22:12 miwi 

- Document opera -- multiple vulnerabilities

02:32 mnag 

gnutls -- "gnutls_handshake()" Denial of Service

23:37 delphij 

Use joomla15 as name for the vulnerability

23:33 delphij 

Document joomla flaw in the reset token validation

21:40 thierry 

Register a Buffer Overflow Vulnerability in CDF 3.2.

22:57 miwi 

- Clean up whitespace a bit
- Wrap long lines where appropriate
- Fix previous commit

22:38 miwi 

- Fix drupal5 version

22:29 miwi 

- Document drupal - multiple vulnerabilities

07:05 stas 

- Document recent ruby vulnerabilities.

19:34 miwi 

- fix make validate

Pointy hat to:  skv

19:31 miwi 

- Fix previous commit.

16:26 skv 

Document bugzilla directory traversal vulnerability.

21:30 miwi 

- Document openvpn-devel -- arbitrary code execution

PR:             126352 (based on)
Submitted by:   Matthias Andree <matthias.andree@gmx.de>

09:58 miwi 

- Fix kdewebdev conflict with upcommig kdewebdev4

Reviewed by:    simon

12:29 skv 

Fix vuxml-entries for 'devel/bugzilla*'.

16:34 miwi 

- Fix portversion

16:18 miwi 

- Document phpmyadmin -- cross site request forgery vulnerabilites

22:31 miwi 

- Document drupal - multiple vulnerabilities

20:47 remko 

Add the latest security advisory to vuxml.

Hat:    secteam

16:44 naddy 

Document poppler -- uninitialized pointer.

14:37 tabthorpe 

- Document py-pylons -- Path traversal bug

13:30 tabthorpe 

- Document FreeType 2 -- Multiple Vulnerabilities

PR:             ports/124917
Submitted by:   Nick Barkas <snb threerings.net>

16:31 barner 

Document revised patch for CVE-2008-2711.

23:39 miwi 

- Document phpmyadmin - Cross Site Scripting Vulnerability

PR:             124900

22:35 delphij 

Update squid SNMP DoS vulnerability to cover squid 3.0STABLE6 as well.

Submitted by:   Thomas-Martin Seck <tmseck web de>

15:10 tabthorpe 

- Document apache -- multiple vulnerabilities

Reviewed by:    delphij

21:08 stas 

- Add missing <code></code> block around safe_mode.

Pointy hat to:  me

18:21 stas 

- Add a note to php-posix entry, that
  safe_mode is considred to be insecure
  by FreeBSD Security Team.
- Add <code> blocks around function
  names.

Suggested by:   simon

09:17 stas 

- Document php5-posix directory traversal vulnerability.

14:46 mezz 

Fix the Firefox 3 part, it has no multiple vulnerabilities.

Reviewed by:    remko

14:01 tabthorpe 

- Document vim -- Vim Shell Command Injection Vulnerabilities

Reviewed by:    remko, miwi

11:24 stas 

- Document recent ruby vulnerabilities.

10:58 miwi 

- Clean up whitespace a bit
- Wrap long lines where appropriate

Reviewed by:    remko

07:48 barner 

Document potiential crash in fetchmail < 6.3.8_6 (in -v -v verbose mode).

21:05 simon 

Unbreak VuXML.org build: Use correct syntax for CVE name in latest
moinmoin entry.

12:26 flz 

Document xorg -- multiple vulnerabilities.

05:30 tabthorpe 

- Document moinmoin -- superuser privilege escalation

Notified by:    Janos Mohacsi

04:10 oliver 

add an error about courier-authlib < 0.60.6

16:33 hrs 

Fix 2747fc39-915b-11dc-9239-001c2514716c.  zh-xpdf, ja-xpdf, and
ko-xpdf have nothing to do with "multiple remote Stream.CC
vulnerabilities" because they are packages which just install
additional data files.

21:04 brix 

Add entry for www/ikiwiki.

Approved by:    erwin (mentor, implicit)

10:17 brix 

Avoid confusion about backported www/ikiwiki security fix by not
mentioning version 2.48 in the entry.

Approved by:    erwin (mentor, implicit)

09:54 brix 

Add www/ikiwiki entry.

Approved by:    erwin (mentor, implicit)

12:53 tabthorpe 

- Fix range on previous commit

Noticed by:     miwi

11:59 tabthorpe 

- Document linux-flashplugin -- unspecified remote code execution
  vulnerability

22:26 wxs 

Document XSS vulnerabilities in nagios and nagios-devel.

PR:             ports/123893 ports/123894
Submitted by:   Jarrod Sayers <jarrod@netleader.com.au> (maintainer)
Reviewed by:    miwi
Approved by:    garga (mentor, implicit)

23:50 wxs 

Document spamdyke open relay vulnerability.

PR:             ports/124013
Reviewed by:    miwi
Approved by:    garga (mentor), miwi

07:40 jadawin 

- Add net-p2p/peercast entry.

Reviewed by:    miwi
Approved by:    mentor (implicit)

20:30 naddy 

Document libvorbis security issues.

08:51 delphij 

Document django XSS vulnerability.

19:35 naddy 

Document vorbis-tools Speex header processing vulnerability.

20:36 nox 

Document qemu -- "drive_init()" Disk Format Security Bypass

08:22 miwi 

- Sort previous commit

07:27 brix 

Add graphics/swfdec entry.

Approved by:    erwin (mentor)

09:06 sat 

- Thunderbird 2.0.0.14 is safe

20:22 miwi 

- Document mt-daapd -- Integer overflow

PR:             123285 (based on)
Submitted by:   Mark D. Foster <mark@foster.cc>

19:56 miwi 

- Document sdl_image - Buffer Overflow Vulnerabilities

09:11 miwi 

- Mark PHP5 as safe

12:12 miwi 

- Mark graphics/png as safe.

22:55 miwi 

- Fix last gnupg entry.

PR:             123178 [1]
Submitted by:   Nick Barkas (via privat mail)
                bf <bf2006a@yahoo.com> [1]

21:04 sat 

- Clean up whitespace a bit
- Wrap long lines where appropriate
- Add a vim-friendly modeline

17:14 sat 

- A new Firefox vulnerability currently affects 10 of our ports, on
  average. A new VuXML entry usually forgets about 8 of them.

Wiki:           http://wiki.freebsd.org/VuXML

07:34 miwi 

- Update last python entry python23 and python24 also affected

PR:             123153
Submitted by:   Nick Barkas <snb@threerings.net>

23:53 miwi 

- Mark gnupg and gnupg1 as secure

22:43 miwi 

- Document gnupg -- memory corruption vulnerability

19:03 delphij 

Document extman password bypass vulnerability.

13:10 miwi 

- Document mailman -- script insertion vulnerability.

Submitted by:   tabthorpe (one a month ago)
Discussed/Reviewed by:  tabthorpe

12:34 miwi 

- now really fix the CVE entry

12:29 miwi 

- Fix CVE entry from the previous commit

12:20 miwi 

- Document mksh -- TTY Attachment Privilege Escalation.

12:05 miwi 

- Document serendipity -- multiple cross site scripting vulnerabilities.

10:55 miwi 

- Document firefox -- javascript harbage collector vulnerability.

10:20 miwi 

- Add missing - in the previous entry

10:12 miwi 

- Remove whitespaces
- Fix spelling

10:06 miwi 

- Document png - unknown chunk processing uninitialized memory access

09:48 miwi 

- Document openfire - unspecified denial of service

PR:             122872 (based on)

09:27 miwi 

- Document php -- Integer Overflow Vulnerability

PR:             based on 122872

08:10 miwi 

- Document python -- Integer Signedness Error in zlib Module

23:12 miwi 

Document postgresql -- multiple vulnerabilities

PR:             120133 (basic on)
Submitted by:   Nick Barkas <snb@threerings.net>

21:52 miwi 

- Document phpMyAdmin - Shared Host Information Disclosure.

21:29 miwi 

- Document phpMyAdmin - Username/Password Session File Information Disclosure.

14:11 tabthorpe 

- Document libxine -- array index vulnerability

Reviewed by:    remko, miwi

15:28 garga 

Add an entry about clamav < 0.93 vulnerabilities

Reviewed by:    mnag

03:52 mnag 

lighttpd -- OpenSSL Error Queue Denial of Service Vulnerability

22:15 brix 

Add www/ikiwiki entry.

Approved by:    pav (co-mentor)

06:22 sat 

- Enrich Firefox 2.0.0.13 entry

11:47 rafan 

- Use <mlist> as the references are mailing posts
- Correct discovery date

Noticed by:     simon

08:50 rafan 

- Add entry for mail/postfix-policyd-weight

PR:             ports/122194
Reviewed by:    ports-security (miwi)

15:19 rafan 

- Add entries for www/suphp and dns/powerdns-recursor

Reviewed by:    ports-security (remko, simon)

06:42 rafan 

- Add entry for www/opera 9.26

PR:             ports/122400
Reviewed by:    remko, delphij

09:18 delphij 

Document mozilla multiple vulnerabilities.

Reviewed by:    miwi, remko (via IRC)

18:23 wxs 

Document buffer overflow in silc-client and silc-server.

Reviewed by:    remko
Approved by:    garga (mentor)

23:43 delphij 

Document bzip2 crash with certain malformed archive files

23:50 miwi 

- Ups remove duplicate url

23:25 miwi 

- Fix previos commit
   * sort
   * more reference

23:09 nox 

Document qemu -- unchecked block read/write vulnerability

Reviewed by:    stas

10:41 miwi 

- Fix previous commit
  * sort
  * more reference

02:09 beech 

- Add entry for dovecot

23:17 miwi 

- Fix 2 typos form the previous commit

Submitted by:   simon/gahr

23:02 miwi 

- Document mplayer - multiple vulnerabilities

07:13 rafan 

- Entry for ghostscrip-gpl 8.61

Reviewed by:    ports-security@ (simon, remko)