add an entry for the recent piwik vulnerability, with the little information
that's available.

The only known fact is that Piwik rates this update critical.

Fix discovery date.

Document a File disclosure vulnerability and File permission change
vulnerability
in xorg-server.

Obtained from: 
http://lists.freedesktop.org/archives/xorg-announce/2011-October/001744.html
                upstream xorg-server
Security:       CVE-2011-4028, CVE-2011-4029

- Fix entry dates for recently added OpenTTD vulns

Submitted by:   "Ilya A. Arkhipov" <micro@heavennet.ru>

Document asterisk -- remote crash vulnerability in SIP channel driver.

Commit result of manually merged make tidy output.

Document PivotX remote file inclusion vulnerability.

PR:             ports/161734
Submitted by:   Fumiyuki Shimizu <fumifumi abacustech jp>

- Fix quotation links

Reported by:    danfe

Document openttd multiple vulnerabilities

PR:             161488
Submitted by:   "Ilya A. Arkhipov" <micro@heavennet.ru>

ca_root_nss - fix capitalization of topics

Security: 1b27af46-d6f6-11e0-89a6-080027ef73ec
Security: aa5bc971-d635-11e0-b3cf-080027ef73ec

ca_root_nss - reword topic for clarity

Security: 1b27af46-d6f6-11e0-89a6-080027ef73ec

Be less grubby in specifying vulnerable gnutls-devel versions.

Latest pyblosxom version is not vulnerable

Document quagga multiple vulnerabilities

Document latest vulnerabilities for www/chromium

Obtained from:  http://googlechromereleases.blogspot.com/
Security:       CVE-2011-[2876-2881, 3873]

Correct tomcat version represetations.

Pointed out by: Tim Zingelman <tez netbsd.org>

- Document mozilla -- multiple vulnerabilities

Properly mark version range for horde-imp.

- Update linux-f10-flashplugin to 10.3r183.10 . [1]
- Make gnome desktopfileutils dependency optional. [2]

PR:             ports/160894 [1]
Submitted by:   Garrett Cooper <yanegomi@gmail.com> [1]
Suggested by:   Peter Jeremy <peterjeremy@acm.org> [2]
Security:      
http://www.freebsd.org/ports/portaudit/53e531a7-e559-11e0-b481-001b2134ef46.html

Improve accuracy of krb5 vulnerability entries for upcoming port addition of
krb5-17.
(one entry was missed from the previous commit)

Improve accuracy of krb5 vulnerability entries for upcoming port addition
of krb5-17.

Document vulnerabilities in Chromium 13.0.x.y

Obtained from:  http://googlechromereleases.blogspot.com/
Security:       CVE-2011-[2834-2838, 2840-2844, 2846-2862, 2864, 2874-2875,
                          3234]

Document phpMyAdmin multiple XSS vulnerability.

Update phpMyAdminn to 3.4.5 release. [1]

PR:             ports/160589 [1]
Submitted by:   maitainer [1]

Document Django multiple vulnerabilities.

Document roundcube XSS vulnerability.

Document libsndfile -- PAF file processing integer overflow.

Security:       CVE-2011-2696

Re-revise emacs vulnerability to limit with >= 22 and < 22.2_1 instead of
>21.* and <22.2_1 which didn't work as expected

- Limit emacs vulnerability to > 21.* and <= 22.2 instead of just <= 22.2

Document two OpenSSL vulnerabilities.

(There is no OpenSSL 0.9.8s in the ports so mark <1.0.0 as vulnerable).

fix last thunderbird entry

add firefox, thunderbird and seamonkey to the DigiNotar.nl entry

Security:      
http://www.vuxml.org/freebsd/aa5bc971-d635-11e0-b3cf-080027ef73ec.html

Fix vuln.xml, while here fix indentation

- Update to 1.2.7

PR:             ports/160368
Submitted by:   gjb
Approved by:    dvl (maintainer), bapt (mentor)
Security:       CVE-2011-2938

- Document cfs buffer overflow vulnerability.
- While here, unbreak packaudit -- it doesn't like newlines in the
  middle of tags.  Perhaps a comment should say something?

Revise nss/ca_root_nss working around Mozilla,
limit ca_root_nss vuln to < 3.12.11 from <= 3.12.11.

Add a new entry for the ca_root_nss bug that caused extraction of untrusted
certificates to the trust bundle.

PR: ports/160455

- Correct affected plone versions

- bump modifiled for CVE-2007-5137

- update CVE-2007-5137

Update range to exclude nss 3.12.11 from vuln, as kwm@'s commit
to upgrade nss to 3.12.11 included the newer CKBI 1.87 that explicitly
distrusts DigiNotar.

Add a security notice for the DigiNotar incident, listing nss/ca_root/nss.

- only match vulnerable versions in the hlstats entry
- add additional CVEs

Final modification for apache22 vulnerability; include slave ports as well

Pointed out by: flo
Reviewed by:    eadler

Correct range for apache22, 2.2.20 is fixed and 1.3 wasn't affected.

Submitted by:   Aleksandr Stankevic (sysmonk on IRC/Freenode##FreeBSD)
Security:       CVE-2011-3192

Put a lower bound on the last php entry, as the bug was introduced in
5.3.7-RC5.

Submitted by:   "jaset" via #bsdports

- Fix entry date and use two ranges

Reviewed by:    gahr@
Approved by:    jadawin@ (mentor)

- Document CVE-2011-3192 for recent apache DoS vulnerability

Approved by:    jadawin@ (mentor)
Security:      
http://vuxml.org/freebsd/7f6108d2-cea8-11e0-9d58-0800279895ea.html

Upstream indicates that this only affects 4.40 and 4.41 so add a <ge> tag
to indicate that.

Document stunnel heap corruption vulnerability.

Fix discovery date

DOcument phpMyAdmin CVE-2011-3181 (multiple XSS).

Document new Chromium vulnerabilities.

Obtained from:  http://google-chrome-browser.com/releases
Security:       CVE-2011-[2821, 2823-2829, 2839]

Mark PHP5 < 5.3.7_2 as vulnerable to PHP bug #55439: crypt() returns only
the salt for MD5.

Document multiple PHP vulnerabilities.

Document Rails multiple vulnerabilities.

Document dovecot DoS vulnerability.

Document "otrs" - vulnerabilities in OTRS-Core allows read access
to any file on local file system.

document recent mozilla vulnerabilities

Document samba vulnerabilities of SWAT web interface.

Adjust dates in 510b630e-c43b-11e0-916c-00e0815b8da8.

Noticed by:     kwm@

- Document ISC DHCP server DoS.

Document "bugzilla" - multiple vulnerabilities.

Document dtc security issues

PR:             ports/159736
Submitted by:   Ansgar Burchardt <ansgar@debian.org>

Document freetype2 and libXfont vulnabilities.

Update linux-f10-flashplugin to 10.3r183.5 .

Submitted by:   pointyhat via erwin
Security:      
http://www.freebsd.org/ports/portaudit/2c12ae0c-c38d-11e0-8eb7-001b2134ef46.html

Document new vulnerabilities for www/chromium ( < 13.0.782.107)

Obtained from:  http://googlechromereleases.blogspot.com/
Security:       CVE-2011-{2358-2361, 2782-2805, 2818-2819}

Document libsoup security hole.

Fix match of phpmyadmin in recent revisions.

- Add CVE reference for OpenSAML2 issue
- Use official citation

Document phpmyadmin vulnerabilities

Approved by:    wxs (mentor)

Document OpenSAML2 issue

Document rsync DoS issue (CVE-2011-1097).

Document BIND vulnerabilities for ports. This was inspired by the PR,
but re-formatted and edited by me, so responsibility for errors is mine.

PR:             ports/158672
Submitted by:   Ryan Steinmetz <rpsfa@rit.edu>

Document phpMyAdmin multiple vulnerabilities

Reviewed by:    flo
Approved by:    rene (mentor vacation)

document one more vulnerability in the recent asterisk entry

Document new vulnerabilities for www/chromium ( < 12.0.742.112)

Security:       CVE-2011-[2345-2351]

Add modified tag to 8a5770b4-54b5-11db-a5ae-00508d6a62df.

Noticed by:     sahil@

Now that www/mambo is updated, fix the range in
8a5770b4-54b5-11db-a5ae-00508d6a62df.

document recent asterisk vulnerabilities

- Document ejabberd vulnerability fixed in 2.1.8

PR:             ports/158137
Submitted by:   Ruslan Mahamatkhanov <cvs-src@yandex.ru>
Security:      
http://vuxml.org/freebsd/01d3ab7d-9c43-11e0-bc0f-0014a5e3cda6.html

- also mark firefox35 vulnerable

- document recent mozilla vulnerabilities [1]
- while here also document an older samba Denial of service vulnerability [2]

Security:      
http://www.vuxml.org/freebsd/dfe40cff-9c3f-11e0-9bec-6c626dd55a41.html [1]
               
http://www.vuxml.org/freebsd/bfdbc7ec-9c3f-11e0-9bec-6c626dd55a41.html [2]
Requested by:   timur [2]

Document piwik remote command execution vulnerability.

Document dokuwiki XSS vulnerability.

Update linux-f10-flashplugin to 10.3r181.26 .

PR:             ports/157900
Submitted by:   Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>
Security:      
http://www.freebsd.org/ports/portaudit/55a528e8-9787-11e0-b24a-001b2134ef46.html

- Document CVE-2011-1408 in www/ikiwiki

- Cleanup

Update to 10.3r181.22 .

PR:             ports/157696
Submitted by:   Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>
Security:      
http://www.freebsd.org/ports/portaudit/57573136-920e-11e0-bdc9-001b2134ef46.html

Document www/chromium vulnerabilities fixed in version 12.0.742.91

Security:       CVE-2011-{1808-1819,2332,2342}

- Document CVE-2011-1910

PR:             ports/157548
Submitted by:   Ryan Steinmetz <rpsfa@rit.edu>

Add CVE-2011-1947: fetchmail STARTTLS denial of service.

- Cleanup

- document asterisk remote crash vulnerability

Security:      
http://www.vuxml.org/freebsd/34ce5817-8d56-11e0-b5a2-6c626dd55a41.html

  Document CVE-2011-1752, CVE-2011-1783 and CVE-2011-1921 in devel/subversion

Document drupal6 multiple vulnerabilities.

Submitted by:   Nick Hilliard <nick@foobar.org>

Document Erlang R14B02 ssh library vulnerability (cryptographically
weak RNG).

Security:       CVE-2011-0766

Document latest www/chromium vulnerabilities.

Security:       CVE-2011-1801, -1804, -1806, -1807

- Cleanup Part 1

PS: wonder when pplz start to ask ports-security for review ...

- Document the last unbound vulnerability

 - revert last change of apr-* entry

 Broken build reported by wxs@

- use apr-* and add <gt></gt> entries for all apr0/apr1 issues
  (<gt> .. is needed else the parser cannot make a difference
   between apr0 and apr1)

- lowercase ViewVC -> viewvc

 Thanks Jun Kuriyama ( kuriyama@ ) for the notice and the patch
 for the apr entries.