| non port: security/vuxml/vuln.xml |
Number of commits found: 6273 (showing only 100 on this page) |
|
Monday, 6 Jul 2015
|
12:54 feld 
Add iojs as affected package
Security: 864e6f75-2372-11e5-86ff-14dae9d210b8
  |
03:39 feld
Correct bitcoin range for CVE-2015-3641
|
03:30 feld
Document ansible vulnerabilities
PR: 201359
|
03:21 feld
Document bitcoin CVE-2015-3641
|
00:23 feld
add node-devel as affected package
confirmed source code of node 0.11.16 is also vulnerable
|
00:09 feld
add www/node denial of service vulnerability
no known CVE has been assigned
|
|
Friday, 3 Jul 2015
|
19:17 feld
cups-filters CVE-2015-3279
|
14:43 tijl
Fix range for linux-c6-openssl
|
|
Wednesday, 1 Jul 2015
|
13:56 kwm
Record libxml2 vulnability
Security: CVE-2015-1819
|
13:22 feld
Correct version range for netpbm CVE-2015-3885
|
00:09 delphij
Document games/wesnoth authentication information disclosure vulnerability.
PR: 201105
Submitted by: Jason Unovitch
|
|
Tuesday, 30 Jun 2015
|
23:56 amdmi3
- Document CVE-2015-3258 (cups-filters buffer overflow vulnerability)
PR: 201134
Submitted by: cyberbotx@cyberbotx.com
Differential Revision:
|
20:56 delphij
Document ntp remote control message DoS vulnerability.
|
|
Friday, 26 Jun 2015
|
19:13 nox
Document qemu pcnet guest to host escape vulnerability - CVE-2015-3209
PR: 201064
Submitted by: koobs
Security: https://vuxml.FreeBSD.org/freebsd/acd5d037-1c33-11e5-be9c-6805ca1d3bb1.html
|
04:35 delphij
Document CVE-2014-3120, CVE-2014-6439, CVE-2015-1427, CVE-2015-3337,
and CVE-2015-4165 (various Elasticsearch vulnerabilities).
PR: ports/201008
Submitted by: Jason Unovitch
|
|
Wednesday, 24 Jun 2015
|
20:35 delphij
Split CVE-2015-4152 to its own entry as the affected port is logstash only.
While there also document CVE-2014-4326 (already fixed) for logstash.
PR: ports/201001
Submitted by: Jason Unovitch
|
20:17 delphij
Add entry for logstash-forwarder/logstash.
PR: ports/201065
Submitted by: Jason Unovitch
|
18:54 jbeich
Aggressively mark more consumers of bundled dcraw as vulnerable
ljpeg_start() originates from dcraw, no need to list every package with
copy of it at the expense of readability.
|
09:01 xmj
Document linux-*-flashplugin11 CVE.
Reported by: kwm
Reviewed by: kwm
Security: d02f6b01-1a3f-11e5-8bd6-c485083ca99c
Security: CVE-2015-3113
Sponsored by: Perceivon Hosting Inc.
|
|
Tuesday, 23 Jun 2015
|
00:15 delphij
Fix entry date.
|
00:13 delphij
Document rubygem-bson DoS and possible injection vulnerability.
PR: 201061
Submitted by: Jason Unovitch
|
|
Monday, 22 Jun 2015
|
23:39 delphij
Document 3 vulnerabilities with PHP that affected 4 extensions.
PR: 200926
Submitted by: Jason Unovitch
|
23:22 delphij
Reflect version range change after r390340. While I'm there, also fix
the CVE-2015-4556 entry because it's not yet fixed in the ports tree and
add a reference to the PR while there.
PR: 200980
Submitted by: Vitaly Magerya (with changes suggested by Jason Unovitch)
|
22:28 olgeni
Document vulnerabilities in devel/ipython < 3.2.0.
|
19:23 rene
Document new vulnerabilities in www/chromium < 43.0.2357.130
Obtained
from: http://googlechromereleases.blogspot.nl/2015/06/chrome-stable-update.html
|
07:13 delphij
Document rubygem-paperclip validation bypass vulnerabilitiy.
PR: 200979
Submitted by: Jason Unovitch
|
07:02 delphij
Document lang/chicken vulnerabilities CVE-2014-9651 and CVE-2015-4556.
PR: 200980
Submitted by: Jason Unovitch
|
06:44 delphij
Document cacti multiple vulnerabilities (affects < 0.8.8c) and
multiple XSS/SQL injection vulnerabilities (affects < 0.8.8d).
PR: 200963
Submitted by: Jason Unovitch
|
|
Saturday, 20 Jun 2015
|
12:11 kuriyama
Add p5-Dancer vuln.
|
|
Friday, 19 Jun 2015
|
00:13 delphij
Document Drupal multiple vulnerabilities.
|
|
Wednesday, 17 Jun 2015
|
21:40 delphij
Document two vulnerabilities of cURL.
|
17:24 sunpoet
- Document Ruby on Rails multiple vulnerabilities
|
17:18 delphij
Modify a5f160fa-deee-11e4-99f8-080027ef73ec so it covers ja-mailman too.
Submitted by: Yasuhito FUTATSUKI
|
00:24 delphij
Document testdisk multiple vulnerabilities.
PR: ports/200250
Submitted by: Jason Unovitch
|
|
Tuesday, 16 Jun 2015
|
00:44 delphij
Document Tomcat multiple vulnerabilities.
|
|
Friday, 12 Jun 2015
|
14:10 brd
Add ossec-hids-* vulnerabilities.
PR: 200801
Submitted by: Jason Unovitch <jason.unovitch@gmail.com>
Approved by: swills (mentor)
|
02:12 zi
- Add vulnerability information for additional ports affected by openssl CVEs in
8305e215-1080-11e5-8ba2-000c2980a9f3
|
|
Thursday, 11 Jun 2015
|
21:35 zi
- Document recent vulnerabilities in security/openssl
|
15:53 xmj
Document 13 Flash vulnerabilities.
Affected: www/linux-*-flashplugin11.
|
|
Wednesday, 10 Jun 2015
|
18:09 delphij
Document libzmq4 V3 protocol handler protocol downgrade vulnerability.
PR: 200502
Submitted by: Jason Unovitch
|
17:34 delphij
Document pgbouncer remote denial of service vulnerability.
PR: 200537
Submitted by: Jason Unovitch
|
|
Tuesday, 9 Jun 2015
|
23:17 delphij
Document cups multiple vulnerabilities.
|
08:23 delphij
Document two strongswan vulnerabilities.
PR: 200721
Submitted by: Jason Unovitch (with changes: wrapped long line and changed
CVE-2015-3991's coverage to cover only < 5.3.1 to reflect
the reality).
|
|
Monday, 8 Jun 2015
|
22:33 delphij
Document redis EVAL Lua sandbox escape vulnerability.
|
17:30 thierry
Add an entry for www/tidy-* heap-buffer-overflow.
PR: ports/200631
Submitted by: Walter Hop
|
|
Sunday, 7 Jun 2015
|
21:07 delphij
Fix typo and remove PHP from pcre vulnerabilities, as the bundled pcre
is not used.
|
20:53 delphij
Document fixed version of pcre in e69af246-0ae2-11e5-90e4-d050996490d0.
|
|
Saturday, 6 Jun 2015
|
18:21 sunpoet
- Update VuXML
PR: 200196
Submitted by: Jason Unovitch <jason.unovitch@gmail.com>
|
|
Friday, 5 Jun 2015
|
23:54 zi
- Re-add PHP removed in previous commit
- Update pcre to use lt instead of gt
|
15:42 zi
- Make version matching on the pcre vuln a little more sane
- Remove PHP as the vulnerability appears to be in devel/pcre, not php
|
|
Thursday, 4 Jun 2015
|
18:18 delphij
Document two recent pcre vulnerabilities that can be triggered by
specifically crafted *patterns* and would lead to stack or heap
overflow.
|
00:35 osa
Update information for graphics/libraw.
PR: 200194
|
|
Tuesday, 2 Jun 2015
|
09:44 marino
security/vuxml: multiple vulnerabilities of wpa_supplicant and hostapd
Security: CVE-2015-4141
Security: CVE-2015-4142
Security: CVE-2015-4143
Security: CVE-2015-4144
Security: CVE-2015-4145
Security: CVE-2015-4146
PR: 200568
|
02:50 jbeich
Document recent ffmpeg0 vulnerabilities
|
|
Monday, 1 Jun 2015
|
19:37 riggs
Add entry for vulnerable versions of avidemux2 and avidemux26
PR: 200507
Submitted by: venture37@geeklan.co.uk
|
18:44 mmoll
security/vuxml: add www/rubygem-rest-client vulnerabilities
PR: 200504
Differential Revision: https://reviews.freebsd.org/D2699
Submitted by: Sevan Janiyan <venture37@geeklan.co.uk>
Approved by: ports-secteam (delphij, eadler)
Security: CVE-2015-1820
Security: CVE-2015-3448
|
07:24 delphij
- Add kodi to 57325ecf-facc-11e4-968f-b888e347c638 [1]
- Update entry dates for newly added entry.
PR: 200200 [1]
Submitted by: Jason Unovitch [1]
|
05:59 delphij
Reflect CVE-2015-2060 and CVE-2014-9556.
PR: ports/198955
Submitted by: Jason Unovitch
|
|
Sunday, 31 May 2015
|
16:07 lwhsu
- Document django vulnerability CVE-2015-3982
|
08:08 delphij
Extend 57325ecf-facc-11e4-968f-b888e347c638 to cover rawstudio as well.
PR: 200199
Submitted by: Jason Unovitch
|
|
Friday, 29 May 2015
|
22:20 delphij
Document the issue with proxychains-ng which uses current directory when
searching for its own shared library (CVE-2015-3887).
PR: 200511
Submitted by: Jason Unovitch
|
|
Thursday, 28 May 2015
|
19:47 delphij
Document wireshark multiple vulnerabilities.
|
17:46 delphij
Document krb5 requires_preauth bypass in PKINIT-enabled KDC.
|
|
Tuesday, 26 May 2015
|
22:15 delphij
Retrofit document cURL multiple vulnerabilities.
|
|
Sunday, 24 May 2015
|
07:29 delphij
Document cassandra remote code execution vulnerability.
PR: 199091
Submitted by: Jason Unovitch <jason unovitch gmail com>
|
07:23 delphij
Fix version range for previous commit.
|
07:19 delphij
Extend CVE-2015-3456 to cover xen-tools (4.5.0-4.5.0_5: we didn't supported
the feature in earlier version of this port) and VirtualBox cases as well.
PR: 200311
|
03:43 xmj
document possible vulnerabilities in sysutils/py-salt
PR: 200172
Submitted by: Sevan Janiyan <venture37@geeklan.co.uk>
|
|
Saturday, 23 May 2015
|
18:25 pi
Add entry for mail/davmail.
PR: 198297
Submitted by: Jason Unovitch <jason.unovitch@gmail.com>
Approved by: <john.c.prather@gmail.com> (maintainer (timeout))
|
08:38 mandree
Document dnsmasq and -devel vulnerabilities (CVE-2015-3294 and one other in rc).
|
|
Friday, 22 May 2015
|
22:49 delphij
Document PCRE and PHP multiple vulnerabilities.
|
22:15 delphij
Correct PR number.
Submitted by: jason.unovitch gmail.com
|
19:06 girgen
Record some minor PostgreSQL sercurity problems.
"This update fixes three security vulnerabilities reported in PostgreSQL over
the past few months. Nether of these issues is seen as particularly urgent.
However, users should examine them in case their installations are vulnerable."
URL: http://www.postgresql.org/about/news/1587/
|
|
Wednesday, 20 May 2015
|
19:21 delphij
Document CVE-2015-3306 proftpd mod_copy unauthenticated copying of files
vulnerability.
|
|
Tuesday, 19 May 2015
|
19:27 brd
Document vulnerability in security/ipsec-tools.
PR: 200334
Approved by: bdrewery (mentor)
|
17:48 rene
Document new vulnerabilities in www/chromium < 43.0.2357.65
Obtained
from: http://googlechromereleases.blogspot.nl/2015/05/stable-channel-update_19.html
|
07:54 delphij
Document ClamAV multiple vulnerabilities.
|
|
Sunday, 17 May 2015
|
15:48 mmoll
security/vuxml: Add CVE-2015-3900 entry for devel/ruby-gems
PR: 200264
Differential Revision: https://reviews.freebsd.org/D2572
Approved by: mat (mentor)
Security: CVE-2015-3900
|
10:06 nox
Document qemu "VENOM" vulnerability - CVE-2015-3456
PR: 200255
PR: 200256
PR: 200257
Submitted by: venture37@geeklan.co.uk
Security: http://vuxml.FreeBSD.org/freebsd/2780e442-fc59-11e4-b18b-6805ca1d3bb1.html
|
|
Saturday, 16 May 2015
|
10:00 makc
Document Quassel IRC vulnerability CVE-2015-3427
|
|
Friday, 15 May 2015
|
22:31 truckman
Correct entry for apache-openoffice-* / libreoffice CVE-2015-1774 so
that apache-openoffice-4.1.1_9 is not incorrectly flagged as vulnerable.
Approved by: mat (mentor, implicit)
|
12:02 mmoll
security/vuxml: document vulnerability in rubygem-redcarpet <3.2.3
PR: 200195
Differential Revision: https://reviews.freebsd.org/D2548
Submitted by: Sevan Janiyan <venture37@geeklan.co.uk>
Approved by: mat (mentor)
|
07:12 rodrigo
security/vuxml: Add CVE-2015-3885 entry for graphics/ufraw
PR: 200197
|
|
Wednesday, 13 May 2015
|
18:51 matthew
Record two new phpMyAdmin security vulnerabilities
|
14:39 xmj
Document multiple vulnerabilities in www/linux-*-flashplugin11.
Security: CVE-2015-3044
Security: CVE-2015-3077
Security: CVE-2015-3078
Security: CVE-2015-3079
Security: CVE-2015-3080
Security: CVE-2015-3081
Security: CVE-2015-3082
Security: CVE-2015-3083
Security: CVE-2015-3084
Security: CVE-2015-3085
Security: CVE-2015-3086
Security: CVE-2015-3087
Security: CVE-2015-3088
Security: CVE-2015-3089
Security: CVE-2015-3090
Security: CVE-2015-3091
Security: CVE-2015-3092
Security: CVE-2015-3093
|
|
Tuesday, 12 May 2015
|
18:24 jbeich
VuXML: document recent mozilla vulnerabilities
|
10:48 koobs
security/vuxml: Add CVE-2015-0971 entry for security/suricata
|
|
Monday, 11 May 2015
|
18:12 delphij
Revert r385940,r385932,r385864:
The usage of * is actually valid, as pointed out at the FreeBSD porter's
handbook:
https://www.freebsd.org/doc/en/books/porters-handbook/security-notify.html
Which denotes "the smallest version number" (in other words, * < 0).
Requested by: many
Pointy hat to: delphij
|
|
Sunday, 10 May 2015
|
20:24 rakuco
Add entry for CVE-2015-3146 in security/libssh.
|
12:12 ohauer
- fix a second postfix entry
PR: 200089 (followup)
|
08:28 delphij
Correct version range.
PR: 200089
|
|
Saturday, 9 May 2015
|
08:20 delphij
* is not valid for version number, replace all instances with 0 and bump
modification date.
Submitted by: Chris Nehren <cnehren tenable com> (version number part)
|
|
Friday, 8 May 2015
|
18:42 jbeich
VuXML: update sqlite3 entry with verbose descriptions. CVE-2015-341[4-6]
PR: 199483
|
|
Thursday, 7 May 2015
|
23:56 truckman
Document HWP filter vulnerability in editors/libreoffice < 4.3.7 and
editors/openoffice < 4.1.2, CVE-2015-1774.
Approved by: mat (mentor)
Differential Revision: https://reviews.freebsd.org/D2475
|
09:21 kwm
Document current and previous wordpress vulnabilities.
|
|
Saturday, 2 May 2015
|
00:59 delphij
Fix version range of two ancient items.
Submitted by: Chris Nehren <cnehren tenable com>
|
|
Friday, 1 May 2015
|
15:05 brd
Add entry for powerdns and powerdns-recursor.
Approved by: bdrewery (mentor)
|
|
Tuesday, 28 Apr 2015
|
20:28 rene
Document new vulnerabities in www/chromium < 42.0.2311.135
Obtained
from: http://googlechromereleases.blogspot.nl/2015/04/stable-channel-update_28.html
|
|
Monday, 27 Apr 2015
|
10:53 rene
Document new vulnerabilities in www/chromium < 42.0.2311.90
Obtained
from: http://googlechromereleases.blogspot.nl/2015/04/stable-channel-update_14.html
|
|
Sunday, 26 Apr 2015
|
16:32 marino
security/vuxml: Add entry for security/wpa_supplicant
Security: CVE-2015-1863
PR: 199678
|
Number of commits found: 6273 (showing only 100 on this page) |
As an Amazon Associate I earn from qualifying purchases.