13 Feb 2010 10:29:49
|
kwm |
Add CVE-2010-0414 and CVE-2010-0422 for gnome-screensaver.
Reviewed by: miwi@ |
1.1_1
12 Feb 2010 14:25:55
|
mandree |
Fix range for fetchmail CVE-2010-0562.
Approved by: miwi@ (mentor) |
1.1_1
12 Feb 2010 09:56:31
|
mandree |
Add CVE-2010-0562 entry for mail/fetchmail.
Approved by: miwi (mentor). |
1.1_1
10 Feb 2010 00:47:01
|
delphij |
Document wireshark lwres buffer overflow vulnerability.
Reported by: Andreas <akoga hawaii edu> |
1.1_1
08 Feb 2010 16:38:41
|
skv |
Document "otrs" - SQL injection. |
1.1_1
03 Feb 2010 23:25:16
|
pgollucci |
- add the rest of the apache 1.3.x packages to the list
that are vulnerable
- add a missing ) to the <topic>
Reviewed by: secteam (miwi) |
1.1_1
03 Feb 2010 22:24:54
|
pgollucci |
- document chunk-size integer overflow in apache 1.3.x |
1.1_1
03 Feb 2010 21:47:33
|
pgollucci |
- remove extraneou '>' as reported by make tidy |
1.1_1
02 Feb 2010 22:42:45
|
miwi |
- Mark squid30 now as safe |
1.1_1
02 Feb 2010 09:44:10
|
miwi |
- Update 296ecb59-0f6b-11df-8bab-0019996bc1f7 entry and makr squid3* as safe |
1.1_1
01 Feb 2010 20:25:58
|
delphij |
Security patch for Squid advisory 2010:1, denial of service.
Submitted by: maintainer (Thomas-Martin Seck <tmseck web de>) |
1.1_1
01 Feb 2010 16:45:21
|
skv |
Document "bugzilla" - information leak. |
1.1_1
28 Jan 2010 21:20:45
|
miwi |
- Correct fixed version from previous entry |
1.1_1
28 Jan 2010 21:15:20
|
miwi |
- Document irc-ratbox -- multiple vulnerabilities
PR: based on 143242
Submitted by: moggie <moggie@elasticmind.net> |
1.1_1
21 Jan 2010 19:52:23
|
beat |
- Document thunderbird3 vulnerabilities
Reviewed by: miwi |
1.1_1
18 Jan 2010 17:45:55
|
delphij |
Document dokuwiki multiple vulnerabilities. |
1.1_1
14 Jan 2010 03:32:42
|
glarkin |
- Added entry for multiple vulnerabilities in www/zend-framework
- Cleaned up some entries reported by "make tidy"
Reviewed by: secteam (delphij via email)
Approved by: secteam (delphij via email)
Security: http://framework.zend.com/security/advisory/ZF2010-06
Security: http://framework.zend.com/security/advisory/ZF2010-05
Security: http://framework.zend.com/security/advisory/ZF2010-04
Security: http://framework.zend.com/security/advisory/ZF2010-03
Security: http://framework.zend.com/security/advisory/ZF2010-02
Security: http://framework.zend.com/security/advisory/ZF2010-01
Security: http://framework.zend.com/security/advisory/ZF2009-02
Security: http://framework.zend.com/security/advisory/ZF2009-01 |
1.1_1
09 Jan 2010 10:55:09
|
delphij |
Document powerdns-recursor multiple vulnerabilities. |
1.1_1
04 Jan 2010 23:23:32
|
delphij |
Document pear-Net_Ping and pear-Net_Traceroute arbitrary command execution
vulnerability. |
1.1_1
02 Jan 2010 16:29:33
|
erwin |
Bump copyright year to 2010 |
1.1_1
25 Dec 2009 19:19:35
|
miwi |
- Document drupal -- multiple cross-site scripting |
1.1_1
21 Dec 2009 21:48:57
|
stas |
- Document sysutils/fuser privileges check vulnerability. |
1.1_1
21 Dec 2009 18:19:54
|
delphij |
Document monkey remote DoS vulnerability. |
1.1_1
21 Dec 2009 10:45:26
|
miwi |
- Fix a typo (s/opensll/openssl)
Reported by: pluknet <pluknet@gmail.com> |
1.1_1
17 Dec 2009 22:40:17
|
delphij |
Document php multiple vulnerabilities.
Sponsored by: iXsystems, Inc. |
1.1_1
17 Dec 2009 00:24:21
|
delphij |
Document PostgreSQL multiple vulnerabilities.
Sponsored by: iXsystems, Inc. |
1.1_1
17 Dec 2009 00:04:43
|
delphij |
Add tptest pwd remote buffer overflow vulnerability.
Submitted by: Mark Foster <mark foster cc>
PR: ports/131938 |
1.1_1
16 Dec 2009 10:44:01
|
miwi |
- Document mozilla -- multiple vulnerabilities |
1.1_1
15 Dec 2009 02:27:13
|
delphij |
Make the problem more visible by choosing a more descriptive subject. |
1.1_1
15 Dec 2009 00:39:19
|
delphij |
Document freeradius remote packet of death exploit (CVE 2009-3111)
Submitted by: "Danilo G. Baio" <dbaio bs2 com br>
PR: ports/141318 |
1.1_1
14 Dec 2009 16:12:57
|
beat |
- Mark Seamonkey 2.0 as safe
Reviewed by: miwi |
1.1_1
12 Dec 2009 18:12:17
|
beat |
- Mark linux-firefox-devel as safe
Reviewed by: miwi |
1.1_1
12 Dec 2009 11:08:15
|
miwi |
- Fix build |
1.1_1
12 Dec 2009 10:58:59
|
wen |
- Document pligg -- Cross-Site Scripting and Cross-Site Request Forgery |
1.1_1
11 Dec 2009 15:27:17
|
miwi |
- Document piwik -- php code execution
Requested by: wen |
1.1_1
11 Dec 2009 15:14:31
|
miwi |
- Fix previous entrys (formating etc) |
1.1_1
10 Dec 2009 15:27:42
|
wxs |
- Document dovecot insecure directory permissions |
1.1_1
10 Dec 2009 00:32:13
|
nox |
Document linux-flashplugin -- multiple vulnerabilities.
Reviewed by: miwi |
1.1_1
09 Dec 2009 23:39:49
|
stas |
- Document ruby 1.9.1 heap overflow vulnerability. |
1.1_1
09 Dec 2009 15:07:46
|
skreuzer |
Document session fixation vulnerability in RequestTracker < 3.8.6
Reviewed by: simon@, wxs@ |
1.1_1
08 Dec 2009 01:44:59
|
kuriyama |
- Add two CVE entries for expat2. |
1.1_1
01 Dec 2009 20:09:39
|
miwi |
- Document opera -- multiple vulnerabilities
Request by: itetcu |
1.1_1
28 Nov 2009 22:48:13
|
kwm |
Fix the libtool entry to include 2.2.6a as vulnerable. |
1.1_1
28 Nov 2009 21:03:01
|
kwm |
Document libtool vulnerability.
Reviewed by: miwi@ |
1.1_1
26 Nov 2009 14:51:01
|
miwi |
- Cleanup (whitespaces/tabs) |
1.1_1
24 Nov 2009 21:34:58
|
naddy |
document: libvorbis -- multiple vulnerabilities |
1.1_1
23 Nov 2009 18:07:14
|
skv |
Document "bugzilla" - information leak. |
1.1_1
23 Nov 2009 15:47:15
|
sem |
- Report a XSS vulnerability in net-mgmt/cacti port |
1.1_1
14 Nov 2009 12:41:44
|
miwi |
- fix german wordpress name |
1.1_1
14 Nov 2009 12:20:25
|
miwi |
- Document wordpress -- multiple vulnerabilities |
1.1_1
09 Nov 2009 17:14:54
|
delphij |
Mark php5-gd 5.2.11_2 as safe. |
1.1_1
08 Nov 2009 23:33:43
|
wxs |
- Note that CVE-2009-3546 has been fixed in graphics/gd.
Noticed by: N.J. Mann <njm@njm.me.uk> |
1.1_1
06 Nov 2009 09:43:39
|
miwi |
- Fix previous commit |
1.1_1
06 Nov 2009 08:22:46
|
jadawin |
- Document HTML-Parser denial of service |
1.1_1
05 Nov 2009 21:40:57
|
delphij |
Document remote buffer overflow vulnerability in gd. |
1.1_1
05 Nov 2009 21:25:24
|
delphij |
Document typo3 multiple vulnerabilities.
Notified by: Wennrich, Markus <Markus Wennrich f-i-ts de> |
1.1_1
03 Nov 2009 21:18:59
|
thierry |
Add an entry for VideoLAN-SA-0901, about multimedia/vlc. |
1.1_1
02 Nov 2009 20:12:26
|
miwi |
- Document KDE -- multiple vulnerabilities
Reported by: Eygene Ryabinkin <rea-fbsd@codelabs.ru> |
1.1_1
31 Oct 2009 12:52:22
|
miwi |
- Fix previous entry |
1.1_1
31 Oct 2009 12:41:44
|
itetcu |
Add two opera vulnerabilities
PR: 140101
Submitted by: Arjan van Leeuwen |
1.1_1
29 Oct 2009 21:59:06
|
miwi |
- Fix latest entrys |
1.1_1
29 Oct 2009 14:21:35
|
flz |
Document vulnerability in net-p2p/ctorrent < 3.3.2_2 (CVE-2009-1759).
PR: ports/139635
Submitted by: Eygene Ryabinkin
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1759 |
1.1_1
28 Oct 2009 23:04:35
|
stas |
- Fix linux-opera vuxml entry (it uses different version numbering scheme) [1]
- Add entry for opera-devel as well.
PR: ports/140038 [1]
Submitted by: Sato Kuro <poyopoyo@puripuri.plala.or.jp> [1] |
1.1_1
28 Oct 2009 15:22:38
|
beat |
- Document mozilla -- multiple vulnerabilities
Approved by: miwi (secteam) |
1.1_1
25 Oct 2009 14:53:33
|
gabor |
- Fix discovery date of a recent entry |
1.1_1
25 Oct 2009 14:23:33
|
stas |
- Document elinks < 0.11.4 buffer overflow vulnerability. |
1.1_1
22 Oct 2009 23:04:37
|
delphij |
Add CVE reference provided by author via maintainer for the squidguard
issue. |
1.1_1
22 Oct 2009 23:01:54
|
delphij |
Apply vendor fixes 20091015 and 20091019 to fix multiple vulnerabilities
of squidGuard 1.4.
Requested by: maintainer
Security: 692ab645-bf5d-11de-849b-00151797c2d4 |
1.1_1
20 Oct 2009 11:03:35
|
araujo |
- Add an entry for Xpdf -- Multiple Vulnerabilities. |
1.1_1
16 Oct 2009 17:42:23
|
lwhsu |
- Document django -- denial-of-service attack |
1.1_1
13 Oct 2009 22:12:16
|
miwi |
- Document phpmyadmin -- XSS and SQL injection vulnerabilities |
1.1_1
12 Oct 2009 17:22:19
|
wxs |
- Document php5 multiple security vulnerabilities.
PR: ports/139196
Submitted by: Mark Foster <mark@foster.cc> |
1.1_1
07 Oct 2009 10:18:17
|
miwi |
- Document virtualbox -- privilege escalation |
1.1_1
06 Oct 2009 09:37:49
|
remko |
Add FreeBSD-SA-09:14.devfs to the VuXML list.
Hat: secteam
Facilitated by: Snow B.V. |
1.1_1
06 Oct 2009 09:33:28
|
remko |
Add FreeBSD-SA-09:13.pipe to the VuXML list.
Hat: secteam
Facilitated by: Snow B.V. |
1.1_1
01 Oct 2009 12:01:16
|
stas |
- linux-f10-pango is affected by 4b172278-3f46-11de-becb-001cc0377035 too.
Reported by: "Edward Sanford Sutton, III" <mirror176@cox.net> |
1.1_1
30 Sep 2009 15:32:53
|
miwi |
- Document mybb -- multiple vulnerabilities
PR: based on 139197 |
1.1_1
22 Sep 2009 23:03:35
|
miwi |
- Document drupal -- Multiple Vulnerabilities
Submitted by: Nick Hillard (based on)
Feature safe: yes |
1.1_1
21 Sep 2009 22:23:27
|
miwi |
- Rework latest horde-base entry (ee23aa09-a175-11de-96c0-0011098ad87f)
Feature safe: yes |
1.1_1
20 Sep 2009 14:54:45
|
cy |
Fix a formatting issue.
Pointy hat to: myself
Noticed by: miwi
Feature safe: Yes |
1.1_1
20 Sep 2009 05:58:12
|
delphij |
Fix build.
Feature safe: yes |
1.1_1
20 Sep 2009 05:37:34
|
cy |
Document a security problem in fwbuilder/libfwbuilder 3.0.4 - 3.0.6.
Generated iptables scripts when used to generate static routing
configurations have a security issue.
Feature safe: Yes |
1.1_1
17 Sep 2009 13:28:23
|
skv |
Document "bugzilla" - two SQL injections, sensitive data exposure.
Feature safe: yes |
1.1_1
14 Sep 2009 21:57:10
|
thierry |
Adding an entry for three vulnerabilities fixed in the latest Horde
framework (i.e. the port www/horde-base). |
1.1_1
14 Sep 2009 20:06:29
|
stas |
- Fix formatting.
- Add link to the debian security advisory.
- Fix the description to be the actual citation from the official sources
instead of some wild interpretation. We do not know for sure if remote
code execution is possible at all and from looking to the source code it
seems unlikely as the buffer undeflown is allocated on the heap. Moreover,
it is not clear if this is exploitable in the default install.
Discussed with: az |
1.1_1
14 Sep 2009 19:48:49
|
wxs |
Document nginx DoS condition.
Submitted by: az@ (via IRC) |
1.1_1
13 Sep 2009 16:56:09
|
ume |
Add cvename and bid for cyrus-imapd potential buffer overflow
in Sieve. |
1.1_1
13 Sep 2009 16:06:09
|
brix |
Add ikiwiki vulnerability. |
1.1_1
13 Sep 2009 11:24:30
|
miwi |
- Cleanup previous commit |
1.1_1
13 Sep 2009 11:06:03
|
brix |
- Add xapian-omega cross-scripting vulnerability |
1.1_1
10 Sep 2009 17:28:31
|
miwi |
- Document mozilla firefox -- Multiple Vulnerabilities |
1.1_1
09 Sep 2009 15:13:18
|
ume |
Fix xml broke by my previous commit. |
1.1_1
09 Sep 2009 15:08:34
|
ume |
Document cyrus-imapd potential buffer overflow vulnerability in Sieve. |
As an Amazon Associate I earn from qualifying purchases.
