| non port: security/vuxml/vuln.xml |
Number of commits found: 6273 (showing only 100 on this page) |
|
Tuesday, 12 Nov 2019
|
08:16 joneum 
fix typo
Sponsored by: Netzkommune GmbH
  |
07:42 joneum
Add entry for wordpress
Sponsored by: Netzkommune GmbH
|
|
Thursday, 7 Nov 2019
|
12:09 dmgk
security/vuxml: Document nexus2-oss vulnerabilities
PR: 241308
Approved by: tz (mentor, implicit)
|
11:55 danfe
Adjust affected GNU patch package version after r516964.
|
|
Wednesday, 6 Nov 2019
|
21:48 tz
security/vuxml: Document PHP RCE issues
|
|
Sunday, 3 Nov 2019
|
03:11 wen
- Document mediawiki's multiple vulnerabilities
|
|
Saturday, 2 Nov 2019
|
14:33 brnrd
security/vuxml: Document MySQL quarterly vulns
|
12:26 rakuco
Adjust entry 381deebb-f5c9-11e9-9c4f-74d435e60b7c for sysutils/file.
Upstream version 5.37 is vulnerable, but the update to 5.37 in the ports tree
was landed with a fix for the CVE entry.
PR: 241424
|
12:19 rakuco
Add entry for heap buffer overflow in sysutils/file.
PR: 241424
Submitted by: Nathan Owens <ndowens04@gmail.com>
Approved by: jharris@widomaker.com (maintainer)
|
|
Thursday, 31 Oct 2019
|
20:43 kwm
Document webkit-gtk3 vulnerabilities.
|
12:03 dmgk
Document www/gitea information disclosure vulnerability
PR: 241599
Submitted by: stb@lassitu.de (maintainer)
Approved by: tz (mentor, implicit)
|
09:14 gjb
Fix build.
Sponsored by: Rubicon Communications, LLC (Netgate)
|
02:02 timur
Add entry about Samba vulnerabilities
o CVE-2019-10218:
Malicious servers can cause Samba client code to return filenames containing
path separators to calling code.
o CVE-2019-14833:
When the password contains multi-byte (non-ASCII) characters, the check
password script does not receive the full password string.
o CVE-2019-14847:
Users with the "get changes" extended access right can crash the AD DC LDAP
server by requesting an attribute using the range= syntax.
Security: CVE-2019-10218
CVE-2019-14833
CVE-2019-14847
Sponsored by: my wife
|
|
Wednesday, 30 Oct 2019
|
18:47 mfechner
Document gitlab vulnerabilities.
|
|
Thursday, 24 Oct 2019
|
17:08 feld
Add missing FreeBSD SAs
Security: FreeBSD-SA-19:24.mqueuefs
Security: FreeBSD-SA-19:23.midi
Security: FreeBSD-SA-19:22.mbuf
Security: FreeBSD-SA-19:21.bhyve
Security: FreeBSD-SA-19:20.bsnmp
Security: FreeBSD-SA-19:19.mldv2
Security: FreeBSD-SA-19:18.bzip2
|
16:45 feld
Document Varnish VSV00004 Workspace information leak
|
10:38 rodrigo
Document potential bypass of Runas user restrictions in sudo
PR: 241244
Submitted by: Yasuhiro KIMURA <yasu@utahime.org>
|
|
Wednesday, 23 Oct 2019
|
17:46 sunpoet
Document rubygem-loofah vulnerability
|
|
Saturday, 19 Oct 2019
|
09:52 wen
- Document python37 multiple vulnerabilities.
|
|
Tuesday, 15 Oct 2019
|
14:43 kai
security/vuxml: Document graphics/py-pillow issue
PR: 241268
Security: CVE-2019-16865
|
|
Friday, 11 Oct 2019
|
17:36 pi
security/vuxml: mongodb vulnerabilities
- CVE-2019-2386, CVE-2019-2389, CVE-2019-2390
PR: 239717
Submitted by: Ronald Klop <ronald-lists@klop.ws>
|
|
Wednesday, 9 Oct 2019
|
12:31 egypcio
security/vuxml: add CVE-2011-2767 [www/mod_perl2]
https://nvd.nist.gov/vuln/detail/CVE-2011-2767
|
|
Sunday, 6 Oct 2019
|
05:52 cy
Take PORTEPOCH into account.
PR: 241066
Reported by: tobik
|
01:48 cy
Document two new Xpdf vulnerabilities: CVE-2019-16927 and CVE-2019-9877.
PR: 241066
Security: https://nvd.nist.gov/vuln/detail/CVE-2019-16927
Security: https://nvd.nist.gov/vuln/detail/CVE-2019-9877
Security: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9877
Security: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16927
|
|
Thursday, 3 Oct 2019
|
19:28 sunpoet
Document unbound vulnerability
|
|
Wednesday, 2 Oct 2019
|
19:24 sunpoet
Document ruby vulnerability
|
16:20 mfechner
Document gitlab vulnerabilities.
|
16:16 mfechner
Document gitlab vulnerabilities.
|
16:06 mfechner
Documented gitlab vulnerabilities.
|
09:43 kai
security/vuxml: Document net-mgmt/cacti issue
PR: 240999
Reported by: Michael Muenz <m.muenz@gmail.com>
Security: CVE-2019-16723
|
|
Sunday, 29 Sep 2019
|
13:09 vsevolod
Fix misprint
|
08:26 vsevolod
Document RCE in Exim: CVE-2019-16928
|
|
Saturday, 28 Sep 2019
|
11:51 dmgk
security/vuxml: Add entry for lang/go and lang/go-devel CVE-2019-16276
Approved by: araujo (mentor)
Differential Revision: https://reviews.freebsd.org/D21802
|
|
Friday, 27 Sep 2019
|
19:30 tobik
Document databases/mantis vulnerabilities
|
|
Wednesday, 25 Sep 2019
|
23:07 lwhsu
Document Jenkins Security Advisory 2019-09-25
Sponsored by: The FreeBSD Foundation
|
|
Monday, 23 Sep 2019
|
09:01 tijl
Add linux-c6-openssl to CVE-2019-1559 entry.
Security: https://access.redhat.com/errata/RHSA-2019:2471
|
|
Friday, 20 Sep 2019
|
15:56 pi
security/vuxml: add CVEs for net/kea
PR: 240399
Submitted by: Andrey Pevnev <apevnev@me.com>
|
|
Thursday, 19 Sep 2019
|
12:43 pi
security/vuxml: add entry for CVE-2019-15903 in expat < 2.2.8
PR: 240613
Submitted by: Sergei Vyshenski <svysh.fbsd@gmail.com> (maintainer)
|
09:40 tijl
Document Mbed TLS side channel attack on deterministic ECDSA.
Security: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-10
|
|
Tuesday, 17 Sep 2019
|
22:50 leres
security/vuxml: Mark bro < 2.6.4 as vulnerable as per:
https://raw.githubusercontent.com/zeek/zeek/3b5a9f88ece1d274edee897837e280ef751bde94/NEWS
The issue is inproper data handling of data that is either either
empty or unterminated, resulting in invalid memory access or heap
buffer over-read.
Approved by: matthew (mentor, implicit)
|
|
Monday, 16 Sep 2019
|
11:45 pi
security/vuxml: fix vuln.xml entry for expat
PR: 238864
Submitted by: tobik
|
11:19 pi
security/vuxml: document expat2 pre-2.2.7 vulnerability
PR: 238864
Submitted by: Sergei Vyshenski <svysh.fbsd@gmail.com>
|
06:05 brnrd
security/vuxml: Fix latest openssl entry
Reported by: tobik
|
|
Saturday, 14 Sep 2019
|
21:17 sunpoet
Document curl vulnerability
|
|
Wednesday, 11 Sep 2019
|
08:30 brnrd
security/vuxml: Document OpenSSL vulnerabilities
|
00:33 jkim
Document the latest Flash Player vulnerabilities.
https://helpx.adobe.com/security/products/flash-player/apsb19-46.html
|
|
Saturday, 7 Sep 2019
|
21:07 mandree
Document devel/oniguruma < 6.9.3 vulnerabilities.
PR: 240368
Reported by: Pascal Christen
Obtained from: MITRE
Security: a8d87c7a-d1b1-11e9-a616-0992a4564e7c
Security: CVE-2019-13224
Security: CVE-2019-13225
|
13:43 feld
Document recent xymon-server CVEs
|
|
Friday, 6 Sep 2019
|
12:46 joneum
Add entry for wordpress
Sponsored by: Netzkommune GmbH
|
10:37 vsevolod
Document Exim vulnerability
|
07:53 madpilot
Document asterisk vulnerabilities.
|
|
Tuesday, 3 Sep 2019
|
23:32 timur
Add entry about CVE-2019-10197
On a Samba SMB server for all versions of Samba from 4.9.0 clients are
able to escape outside the share root directory if certain
configuration parameters set in the smb.conf file.
Security: CVE-2019-10197
|
21:32 jbeich
security/vuxml: mark firefox < 69 as vulnerable
|
14:33 zi
- Document www/varnish6 vulnerability
|
|
Monday, 2 Sep 2019
|
08:13 cpm
Document libgcrypt ECDSA side-channel attack vulnerability
Security: CVE-2019-13627
|
|
Saturday, 31 Aug 2019
|
09:04 sunpoet
Update ruby version
PR: 240227
Reported by: Trond Endrestol <Trond.Endrestol@ximalas.info>
|
|
Friday, 30 Aug 2019
|
07:01 tobik
Document www/webkit2-gtk3 vulnerabilities
PR: 240196
|
05:45 mfechner
Document www/gitlab-ce vulnerabilities.
|
00:07 sunpoet
Document RDoc vulnerability
|
|
Wednesday, 28 Aug 2019
|
15:58 ler
security/vuxml: document dovecot,dovecot-pigeonhole vulns
|
15:36 lwhsu
Document Jenkins Security Advisory 2019-08-28
Sponsored by: The FreeBSD Foundation
|
14:29 jbeich
security/vuxml: mark cliqz < 1.28.2 as vulnerable
PR: 239994
Submitted by: Santhosh Raju
|
|
Sunday, 25 Aug 2019
|
18:34 dch
security/vuxml: Document multiple vulnerabilities in www/h2o*
http://blog.kazuhooku.com/2019/08/h2o-version-226-230-beta2-released.html
PR: 239843
Reported by: Kazuho Oku
Approved by: jrm (mentor, implicit)
Security: CVE-2019-9512
Security: CVE-2019-9514
Security: CVE-2019-9515
Sponsored by: SkunkWerks, GmbH
|
|
Friday, 23 Aug 2019
|
21:16 kai
security/vuxml: Document www/gitea issues
PR: 240046
Submitted by: stb@lassitu.de (maintainer)
|
06:33 pi
security/vuxml: Document multiple vulnerabilities in ClamAV
PR: 240020
Submitted by: Yasuhiro KIMURA <yasu@utahime.org> (clamav maintainer)
|
|
Tuesday, 20 Aug 2019
|
22:22 bhughes
security/vuxml: document recent Node.js vulnerabilities
https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/
Sponsored by: Miles AS
|
14:26 riggs
Document vlc vulnerabilities prior to release 3.0.8
|
|
Monday, 19 Aug 2019
|
17:08 joneum
Add dns/nsd
PR: 239964
Reported by: Jaap Akkerhuis <jaap@NLnetLabs.nl>
Sponsored by: Netzkommune GmbH
|
|
Sunday, 18 Aug 2019
|
23:24 olgeni
security/vuxml: add vuxml entry for webmin and usermin (CVE-2019-15107).
|
17:04 pi
security/vuxml: add vuxml entry for gitea
PR: 239930
Submitted by: stb@lassitu.de
|
15:21 zeising
Document x11/xdm vulnerability CVE-2013-2179
|
09:28 mfechner
Document libgit2 vulnerabilities.
|
|
Saturday, 17 Aug 2019
|
11:07 joneum
Add www/apache24
Sponsored by: Netzkommune GmbH
|
|
Friday, 16 Aug 2019
|
18:11 sunpoet
Document nghttp2 vulnerability
|
12:09 tijl
Document CUPS CVE-2019-8675 and CVE-2019-8696.
Security: https://github.com/apple/cups/releases/tag/v2.2.12
|
|
Thursday, 15 Aug 2019
|
21:22 kai
security/vuxml: Update entry for security/doas
* Add a reference to OpenBSD's tech mailinglist that explains the issues
with doas(1)'s environmetal security in further detail.
* Clarify the origins of the reporting sources and fix a grammar nit.
PR: 239629
Reported by: Sander Bos
|
16:19 riggs
Document http/2 denial of service in net/traefik before 1.7.14
|
|
Wednesday, 14 Aug 2019
|
12:24 joneum
Edit entry for www/nginx
Sponsored by: Netzkommune GmbH
|
07:22 joneum
Add entry for www/nginx and www/nginx-devel
Sponsored by: Netzkommune GmbH
|
|
Tuesday, 13 Aug 2019
|
20:51 sunpoet
Document rubygem-nokogiri vulnerability
|
05:02 mfechner
Document www/gitlab-ce vulnerabilities.
|
|
Friday, 9 Aug 2019
|
21:21 adridg
Add vuxml for KDE Frameworks CVE
|
21:13 kai
security/vuxml: Document security/doas issues
PR: 239629
|
16:47 leres
security/vuxml: Mark bro < 2.6.3 as vulnerable as per:
https://raw.githubusercontent.com/zeek/zeek/1d874e5548a58b3b8fd2a342fe4aa0944e779809/NEWS
The issues are a null pointer dereference in the RPC analysis code
and a signed integer overflow in BinPAC-generated parser code.
Approved by: matthew (mentor, implicit)
|
|
Thursday, 8 Aug 2019
|
15:29 girgen
Add security information for PostgreSQL
|
|
Saturday, 3 Aug 2019
|
20:57 sunpoet
Document Django vulnerability
|
19:24 tijl
Add linux-c7-curl package to curl CVE-2018-14618 entry.
Security: https://access.redhat.com/errata/RHSA-2019:1880
Security: CVE-2018-14618
|
|
Wednesday, 31 Jul 2019
|
17:30 kai
security/vuxml: Document www/gitea issues
PR: 239562
Submitted by: stb@lassitu.de (maintainer)
|
|
Tuesday, 30 Jul 2019
|
20:53 feld
Document FreeBSD-SA-19:17.fd
|
20:53 feld
Document FreeBSD-SA-19:16.bhyve
|
20:52 feld
Document FreeBSD-SA-19:15.mqueuefs
|
20:41 feld
Document FreeBSD-SA-19:14.freebsd32
|
20:41 feld
Document FreeBSD-SA-19:13.pts
|
20:40 feld
Document FreeBSD-SA-19:12.telnet
|
20:39 feld
Document FreeBSD-SA-19:11.cd_ioctl
|
20:38 feld
Document FreeBSD-SA-19:10.ufs
|
20:38 feld
Document FreeBSD-SA-19:09.iconv
|
20:37 feld
Document FreeBSD-SA-19:08.rack
|
20:36 feld
Document FreeBSD-SA-19:07.mds
|
20:35 feld
Document FreeBSD-SA-19:06.pf
|
Number of commits found: 6273 (showing only 100 on this page) |
As an Amazon Associate I earn from qualifying purchases.