20:39 nectar 

make tidy

20:38 nectar 

Add CVE name for racoon DoS vulnerability.

17:56 nectar 

Correct modified date in previous commit:  format is YYYY-MM-DD and
timezone is UTC.

17:31 fjoe 

Midnight Commander vulnerability CAN-2003-1023 was fixed in version 4.6.0_9.

17:13 nectar 

make tidy

16:27 nectar 

Add new affected version of gaim.
Add year 2004 FreeBSD security advisories.

13:06 nectar 

Add two racoon issues, one particularly serious.

17:05 nectar 

Add CVE name for oftpd issue.

23:19 nectar 

Add Midnight Commander buffer overflow.

23:31 nectar 

Add VuXML 1.1 DTD
Update document type declaration to VuXML 1.1

23:27 nectar 

make tidy

23:24 nectar 

Add Heimdal cross-realm validation issue.

20:33 nectar 

Add security issue affecting the Courier mail services.

19:42 nectar 

Add isakmpd denial-of-service vulnerability.

19:03 nectar 

Add apache 2 DoS vulnerability that doesn't affect us.  I keep coming
across the CVE name (CAN-2004-0174) and re-researching it.

16:52 nectar 

Add mplayer and tcpdump issues.

Submitted by:   Frankye Fattarelli <frankye@ipv5.net>
Reported by:    Many

16:28 nectar 

Correct a mispelled CVE name.

06:18 nectar 

make tidy

06:14 nectar 

Fix dates for SA-04:06.ipv6 and phpbb issues (typos).
Add Bugtraq ID and other references for many entries.
Delete duplicate copula.

Submitted by:   Frankye Fattarelli <frankye@ipv5.net>

17:25 nectar 

Add zebra/quagga denial of service vulnerability.

Submitted by:   sumikawa

15:26 nectar 

Correct advisory name for old bind issue.

15:26 nectar 

Add old ecartis issue.
Add FreeBSD-SA-04:06.ipv6.
Correct advisory name for old pine issue.

20:13 nectar 

Add Emil issue.

19:59 nectar 

Fix a botched version number (the package name was erroneously included).
Add another phpbb vulnerability. [1]
Add oftpd denial-of-services. [2]

Submitted by:   Frankye Fattarelli <frankye@ipv5.net> [1]
Reported by:    Shane Kerr <shane@time-travellers.org> (oftpd author) [2]

17:40 nectar 

Add ethereal vulnerabilities.

PR:     ports/64777

17:26 nectar 

Oops, empty <topic> tag.  Fill in for squid ACL bypass issue.

15:29 nectar 

Add squid ACL bypass.
Add xine temporary file handling issue. [1]

Submitted by:   Frankye Fattarelli <frankye@ipv5.net> [1]

08:58 eik 

Add ezbounce (old) and phpBB (new)

18:13 nectar 

Add xdeview to existing UUDecode issue
Add racoon SA deletion issue.

19:48 nectar 

Add uulib, uudeview issue.

14:19 nectar 

Add OpenSSL denial-of-service vulnerability.

00:49 eik 

ModSecurity < 1.7.5

13:24 nectar 

Remove linux-XFree86-libs.

Reminded by:    eik

03:01 eik 

add russian/apache13*

18:38 eik 

- restore the healthy mix of marc and securityfocus
- unicodeify Ulf again

Requested by:   nectar

17:56 eik 

remove vid 3ca8dd7a-6fb3-11d8-873f-0020ed76ef5a, since the unsafe call
to sprintf is made in preparation for outputting a debug message using
OutputDebugString, which is a function from a different operating system.

While I'm here, transform U+C3A4 into ä (or 쎤), since CVS is
bad in handling binary data.

17:22 eik 

add a modified tag to vid 09d418db-70fd-11d8-873f-0020ed76ef5a

17:19 eik 

The apache ports have fixes from CVS

16:34 eik 

canonicalize list urls (mostly bugtraq)

13:07 eik 

correct typo
correct entry/modification date

12:41 nectar 

Delete duplicated mod_python entry, merging additional information into
previous entry.

11:42 eik 

le -> lt

11:37 eik 

add mod_python

13:53 nectar 

The previous commit was in error.  Re-add wu-ftpd+ipv6.

The actual port which was corrected due to IPv6 modifications is
apache+ipv6: remove it.

Reported by:    ache
Doofus:         nectar

13:44 nectar 

Remove wu-ftpd+ipv6.  Due to IPv6 modifications, the bug had been
already corrected.

Submitted by:   sumikawa

13:30 nectar 

Add wu-ftpd `restricted-[ug]id' issue.

12:56 nectar 

Add recent Apache 1.3 and 2.0 issues.

12:14 nectar 

Add mpg123.

21:54 nectar 

Add Adobe Acrobat Reader and GNU Anubis issues.

19:06 nectar 

chronological sort

19:04 nectar 

Add linux-XFree86-libs

00:49 nectar 

Expand tabs.
Add xboing issue.

13:58 nectar 

Christian Weisgerber <naddy@FreeBSD.org> fixed the metamail fix.
Add mod_python DoS issue.

16:24 nectar 

Add entries for: hsftp, DarwinStreamingServer, libxml2, lbreakout2,
phpnuke, mailman, and fetchmail.

16:15 nectar 

Note vulnerabilities in phpmyadmin, pwlib, openh323, asterisk.

16:21 nectar 

Add a <modified> tag to the XFree86 issue, and move it up to
it's chronological spot within the file.

16:15 nectar 

I forgot the topic for the metamail issue.

02:11 eik 

XFree86-Server-4.3.0_14 is the fixed version

21:47 nectar 

Note metamail vulnerabilities.

18:11 nectar 

Correct version for previous entry (mnoGoSearch >= 3.2).

17:50 nectar 

Normalize dates: YYYY-MM-DD, not YYYY/MM/DD.

17:45 nectar 

Note buffer overflow in mnoGoSearch.

21:07 nectar 

Note insecure temporary file/directory handling in libtool.

Reported by:    eik

19:20 nectar 

Update with information garnered from FORBIDDEN tags used in ports
in the accessibility, arabic, archives, astro, audio, benchmarks,
biology, cad, and chinese categories.

16:13 nectar 

Note rsync buffer overflow from December.

15:54 nectar 

Remove `vulnerability-test-port'--- it wasn't supposed to get committed
:-)

15:49 nectar 

Forgot PORTEPOCH for samba 3.x.  While I'm at it, note that our port is
patched.

15:46 nectar 

Note gaim's bumper crop of vulnerabilities.

15:19 nectar 

Note Samba 3.0.x password initialization bug

15:09 nectar 

Note clamav remote denial-of-service.

15:01 nectar 

Note XFree86 server buffer overflows.

14:43 nectar 

Add missing `<p>'s in Apache-SSL entry.

14:23 nectar 

Add VuXML DTDs and the VuXML document for FreeBSD.