- Document drupal - multiple vulnerabilities

- Document recent ruby vulnerabilities.

- fix make validate

Pointy hat to:  skv

- Fix previous commit.

Document bugzilla directory traversal vulnerability.

- Document openvpn-devel -- arbitrary code execution

PR:             126352 (based on)
Submitted by:   Matthias Andree <matthias.andree@gmx.de>

- Fix kdewebdev conflict with upcommig kdewebdev4

Reviewed by:    simon

Fix vuxml-entries for 'devel/bugzilla*'.

- Fix portversion

- Document phpmyadmin -- cross site request forgery vulnerabilites

- Document drupal - multiple vulnerabilities

Add the latest security advisory to vuxml.

Hat:    secteam

Document poppler -- uninitialized pointer.

- Document py-pylons -- Path traversal bug

- Document FreeType 2 -- Multiple Vulnerabilities

PR:             ports/124917
Submitted by:   Nick Barkas <snb threerings.net>

Document revised patch for CVE-2008-2711.

- Document phpmyadmin - Cross Site Scripting Vulnerability

PR:             124900

Update squid SNMP DoS vulnerability to cover squid 3.0STABLE6 as well.

Submitted by:   Thomas-Martin Seck <tmseck web de>

- Document apache -- multiple vulnerabilities

Reviewed by:    delphij

- Add missing <code></code> block around safe_mode.

Pointy hat to:  me

- Add a note to php-posix entry, that
  safe_mode is considred to be insecure
  by FreeBSD Security Team.
- Add <code> blocks around function
  names.

Suggested by:   simon

- Document php5-posix directory traversal vulnerability.

Fix the Firefox 3 part, it has no multiple vulnerabilities.

Reviewed by:    remko

- Document vim -- Vim Shell Command Injection Vulnerabilities

Reviewed by:    remko, miwi

- Document recent ruby vulnerabilities.

- Clean up whitespace a bit
- Wrap long lines where appropriate

Reviewed by:    remko

Document potiential crash in fetchmail < 6.3.8_6 (in -v -v verbose mode).

Unbreak VuXML.org build: Use correct syntax for CVE name in latest
moinmoin entry.

Document xorg -- multiple vulnerabilities.

- Document moinmoin -- superuser privilege escalation

Notified by:    Janos Mohacsi

add an error about courier-authlib < 0.60.6

Fix 2747fc39-915b-11dc-9239-001c2514716c.  zh-xpdf, ja-xpdf, and
ko-xpdf have nothing to do with "multiple remote Stream.CC
vulnerabilities" because they are packages which just install
additional data files.

Add entry for www/ikiwiki.

Approved by:    erwin (mentor, implicit)

Avoid confusion about backported www/ikiwiki security fix by not
mentioning version 2.48 in the entry.

Approved by:    erwin (mentor, implicit)

Add www/ikiwiki entry.

Approved by:    erwin (mentor, implicit)

- Fix range on previous commit

Noticed by:     miwi

- Document linux-flashplugin -- unspecified remote code execution
  vulnerability

Document XSS vulnerabilities in nagios and nagios-devel.

PR:             ports/123893 ports/123894
Submitted by:   Jarrod Sayers <jarrod@netleader.com.au> (maintainer)
Reviewed by:    miwi
Approved by:    garga (mentor, implicit)

Document spamdyke open relay vulnerability.

PR:             ports/124013
Reviewed by:    miwi
Approved by:    garga (mentor), miwi

- Add net-p2p/peercast entry.

Reviewed by:    miwi
Approved by:    mentor (implicit)

Document libvorbis security issues.

Document django XSS vulnerability.

Document vorbis-tools Speex header processing vulnerability.

Document qemu -- "drive_init()" Disk Format Security Bypass

- Sort previous commit

Add graphics/swfdec entry.

Approved by:    erwin (mentor)

- Thunderbird 2.0.0.14 is safe

- Document mt-daapd -- Integer overflow

PR:             123285 (based on)
Submitted by:   Mark D. Foster <mark@foster.cc>

- Document sdl_image - Buffer Overflow Vulnerabilities

- Mark PHP5 as safe

- Mark graphics/png as safe.

- Fix last gnupg entry.

PR:             123178 [1]
Submitted by:   Nick Barkas (via privat mail)
                bf <bf2006a@yahoo.com> [1]

- Clean up whitespace a bit
- Wrap long lines where appropriate
- Add a vim-friendly modeline

- A new Firefox vulnerability currently affects 10 of our ports, on
  average. A new VuXML entry usually forgets about 8 of them.

Wiki:           http://wiki.freebsd.org/VuXML

- Update last python entry python23 and python24 also affected

PR:             123153
Submitted by:   Nick Barkas <snb@threerings.net>

- Mark gnupg and gnupg1 as secure

- Document gnupg -- memory corruption vulnerability

Document extman password bypass vulnerability.

- Document mailman -- script insertion vulnerability.

Submitted by:   tabthorpe (one a month ago)
Discussed/Reviewed by:  tabthorpe

- now really fix the CVE entry

- Fix CVE entry from the previous commit

- Document mksh -- TTY Attachment Privilege Escalation.

- Document serendipity -- multiple cross site scripting vulnerabilities.

- Document firefox -- javascript harbage collector vulnerability.

- Add missing - in the previous entry

- Remove whitespaces
- Fix spelling

- Document png - unknown chunk processing uninitialized memory access

- Document openfire - unspecified denial of service

PR:             122872 (based on)

- Document php -- Integer Overflow Vulnerability

PR:             based on 122872

- Document python -- Integer Signedness Error in zlib Module

Document postgresql -- multiple vulnerabilities

PR:             120133 (basic on)
Submitted by:   Nick Barkas <snb@threerings.net>

- Document phpMyAdmin - Shared Host Information Disclosure.

- Document phpMyAdmin - Username/Password Session File Information Disclosure.

- Document libxine -- array index vulnerability

Reviewed by:    remko, miwi

Add an entry about clamav < 0.93 vulnerabilities

Reviewed by:    mnag

lighttpd -- OpenSSL Error Queue Denial of Service Vulnerability

Add www/ikiwiki entry.

Approved by:    pav (co-mentor)

- Enrich Firefox 2.0.0.13 entry

- Use <mlist> as the references are mailing posts
- Correct discovery date

Noticed by:     simon

- Add entry for mail/postfix-policyd-weight

PR:             ports/122194
Reviewed by:    ports-security (miwi)

- Add entries for www/suphp and dns/powerdns-recursor

Reviewed by:    ports-security (remko, simon)

- Add entry for www/opera 9.26

PR:             ports/122400
Reviewed by:    remko, delphij

Document mozilla multiple vulnerabilities.

Reviewed by:    miwi, remko (via IRC)

Document buffer overflow in silc-client and silc-server.

Reviewed by:    remko
Approved by:    garga (mentor)

Document bzip2 crash with certain malformed archive files

- Ups remove duplicate url

- Fix previos commit
   * sort
   * more reference

Document qemu -- unchecked block read/write vulnerability

Reviewed by:    stas

- Fix previous commit
  * sort
  * more reference

- Add entry for dovecot

- Fix 2 typos form the previous commit

Submitted by:   simon/gahr

- Document mplayer - multiple vulnerabilities

- Entry for ghostscrip-gpl 8.61

Reviewed by:    ports-security@ (simon, remko)

- Document phpmyadmin -- SQL injection vulnerability

Reviewed by:    simon

- Document pcre -- buffer overflow vulnerability

PR:             ports/121224
Submitted by:   Nick Barkas <snb threerings.net>

- Document libxine -- buffer overflow vulnerability

Reviewed by:    miwi

- Mark mail/up-imapproxy as safe

Submitted by:   Abdullah Ibn Hamad Al-Marri <wearabnet@yahoo.ca>

- Document coppermine -- multiple vulnerabilities.

Reviewed by:    miwi

- Fix previous commit (use now <bid>)

- Document moinmoin -- multiple vulnerabilities.

Reviewed by:    remko