| non port: security/vuxml/vuln.xml |
Number of commits found: 6273 (showing only 100 on this page) |
|
Monday, 12 Oct 2015
|
14:19 junovitch 
Add CVE assignment to r398701 Zend Framework 1 entry
PR: 203462
Security: CVE-2015-7695
Security: https://vuxml.FreeBSD.org/freebsd/d3324fdb-6bf0-11e5-bc5e-00505699053e.html
  |
14:11 junovitch
Add CVE assignment to r398626 PHP entry
PR: 203541
Security: CVE-2015-7804
Security: CVE-2015-7803
Security:
https://vuxml.FreeBSD.org/freebsd/c1da8b75-6aef-11e5-9909-002590263bf5.html
|
|
Saturday, 10 Oct 2015
|
15:27 junovitch
Document shell command execution via improper escaping in p5-UI-Dialog
PR: 203667
Security: CVE-2008-7315
Security: https://vuxml.FreeBSD.org/freebsd/00dadbf0-6f61-11e5-a2a1-002590263bf5.html
|
15:01 junovitch
Document iPython vulnerabilities fixed in 3.2.2
PR: 203668
Security: CVE-2015-6938
Security: CVE-2015-7337
Security: https://vuxml.FreeBSD.org/freebsd/290351c9-6f5c-11e5-a2a1-002590263bf5.html
|
|
Thursday, 8 Oct 2015
|
21:18 girgen
Add entry for two security problems in PostgreSQL
CVE-2015-5289: json or jsonb input values constructed from arbitrary
user input can crash the PostgreSQL server and cause a denial of
service.
CVE-2015-5288: The crypt() function included with the optional pgCrypto
extension could be exploited to read a few additional bytes of memory.
No working exploit for this issue has been developed.
|
|
Tuesday, 6 Oct 2015
|
15:02 wg
security/vuxml: Document Zend Framework 1 vulnerability
PR: 203462
Security: d3324fdb-6bf0-11e5-bc5e-00505699053e
Security: CVE-2014-8089
|
02:54 junovitch
Document OpenSMTPD vulnerabilities (5.7.3)
Revise pkg name, add PORTEPOCH, add more detail to earlier entry (5.7.2)
Security: 42852f72-6bd3-11e5-9909-002590263bf5
Security: ee7bdf7f-11bb-4eea-b054-c692ab848c20
Security: CVE-2015-7687
|
02:24 junovitch
Document recent mbed TLS/PolarSSL security releases
PR: 203544
Security: 5d280761-6bcf-11e5-9909-002590263bf5
Security: 953aaa57-6bce-11e5-9909-002590263bf5
|
|
Monday, 5 Oct 2015
|
11:56 kwm
Unbreak vuxml, woops.
|
11:46 kwm
Document heap overflows and a DoS in gdk-pixbuf2.
Security: CVE-2015-7673, CVE-2015-7674
|
03:09 junovitch
Document 20150910 Plone advisories
PR: 203255
Security: 6b3374d4-6b0b-11e5-9909-002590263bf5
|
00:00 junovitch
Document PHP multiple security advisories in phar plugin
PR: 203541
Security: c1da8b75-6aef-11e5-9909-002590263bf5
|
|
Sunday, 4 Oct 2015
|
21:27 junovitch
Add CVE reference to Apache James entry
PR: 203461
Security: CVE-2015-7611
Security: be3069c9-67e7-11e5-9909-002590263bf5
|
14:23 swills
Document mail/opensmtpd vulnerability
|
|
Thursday, 1 Oct 2015
|
03:14 junovitch
Document security advisory for the Apache James server
PR: 203461
Security: be3069c9-67e7-11e5-9909-002590263bf5
|
|
Wednesday, 30 Sep 2015
|
06:18 cs
Report OTRS vulnerability
Security: CVE-2015-6842, CVE-2013-7135
|
|
Monday, 28 Sep 2015
|
09:29 kwm
Document newest flash vulnabilities.
|
02:54 junovitch
Fix <freebsdpr> syntax on several entries
Without ports/ prepended to the PR number, the http://www.vuxml.org links
go to https://bugs.FreeBSD.org and not the actual PR.
While here, "trongSwan" -> "StrongSwan" spelling correction
PR: 200777
|
01:09 junovitch
Document multiple vulnerabilities in CodeIgniter
PR: 203401
Security: 5114cd11-6571-11e5-9909-002590263bf5
Security: 01bce4c6-6571-11e5-9909-002590263bf5
Security: c21f4e61-6570-11e5-9909-002590263bf5
Security: f838dcb4-656f-11e5-9909-002590263bf5
Security: b7d785ea-656d-11e5-9909-002590263bf5
|
|
Sunday, 27 Sep 2015
|
08:38 rene
Document new vulnerabilities in www/chromium < 45.0.2454.101
Obtained
from: http://googlechromereleases.blogspot.nl/2015/09/stable-channel-update_24.html
|
|
Thursday, 24 Sep 2015
|
02:56 junovitch
Revise Moodle multiple security vulnerabilities from r397210 to reflect
recently published advisory
Security: CVE-2015-5264
Security: CVE-2015-5272
Security: CVE-2015-5265
Security: CVE-2015-5266
Security: CVE-2015-5267
Security: CVE-2015-5268
Security: CVE-2015-5269
Security: c2fcbec2-5daa-11e5-9909-002590263bf5
|
|
Wednesday, 23 Sep 2015
|
20:24 feld
Fix older ruby vuxml entry
If you follow official instructions to change your default ruby version
it alters the ruby package name and vuxml will produce false positives.
This change will solve these scenarios.
PR: 203227
|
|
Tuesday, 22 Sep 2015
|
17:26 feld
libssh2 version entry range was missing PORTEPOCH
Security: 9770d6ac-614d-11e5-b379-14dae9d210b8
|
17:20 feld
Document vulnerability in security/libssh2
Security: CVE-2015-1782
|
16:46 jbeich
Summary: Document recent Mozilla vulnerabilities
|
|
Sunday, 20 Sep 2015
|
09:23 jbeich
Mention ports with libzip copy
|
05:45 jbeich
Fix typo
|
05:43 jbeich
Next avidemux2 may have CVE-2015-3395 fix, adjust
https://github.com/mean00/avidemux2/commit/cfb9760
|
05:27 jbeich
Document recent ffmpeg vulnerabilities
libav 11.4 was released before the fixes were made while ffmpeg 2.3.x
and lower are not maintained anymore. Bundle consumers are out of luck
unless low impact there or the fixes are easy to cherry-pick.
|
|
Friday, 18 Sep 2015
|
21:08 cs
Update dcraw entry in VUXML
PR: 203034
Submitted by: yuri@rawbw.com (maintainer of lightzone)
Security: 57325ecf-facc-11e4-968f-b888e347c638
|
02:23 junovitch
Document Moodle multiple security vulnerabilities
Note upstream has not released CVE assignments or details of the issues at
this time. Document the current verbiage from the release notes to help
downstream users proactively update.
|
01:34 junovitch
Document squid TLS/SSL parser denial of service vulnerability
No CVE assigned yet
PR: 203186
|
00:33 junovitch
Document remind buffer overflow with malicious reminder file input
PR: 202942
Security: CVE-2015-5957
|
|
Thursday, 17 Sep 2015
|
16:32 feld
Alter <topic> of some of my recent entries to be more consistently worded
|
16:28 feld
Normalize "use after free" as "use-after-free" in <topic>
I noticed when browsing vuxml.freebsd.org an even split between "use
after free" and "use-after-free". It seemed to make sense to standardize
on one style so future editors will have a common usage to guide them
when new entries are created.
|
16:16 feld
Document deskutils/shutter vulnerability
Security: CVE-2015-0854
|
15:50 feld
Document graphics/openjpeg vulnerability
No CVE assigned yet
|
14:56 feld
Document vulnerability in older graphics/optipng
No CVE assigned yet
|
14:50 feld
Document net/openslp vulnerability
Security: CVE-2015-5155
|
|
Wednesday, 16 Sep 2015
|
20:21 feld
Document archivers/p7zip vulnerability
Security: CVE-2015-1038
|
16:32 feld
Document www/h2o vulnerability
PR: 203096
PR: 203147
Security: CVE-2015-5638
|
|
Tuesday, 15 Sep 2015
|
23:21 delphij
Fix spelling of zh_CN for wordpress vulnerabilities.
|
18:15 delphij
Document wordpress multiple vulnerabilities.
|
|
Monday, 14 Sep 2015
|
03:59 ohauer
- document bugzilla CVE-2015-4499
|
|
Sunday, 13 Sep 2015
|
19:41 feld
net/openldap24-server Fix affected package name
Submitted by: dvl
Security: 4910d161-58a4-11e5-9ad8-14dae9d210b8
|
|
Saturday, 12 Sep 2015
|
13:26 feld
Document net/openldap24-server vulnerability
Security: CVE-2015-6908
|
|
Wednesday, 9 Sep 2015
|
20:41 naddy
Expand a35f415d-572a-11e5-b0a4-f8b156b6dcc8:
multiple vulnerabilities in audio/vorbis-tools and audio/opus-tools
|
19:53 naddy
Document oggenc buffer overflow in audio/vorbis-tools.
Security: CVE-2015-6749
|
14:18 junovitch
Document pgbouncer failed auth_query lookups falling back to auth_user
Note the vulnerable version was not committed to ports, however document
the issue in the interest of being thorough and catching any user who
made this as a local change.
PR: 202957
Security: CVE-2015-6817
Security: d76961da-56f6-11e5-934b-002590263bf5
Approved by: feld (mentor)
|
|
Tuesday, 8 Sep 2015
|
18:49 matthew
Document the latest phpMyAdmin vulnerability: reCaptcha bypass
|
18:44 feld
Correct some package names that were mistakenly labeled as php56
Security: 3d675519-5654-11e5-9ad8-14dae9d210b8
|
18:33 feld
Add assigned CVEs to previous php vulnerability entry
Security: 787ef75e-44da-11e5-93ad-002590263bf5
Security: CVE-2015-6831
Security: CVE-2015-6832
Security: CVE-2015-6833
|
18:32 feld
Document php vulnerabilities
Security: CVE-2015-6834
Security: CVE-2015-6835
Security: CVE-2015-6836
Security: CVE-2015-6837
Security: CVE-2015-6838
|
17:38 feld
Spelling frontent -> frontend
Security: d68df01b-564e-11e5-9ad8-14dae9d210b8
|
17:32 feld
Document sysutils/ganglia-webfrontent vulnerability
Security: CVE-2015-6816
|
17:14 feld
Add net/wireshark-qt5 as affected
Security: 9bdd8eb5-564a-11e5-9ad8-14dae9d210b8
|
17:10 feld
Document net/wireshark vulnerabilities
Security: CVE-2015-6241
Security: CVE-2015-6242
Security: CVE-2015-6243
Security: CVE-2015-6244
Security: CVE-2015-6245
Security: CVE-2015-6246
Security: CVE-2015-6247
Security: CVE-2015-6248
Security: CVE-2015-6249
|
16:34 feld
Document sysutils/screen vulnerability
Security: CVE-2015-6806
|
16:18 feld
Document net/libvncserver vulnerability
Old issue ignored in RH bugzilla; CVE recently requested
|
|
Friday, 4 Sep 2015
|
17:37 kwm
Document a number of integer overflows in gdk-pixbuf2.
|
|
Thursday, 3 Sep 2015
|
15:23 feld
Minimum range adjustment for bind vulnerability
Pointyhat: firmly seated on head
Submitted by: mat
Security: CVE-2015-5986
Security: 2c5e7e23-5248-11e5-9ad8-14dae9d210b8
|
15:15 feld
Correct version range mistakes in bind vulnerabilities
Submitted by: mat
Security: 2c5e7e23-5248-11e5-9ad8-14dae9d210b8
Security: eaf3b255-5245-11e5-9ad8-14dae9d210b8
|
14:34 feld
Document bind vulnerabilities
Security: CVE-2015-5986
Security: CVE-2015-5722
|
|
Wednesday, 2 Sep 2015
|
18:06 rene
Document new vulnerabilities in www/chromium < 45.0.2454.85
Submitted by: Carlos Jacobo Puga Medina
Obtained from: http://googlechromereleases.blogspot.nl/
|
16:37 feld
Document dns/powerdns vulnerability
PR: 202738
Security: CVE-2015-5230
|
00:30 junovitch
Revise Ghostscript entry date to match date of commit.
Approved by: delphij (mentor)
|
|
Tuesday, 1 Sep 2015
|
22:12 junovitch
Document denial of service (crash) via crafted Postscript files for Ghostscript
PR: 202781
Security: CVE-2015-3228
Security: fc1f6658-4f53-11e5-934b-002590263bf5
Approved by: feld (mentor)
|
13:42 jbeich
Document recent ffmpeg/libav vulnerabilities
|
|
Saturday, 29 Aug 2015
|
15:23 feld
Document graphics/graphviz vulnerability
No CVE assigned
|
|
Friday, 28 Aug 2015
|
12:34 jbeich
Document recent mozilla vulnerabilities
|
|
Wednesday, 26 Aug 2015
|
14:25 feld
graphics/libpgf was assigned a CVE
Security: 9a71953a-474a-11e5-adde-14dae9d210b8
Security: CVE-2015-6673
|
|
Tuesday, 25 Aug 2015
|
22:46 junovitch
Document multiple security advisories for go and go14
PR: 202633
Security: CVE-2015-5739
Security: CVE-2015-5740
Security: CVE-2015-5741
Security: 4464212e-4acd-11e5-934b-002590263bf5
Approved by: delphij (mentor)
|
09:57 jbeich
Fix MFSA quote link and add libtremor commits
|
07:10 jbeich
Document libtremor vulnerabilities in the ancient version we provide
|
|
Monday, 24 Aug 2015
|
16:10 feld
Document devel/pcre vulnerability
Security: 6900e6f1-4a79-11e5-9ad8-14dae9d210b8
|
|
Saturday, 22 Aug 2015
|
07:08 delphij
Document drupal multiple vulnerabilities.
|
|
Friday, 21 Aug 2015
|
22:06 bdrewery
Remove excess space
|
22:05 bdrewery
Document OpenSSH 7.0 PAM fixes.
It is unclear from the announcement what the minimum version affected
was.
|
22:01 bdrewery
Document OpenSSH 7.0 PermitRootLogin issue
|
14:23 feld
Document sysutils/tarsnap security announcement
|
|
Thursday, 20 Aug 2015
|
17:30 delphij
Document vlc arbitrary pointer dereference.
|
15:12 feld
graphics/jasper new CVE added to entry
Security: f1692469-45ce-11e5-adde-14dae9d210b8
Security: CVE-2015-5221
|
14:56 feld
Document vulnerability in graphics/libpgf
No CVE assigned yet
|
00:54 peter
Look up a reference to a commit in 2005 that had been previously lost.
|
00:41 peter
Update some legacy items that don't work or are using runtime remapping:
- cvsweb -> svnweb
- stray cgi query-pr -> xml pr references
- remove redundant formatting that references obsolete cgi scripts.
Should be cosmetic and reduce some http redirects.
|
|
Wednesday, 19 Aug 2015
|
22:06 junovitch
Extend recent QEMU related xen-tools CVEs to include the qemu-* ports
PR: 202402
Security: CVE-2015-5154
Security: CVE-2015-5165
Security: CVE-2015-5166
Security: da451130-365d-11e5-a4a5-002590263bf5
Security: f06f20dc-4347-11e5-93ad-002590263bf5
Security: ee99899d-4347-11e5-93ad-002590263bf5
Approved by: feld (mentor)
|
10:39 kwm
Document CVE-2015-4491 in gdk-pixbuf2.
|
|
Tuesday, 18 Aug 2015
|
18:44 feld
irc/unreal fix <name> to be capitalized
Security: 0ecc1f55-45d0-11e5-adde-14dae9d210b8
|
18:12 feld
Document django vulnerabilities
Security: CVE-2015-5963
Security: CVE-2015-5964
|
17:45 feld
Document irc/unreal denial of service
No CVE assigned yet
|
17:37 feld
Document graphics/jasper vulnerability
Security: CVE-2015-5203
|
17:27 feld
Document freexl multiple vulnerabilities. One is still awaiting CVE assignment.
Security: CVE-2015-2776
|
17:12 feld
rt was assigned a CVE
Security: 83b38a2c-413e-11e5-bfcf-6805ca0b3d42
Security: CVE-2015-6506
|
17:10 feld
ansible was assigned a CVE
Security: 72fccfdf-2061-11e5-a4a5-002590263bf5
Security: CVE-2015-6240
|
17:08 feld
gnutls was assigned a CVE
Security: ec6a2a1e-429d-11e5-9daa-14dae9d210b8
Security: CVE-2015-6251
|
|
Monday, 17 Aug 2015
|
16:25 feld
Document mod_jk vulnerability
Security: CVE-2014-8111
|
13:51 junovitch
Document two QEMU related xen-tools security advisories
PR: 201931
Security: CVE-2015-5166
Security: ee99899d-4347-11e5-93ad-002590263bf5
Security: CVE-2015-5165
Security: f06f20dc-4347-11e5-93ad-002590263bf5
Approved by: feld (mentor)
|
13:44 junovitch
Document PHP security issues impacting the lang/php5* ports (Core/SPL)
and 3 extensions (OpenSSL, Phar, SOAP)
PR: 202386
Security: 787ef75e-44da-11e5-93ad-002590263bf5
Approved by: feld (mentor)
|
|
Friday, 14 Aug 2015
|
17:09 junovitch
Document MediaWiki multiple security vulnerabilities
PR: 202328
Security: 6241b5df-42a1-11e5-93ad-002590263bf5
Approved by: feld (mentor)
|
16:38 jbeich
Sync libvpx check for CVE-2015-448[56] with r394231
|
Number of commits found: 6273 (showing only 100 on this page) |
As an Amazon Associate I earn from qualifying purchases.