| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
1.1_1
22 Feb 2008 00:56:27
  |
simon  |
Document opera -- multiple vulnerabilities. |
1.1_1
22 Feb 2008 00:43:24
|
simon |
Document mozilla -- multiple vulnerabilities. |
1.1_1
22 Feb 2008 00:26:31
|
delphij |
Document openldap modrdn DoS vulnerability |
1.1_1
15 Feb 2008 10:23:57
|
remko |
Document clamav -- ClamAV libclamav PE File Integer Overflow Vulnerability
Submitted by: "Eygene Ryabinkin" <rea-fbsd at codelabs dot ru> |
1.1_1
13 Feb 2008 17:20:04
|
miwi |
- Fix previous commit
Discussed with: remko |
1.1_1
13 Feb 2008 16:37:32
|
remko |
Bump modification date for latest change. |
1.1_1
13 Feb 2008 15:32:00
|
oliver |
xfce4-panel, libxfce4gui - mark the security problem which existed in 4.4.1 "<
4.4.2"
Noted by: Carl Johan Gustavsson <carl.gustavsson@bahnhofbredband.se> |
1.1_1
12 Feb 2008 22:14:19
|
miwi |
- mark claws-mail as safe |
1.1_1
12 Feb 2008 13:30:47
|
sem |
- Document a cacti vulnerability |
1.1_1
12 Feb 2008 08:48:25
|
brix |
Add entry for www/ikiwiki.
Approved by: erwin (mentor) |
1.1_1
09 Feb 2008 18:47:05
|
tabthorpe |
- Fix grammar for www/zenphoto description |
1.1_1
09 Feb 2008 14:39:27
|
tabthorpe |
- Document www/zenphoto
Reviewed by: remko |
1.1_1
09 Feb 2008 11:16:13
|
miwi |
- Fix a typo
Submitted by: antoine@ |
1.1_1
04 Feb 2008 07:58:54
|
miwi |
- Document jetty -- multiple vulnerability
PR: 120171
Submitted by: Nick Barkas <snb@threerings.net> |
1.1_1
31 Jan 2008 14:47:15
|
miwi |
- Bump modified from previous commit |
1.1_1
31 Jan 2008 04:06:30
|
linimon |
Fix name of irc/dircproxy package.
Hat: portmgr |
1.1_1
29 Jan 2008 15:14:43
|
nobutaka |
Document libxine -- buffer overflow vulnerability. |
1.1_1
23 Jan 2008 12:11:57
|
flz |
Document xorg -- multiple vulnerabilities.
Reviewed by: miwi |
1.1_1
22 Jan 2008 22:18:47
|
miwi |
- Fix discovery line from the previous commit :( |
1.1_1
22 Jan 2008 22:01:46
|
miwi |
- Document xfce -- multiple vulnerabilities |
1.1_1
22 Jan 2008 21:38:40
|
miwi |
- Document claws-mail -- insecure temporary file creation |
1.1_1
20 Jan 2008 10:04:32
|
miwi |
- Add modified date for previous commit |
1.1_1
20 Jan 2008 02:28:26
|
lwhsu |
- Fix freeradius-devel entry, narrow down range to prevent affect later versions
PR: ports/119582
Submitted by: David Wood <david AT wood2.org.uk>
Reviewed by: pav |
1.1_1
20 Jan 2008 01:35:00
|
miwi |
- Fix previous commit (whitespaces, sorting) |
1.1_1
20 Jan 2008 01:21:48
|
beech |
- Add entry for ircservices
PR: ports/119769
Approved by: linimon (mentor) |
1.1_1
19 Jan 2008 18:03:22
|
nobutaka |
Document libxine -- buffer overflow vulnerability. |
1.1_1
19 Jan 2008 09:50:19
|
skv |
Update the "firebird" entry to properly match corrected versions. |
1.1_1
15 Jan 2008 22:43:59
|
miwi |
- Fix <name> sections from both previous committs |
1.1_1
15 Jan 2008 20:15:53
|
miwi |
- Fix previous commit
- Mark geeklog as safe
- add cve
Reviewed by: remko |
1.1_1
15 Jan 2008 18:52:15
|
tabthorpe |
- Document XSS vulnerability in geeklog 1.4.0
Reviewed by: remko |
1.1_1
14 Jan 2008 15:56:08
|
stas |
- This vulnerability exists in PHP versions prior to 4.4.8, not
after. Fix the entry.
Reported by: Vadim Goncharov <vadimnuclight@tpu.ru> |
1.1_1
12 Jan 2008 15:53:47
|
simon |
Document multiple drupal issues.
Submitted by: Nick Hilliard <nick@foobar.org> |
1.1_1
10 Jan 2008 19:38:12
|
miwi |
- Document maradns -- CNAME record resource rotation denial of service
PR: ports/119471 (based on)
Submitted by: Mark D. Foster <mark@foster.cc>
Reviewed by: simon |
1.1_1
07 Jan 2008 22:48:35
|
miwi |
- Mark security/lsh as safe |
1.1_1
04 Jan 2008 18:52:09
|
delphij |
Update php multiple vulnerability entry: revalent bugs were fixed in PHP 4.4.8. |
1.1_1
04 Jan 2008 18:48:28
|
mnag |
- Fix linux-realplayer new version |
1.1_1
04 Jan 2008 18:45:08
|
mnag |
- Fix range for linux-flahsplugin |
1.1_1
04 Jan 2008 18:07:34
|
mnag |
- linux-realplayer -- multiple vulnerabilities |
1.1_1
03 Jan 2008 13:13:22
|
mnag |
- linux-flashplugin -- multiple vulnerabilities |
1.1_1
31 Dec 2007 11:59:44
|
miwi |
- Fix the last tcl/tk entry for portaudit.
Submitted by: mm@
Reviewed by: simon |
1.1_1
30 Dec 2007 09:35:30
|
delphij |
Document dovecot specific LDAP + auth cache configuration may mix up user logins
vulnerability |
1.1_1
29 Dec 2007 20:28:33
|
simon |
Add more references to latest opera entry. |
1.1_1
29 Dec 2007 19:49:43
|
simon |
Make "gallery2 -- multiple vulnerabilities" follow the normal format for
VuXML entries. |
1.1_1
25 Dec 2007 08:14:30
|
beech |
- Document gallery2 -- multiple vulnerabilities
Submitted by: Alex Varju <freebsd-ports@varju.ca> (maintainer)
Approved by: linimon (mentor) |
1.1_1
22 Dec 2007 14:26:14
|
simon |
Update list if CVE names for latest wireshark entry. |
1.1_1
21 Dec 2007 21:43:14
|
miwi |
- Document e2fsprogs -- heap buffer overflow
PR: 118848 (based on)
Submitted by: Matthias Andree <matthias.andree@gmx.de>
Reviewed by: remko |
1.1_1
19 Dec 2007 23:03:56
|
simon |
Document wireshark -- multiple vulnerabilities. |
1.1_1
19 Dec 2007 21:06:25
|
simon |
Document opera -- multiple vulnerabilities. |
1.1_1
19 Dec 2007 20:52:06
|
simon |
Document peercast -- buffer overflow vulnerability. |
1.1_1
18 Dec 2007 13:06:29
|
simon |
Unbreak vuln.xml: & -> &
Pointy hat to: brooks |
1.1_1
17 Dec 2007 22:24:48
|
brooks |
Upgrade to Ganglia 3.0.6.
Release 3.0.5 contained minor bug fixes. 3.0.6 corrects XSS
vulnerabilities in the webfrontend.
Security: vid:fee7e059-acec-11dc-807f-001b246e4fdf |
1.1_1
14 Dec 2007 19:55:16
|
remko |
Sort references section for last commit. |
1.1_1
14 Dec 2007 00:17:02
|
sat |
- Mark latest linux-firefox/seamonkey-devel snapshots as safe
- Add (linux-)flock and linux-*-devel to latest firefox advisory
- Note that the tradition of covering more gecko ports with
firefox-related advisories should probably be kept up |
1.1_1
13 Dec 2007 00:36:54
|
nox |
Document qemu -- Translation Block Local Denial of Service Vulnerability |
1.1_1
12 Dec 2007 15:48:01
|
remko |
Document drupal -- SQL injection vulnerability
Submitted by: Nick Hilliard <nick at netability dot ie> |
1.1_1
12 Dec 2007 15:29:14
|
remko |
Document samba -- buffer overflow vulnerability. |
1.1_1
12 Dec 2007 15:11:17
|
remko |
Remove redundant "A" in the latest entry |
1.1_1
12 Dec 2007 08:32:33
|
miwi |
- Fix previous commit
- Sorting
- more referencs |
1.1_1
12 Dec 2007 08:11:07
|
beech |
- Missed a section - smbftpd
Pointyhat to: Self |
1.1_1
12 Dec 2007 07:55:42
|
beech |
- Document smbftpd - format string vulnerability.
Requested by: linimon
Approved by: linimon (mentor) |
1.1_1
10 Dec 2007 07:00:06
|
remko |
Document jetty - multiple vulnerabilities
PR: ports/118524
Submitted by: Nick Barkas <snb at threerings dot net>
with minor modifications by me
Approved by: portmgr (secteam blanket) |
1.1_1
09 Dec 2007 15:47:20
|
nork |
Update to 2007.12.07 with fix security issue.
Security: VuXML ID: 821afaa2-9e9a-11dc-a7e3-0016360406fa
CVE-2007-6036
http://aluigi.altervista.org/adv/live555x-adv.txt
Approved by: portmgr (erwin) |
1.1_1
08 Dec 2007 23:26:34
|
remko |
Document liveMedia -- DoS vulnerability
Submitted by: Rafae«l Careé <funm at videolan dot org>
with modifications by me
Approved by: portmgr (secteam blanket) |
1.1_1
07 Dec 2007 10:25:05
|
delphij |
Update to reflect the squid issue has been assigned
CVE-2007-6239.
Approved by: portmgr (ports-security blanket) |
1.1_1
05 Dec 2007 07:49:40
|
miwi |
- Update gnu-finger entry
* Fix cvename handling
Approved by: portmgr (ports-security blanket) |
1.1_1
05 Dec 2007 07:27:00
|
linimon |
http://nvd.nist.gov/nvd.cfm?cvename=CVE-1999-1165: gnu-finger is old,
creaky, and not for use in production environments.
Submitted by: tabthorpe
Approved by: portmgr (self) |
1.1_1
05 Dec 2007 00:28:14
|
delphij |
Update to reflect an updated www/squid30 version which is no
longer vulnerable.
Approved by: portmgr (ports-security blanket) |
1.1_1
04 Dec 2007 19:49:48
|
delphij |
Update to reflect an updated www/squid version which is no
longer vulnerable.
Approved by: portmgr (ports-security blanket) |
1.1_1
04 Dec 2007 19:20:45
|
delphij |
Document squid denial of service vulnerability. This can be
triggered from trusted squid client only.
Approved by: portmgr (ports-security blanket) |
1.1_1
02 Dec 2007 00:15:28
|
delphij |
Remove the rsync entry for now. Better way of handling
this is still under discussion, as the vendor patch does
not automatically resolve problem for customized
configuration that have chroot = no.
Requested by: pav
Approved by: portmgr (ports-security blanket) |
1.1_1
01 Dec 2007 20:23:43
|
delphij |
Document rsync security bypass vulnerability.
Approved by: portmgr (ports-security blanket) |
1.1_1
01 Dec 2007 14:25:29
|
simon |
Make the rubygem-rails -- JSON XSS vulnerability entry valid UTF-8 (at
least the special chars doesn't look like UTF-8 as per emacs or
freshports).
Reported by: freshports via dvl
Approved by: portmgr (secteam blanket) |
1.1_1
28 Nov 2007 00:26:57
|
delphij |
Also cover rubygem-activesupport which is part of rails and is
affected by CVE-2007-3227 as well.
Approved by: portmgr (ports-security blanket) |
1.1_1
28 Nov 2007 00:19:09
|
delphij |
Document recent Ruby On Rails vulnerabilities.
Approved by: portmgr (ports-security blanket) |
1.1_1
27 Nov 2007 21:57:02
|
brix |
Document ikiwiki improper symlink verification vulnerability.
Reviewed by: remko
Approved by: portmgr (erwin), erwin (mentor) |
1.1_1
27 Nov 2007 21:35:54
|
delphij |
Document firefox multiple unspecified memory corruption vulnerabilities.
Approved by: portmgr (ports-security blanket) |
1.1_1
21 Nov 2007 18:58:28
|
miwi |
- Document phpmyadmin -- Cross Site Scripting
Reviewed by: remko
Approved by: portmgr (ports-security blanket |
1.1_1
21 Nov 2007 09:02:58
|
miwi |
- Update last Samba entry,
* Add reference to the samba advisories
* Fix the PORTVERSION/PORTEPOCH
Reviewed by: simon
Approved by: portmgr (ports-security blanket) |
1.1_1
21 Nov 2007 07:40:51
|
miwi |
Document samba - multiple vulnerabilities
Reviewed by: remko
Approved by: portmgr (ports-security blanket) |
1.1_1
18 Nov 2007 00:47:43
|
delphij |
postnuke 0.763 is not vulnerable to 35f2679f-52d7-11db-8f1a-000a48049292
so mark it as not vulnerable.
Approved by: portmgr (ports-security blanket) |
1.1_1
17 Nov 2007 07:07:41
|
delphij |
Improve JDK version coverage. We should consider PORTEPOCH'ed version
separately, so restruct the range.
Approved by: portmgr (ports-security blanket) |
1.1_1
16 Nov 2007 19:53:07
|
delphij |
Document PHP multiple vulnerabilities that are fixed by php 5.2.5.
Approved by: portmgr (ports-security blanket) |
1.1_1
16 Nov 2007 08:05:48
|
miwi |
- Fix c93e4d41-75c5-11dc-b903-0016179b2dd5 entry
Submitted by: glewis
Reviewed by: remko
Approved by: portmgr (ports-security blanket) |
1.1_1
14 Nov 2007 22:19:07
|
erwin |
print/cups-base is vulnerable for all previous versions to
1.3.3_2, not all coming ones.
Submitted by: Andrew Daugherity <ADaugherity@vprmail.tamu.edu>
Approved by: portmgr (self) |
1.1_1
14 Nov 2007 14:23:33
|
remko |
Document mt-daapd -- denial of service vulnerability, also
correct the previous entry style wise.
Submitted by: Mark D. Foster <mark at foster dot cc> with minor
modifications by me.
Approved by: portmgr (secteam blanket) |
1.1_1
14 Nov 2007 09:23:51
|
miwi |
- Update xpdf -- multiple remote Stream.CC vulnerabilities
* Mark cups-base as safe
Approved by: portmgr (ports-security blanket) |
1.1_1
14 Nov 2007 05:45:24
|
kuriyama |
o Add a patch for CVE-2007-5846, and add an entry for vuxml.
Approved by: portmgr (marcus) |
1.1_1
13 Nov 2007 15:41:57
|
miwi |
- Document flac -- media file processing integer overflow vulnerabilities
Reviewed by: simon
Approved by: portsmgr (ports-security blanket)
Thanks to: naddy |
1.1_1
13 Nov 2007 06:46:44
|
simon |
Unbreak file by closing </li> tag.
Approved by: portmgr (secteam blanket) |
1.1_1
13 Nov 2007 01:14:50
|
delphij |
Document xpdf arbitrary code execution vulnerability, as documented in
CVE-2007-4352, CVE-2007-5392, CVE-2007-5393.
Approved by: portmgr (ports-security blanket) |
1.1_1
12 Nov 2007 19:46:09
|
delphij |
dinoex@ has choosen to apply a vendor patch that has resolved CVE-2007-4351
instead of upgrading to 1.3.4. Mark this updated version as not vulnerable.
Approved by: portmgr (ports-security blanket) |
1.1_1
12 Nov 2007 00:39:01
|
delphij |
Document plone arbitrary code execution vulnerability.
Approved by: portmgr (ports-security blanket) |
1.1_1
11 Nov 2007 18:43:12
|
miwi |
- Updated the last gftp entry (we have 2.0.18_6 in the portstree not 2.10.18_6)
Submitted by: Fabian Keil (via private mail)
Approved by: portmgr (ports-security blanket) |
1.1_1
11 Nov 2007 15:52:24
|
miwi |
- Document phpmyadmin -- cross-site scripting vulnerability
Reviewed by: simon
Approved by: portmgr (ports-security blanket) |
1.1_1
09 Nov 2007 19:05:51
|
delphij |
Document gallery2 multiple vulnerabilities.
Approved by: portmgr (ports-security blanket) |
1.1_1
09 Nov 2007 10:00:02
|
miwi |
- Document tikiwiki -- multiple vulnerabilities
Reviewed by: simon
Approved by: portmgr (ports-security blanket) |
1.1_1
09 Nov 2007 07:51:43
|
delphij |
Document cups-base remote buffer overflow vulnerability.
Approved by: portmgr (ports-security blanket) |
1.1_1
07 Nov 2007 22:03:26
|
delphij |
Make perl entry to cover perl-threaded as well.
Reported by: Andy Greenwood <greenwood.andy gmail com>
Approved by: portmgr (ports-security blanket) |
1.1_1
06 Nov 2007 22:19:50
|
miwi |
- Document perl -- regular expressions unicode data buffer overflow
Reviewed by: simon/tobez
Approved by: portmgr (blanket) (ports-security blanket) |
1.1_1
06 Nov 2007 18:28:58
|
delphij |
Document pcre arbitrary code execution vulnerability.
Approved by: portmgr (ports-security blanket) |
As an Amazon Associate I earn from qualifying purchases.
