Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
Commit | Credits | Log message |
1.1_3 29 Jan 2018 21:17:39 |
tijl |
Update range for linux-*-nss.
PR: 225541
Submitted by: dbn
Security: https://access.redhat.com/errata/RHSA-2017:2832 |
1.1_3 29 Jan 2018 19:17:49 |
zeising |
FIx range for dovecot
2.2.33.2_2 is vulnerable. |
1.1_3 27 Jan 2018 09:10:41 |
kwm |
Document gcab stack overflow.
Security: CVE-2018-5345 |
1.1_3 26 Jan 2018 14:37:23 |
swills |
Document dovecot issue
Submitted by: Roger Marquis <marquis@roble.com> |
1.1_3 26 Jan 2018 14:28:07 |
swills |
Document curl issue
Submitted by: Roger Marquis <marquis@roble.com> |
1.1_3 26 Jan 2018 13:23:59 |
cmt |
document recent clamav vulnerabilities
See: http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html |
1.1_3 26 Jan 2018 09:00:48 |
amdmi3 |
Fix wordpress entries in vuxml
- Fix incorrect package names
- Fix epoch in older entry which makes it incorrectly report fresh ports as
vulnerable
With hat: ports-secteam |
1.1_3 23 Jan 2018 23:07:10 |
jbeich |
security/vuxml: seamonkey 2.49.2 will use firefox-esr 52.6 engine |
1.1_3 23 Jan 2018 18:43:33 |
jbeich |
security/vuxml: mark firefox < 58 as vulnerable |
1.1_3 23 Jan 2018 11:33:33 |
krion |
Fix typo. |
1.1_3 23 Jan 2018 11:23:42 |
krion |
Document new vulnerability in dns/powerdns-recursor < 4.1.1
Obtained
from: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-01.html
Security: CVE-2018-1000003 |
1.1_3 23 Jan 2018 02:05:40 |
cpm |
Document new vulnerabilities in www/chromium < 63.0.3239.108
Obtained
from: https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop_14.html
Security: CVE-2017-15429 |
1.1_3 23 Jan 2018 01:53:49 |
cpm |
Document new vulnerabilities in www/chromium < 63.0.3239.84
Obtained
from: https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html |
1.1_3 23 Jan 2018 00:39:12 |
cpm |
Document new vulnerability in www/chromium < 62.0.3202.94
Obtained
from: https://chromereleases.googleblog.com/2017/11/stable-channel-update-for-desktop_13.html
Security: CVE-2017-15428 |
1.1_3 22 Jan 2018 23:47:21 |
cpm |
Add missing entry for www/chromium
Security: CVE-2017-15406 |
1.1_3 19 Jan 2018 16:43:36 |
girgen |
Add more information about the recents security notice for shibboleth2-sp |
1.1_3 19 Jan 2018 15:12:47 |
dbaio |
security/vuxml: Document vulnerability in dns/unbound
Security: CVE-2017-15105
PR: 225313
Reported by: jaap@NLnetLabs.nl |
1.1_3 19 Jan 2018 13:01:22 |
joneum |
Document phpbb3 issues
Approved by: tz (mentor)
Differential Revision: https://reviews.freebsd.org/D13983 |
1.1_3 19 Jan 2018 12:45:26 |
brnrd |
security/vuxml: Fix tabs and spaces settings |
1.1_3 19 Jan 2018 12:44:12 |
brnrd |
security/vuxml: Document 2018Q1 Oracle MySQL vulns |
1.1_3 19 Jan 2018 06:15:16 |
joneum |
Document wordpress issues
Approved by: tcberner (mentor)
Differential Revision: https://reviews.freebsd.org/D13954 |
1.1_3 17 Jan 2018 20:50:17 |
swills |
Document GitLab issue |
1.1_3 14 Jan 2018 02:19:47 |
woodsb02 |
Document DNS rebinding vulnerabilities in net-p2p/transmission-daemon
PR: 225150
Security: https://www.vuxml.org/freebsd/3e5b8bd3-0c32-452f-a60e-beab7b762351.html |
1.1_3 12 Jan 2018 17:23:33 |
girgen |
Document vulnerability of devel/xmltooling
security/shibboleth2-sp depends on the xmltooling port
Security: CVE-2018-0486 |
1.1_3 11 Jan 2018 21:18:15 |
adamw |
Add vim-console instead of replacing vim-list.
Reported by: ohauer |
1.1_3 11 Jan 2018 20:36:16 |
adamw |
Chase the vim-lite -> vim-console rename |
1.1_3 09 Jan 2018 21:25:14 |
jkim |
Document the latest Flash Player vulnerability.
https://helpx.adobe.com/security/products/flash-player/apsb18-01.html |
1.1_3 08 Jan 2018 23:03:54 |
dbaio |
security/vuxml: Document vulnerability in www/awstats
Security: CVE-2017-1000501
PR: 225007
Reported by: Vidar Karlsen <vidar@karlsen.tech> |
1.1_3 06 Jan 2018 20:43:51 |
dbaio |
security/vuxml: Document multiple vulnerabilities in irc/irssi
Security: CVE-2018-5205
Security: CVE-2018-5206
Security: CVE-2018-5207
Security: CVE-2018-5208
PR: 224954
Reported by: tj@mrsk.me (email)
Reported by: David O'Rourke <dor.bsd@xm0.uk> |
1.1_3 05 Jan 2018 17:17:09 |
jbeich |
security/vuxml: mark firefox < 57.0.4 as vulnerable |
1.1_3 05 Jan 2018 00:40:20 |
ultima |
* Add modified date to for libevhtp vulnerable
Thank you dbaio for catching this. |
1.1_3 04 Jan 2018 19:08:50 |
ultima |
* Add libevhtp to list of vulnerable ports.
Libevhtp prior to 1.2.14 uses oniguruma 5.9.2 and is
vulnerable if using the REGEX option, which is the
default. |
1.1_3 31 Dec 2017 14:48:36 |
dbaio |
security/vuxml: Fix FreeBSD PR bugs references |
1.1_3 30 Dec 2017 16:41:19 |
dbaio |
security/vuxml: Document vulnerabilities in www/otrs
Security: CVE-2017-16664
Security: CVE-2017-16854
Security: CVE-2017-16921
PR: 224729
Reported by: Vidar Karlsen <vidar@karlsen.tech> |
1.1_3 29 Dec 2017 09:28:51 |
eugen |
Fix cut-n-paste error in the previous addition for bouncycastle15
(6a131fbf-ec76-11e7-aa65-001b216d295b). |
1.1_3 29 Dec 2017 09:23:28 |
eugen |
Document security defect in the Bouncy Castle Crypto APIs: CVE-2017-13098
("ROBOT")
Obtained from: https://www.bouncycastle.org/releasenotes.html
Security:
https://vuxml.FreeBSD.org/freebsd/6a131fbf-ec76-11e7-aa65-001b216d295b |
1.1_3 25 Dec 2017 11:31:19 |
jbeich |
security/vuxml: mark thunderbird < 52.5.2 as vulnerable |
1.1_3 23 Dec 2017 17:03:03 |
matthew |
Document phpMyAdmin PMSA-2017-9: Critical XSRF/CSRF vulnerability. |
1.1_3 23 Dec 2017 10:24:04 |
brnrd |
security/vuxml: Fix typo in CVE number of latest Oracle CPU entry |
1.1_3 23 Dec 2017 09:55:08 |
madpilot |
Document new asterisk vulnerability. |
1.1_3 23 Dec 2017 09:16:31 |
brnrd |
security/vuxml: Document new MariaDB vuln
- This is likely to also affect MySQL and other versions
see https://security-tracker.debian.org/tracker/CVE-2017-15365 |
1.1_3 20 Dec 2017 14:10:25 |
ehaupt |
Document multiple vulnerabilities in rsync.
PR: 224478
Submitted by: yasu@utahime.org |
1.1_3 19 Dec 2017 02:15:17 |
swills |
Document ruby issue |
1.1_3 18 Dec 2017 21:48:18 |
asomers |
Add vuxml entry for CVE-2017-16355 to rubygem-passenger
The vulnerable version was already replaced by r452356
Reviewed by: brd
Approved by: brd (ports)
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D13482 |
1.1_3 17 Dec 2017 18:50:00 |
zeising |
Document multiple vulnerabilities in libXfont and libXfont2.
The first two vulnerabilities are memory leaks when reading past valid
memory.
The last vulnerability is the possibility for an unprivileged X client to
read privileged files through symlinks
CVE-2017-13720
CVE-2017-13722
CVE-2017-16611 |
1.1_3 17 Dec 2017 15:27:28 |
zeising |
Add CVE to references. |
1.1_3 17 Dec 2017 15:23:50 |
zeising |
Document x11/libXcursor -- integer overflow that can lead to heap buffer
overflow.
CVE-2017-16612 |
1.1_3 16 Dec 2017 20:54:32 |
sunpoet |
Document global vulnerability |
1.1_3 15 Dec 2017 16:33:13 |
brd |
Document Jenkins vulnerabilities. |
1.1_3 14 Dec 2017 19:44:02 |
bhughes |
security/vuxml: document Node.js vulnerabilities, December 2017
Approved by: mat (co-mentor)
Differential Revision: https://reviews.freebsd.org/D13489 |
1.1_3 14 Dec 2017 10:58:47 |
tz |
Document GitLab Vulnerability
Security:
https://vuxml.FreeBSD.org/freebsd/e72a8864-e0bc-11e7-b627-d43d7e971a1b.html |
1.1_3 14 Dec 2017 06:41:59 |
remko |
Add entry for CVE-2017-8819.
Requested by: Roger Marquis
Hat: FreeBSD Security Team |
1.1_3 13 Dec 2017 20:45:21 |
madpilot |
- Add CVE names for old asterisk13 vulnerabilities
- Fix typo |
1.1_3 13 Dec 2017 20:37:04 |
madpilot |
Document asterisk13 vulnerability. |
1.1_3 13 Dec 2017 14:44:44 |
swills |
Document libxml2 issue |
1.1_3 11 Dec 2017 14:53:32 |
tijl |
Fix version range in latest curl entry. |
1.1_3 11 Dec 2017 14:45:40 |
tijl |
Add linux-c7-curl to latest curl entry.
Security: 301a01b7-d50e-11e7-ac58-b499baebfeaf |
1.1_3 10 Dec 2017 15:41:59 |
feld |
Document FreeBSD-SA-17:12.openssl |
1.1_3 10 Dec 2017 11:37:03 |
cmt |
document latest wireshark vulnerabilities |
1.1_3 08 Dec 2017 20:35:26 |
sunpoet |
Fix version range of mail/procmail
PR: 223777
Submitted by: romain |
1.1_3 07 Dec 2017 15:47:32 |
brnrd |
secuirty/vuxml: Document OpenSSL vulnerabilities |
1.1_3 06 Dec 2017 18:38:04 |
feld |
Document FreeBSD-SA-17:11.openssl |
1.1_3 06 Dec 2017 18:30:42 |
feld |
Document FreeBSD-SA-17:10.kldstat |
1.1_3 06 Dec 2017 18:29:50 |
feld |
Document FreeBSD-SA-17:09.shm |
1.1_3 06 Dec 2017 18:29:05 |
feld |
Document FreeBSD-SA-17:08.ptrace |
1.1_3 06 Dec 2017 18:28:00 |
feld |
Document FreeBSD-SA-17:07.wpa |
1.1_3 05 Dec 2017 23:31:08 |
jbeich |
security/vuxml: mark firefox < 57.0.1 as vulnerable |
1.1_3 02 Dec 2017 13:27:26 |
feld |
Document varnish vulnerabilty
Security: CVE-2017-8807 |
1.1_3 02 Dec 2017 11:46:28 |
joneum |
Document vulnerability in www/mybb
Approved by: tcberner (mentor)
Differential Revision: https://reviews.freebsd.org/D13343 |
1.1_3 01 Dec 2017 22:16:27 |
joneum |
Document wordpress issues
Approved by: tcberner (mentor)
Differential Revision: https://reviews.freebsd.org/D13323 |
1.1_3 01 Dec 2017 21:33:03 |
madpilot |
Documeent net/asterisk13 vulnerability. |
1.1_3 30 Nov 2017 18:42:14 |
vsevolod |
Document CVE-2017-16944 in Exim |
1.1_3 30 Nov 2017 10:12:27 |
pizzamig |
security/vuxml: Document vulnerability in net/xrdp-devel
PR: 223931
Reported by: meta+ports@vmeta.jp (maintainer)
Security: CVE-2017-16927 |
1.1_3 29 Nov 2017 14:36:51 |
brnrd |
security/vuxml: Fix formatting |
1.1_3 29 Nov 2017 14:26:57 |
brnrd |
security/vuxml: Document cURL vulnerabilities |
1.1_3 29 Nov 2017 04:32:23 |
dbaio |
security/vuxml: Document vulnerability in py-borgbackup |
1.1_3 28 Nov 2017 23:00:47 |
tobik |
Document www/palemoon vulnerabilities
PR: 223934
Security: CVE-2017-7832
Security: CVE-2017-7835
Security: CVE-2017-7840 |
1.1_3 27 Nov 2017 08:05:04 |
vsevolod |
Document mail/exim vulnerability: CVE-2017-16943 |
1.1_3 24 Nov 2017 19:28:57 |
joneum |
Document vulnerability in www/mybb
https://blog.mybb.com/2017/11/07/mybb-1-8-13-released-security-maintenance-release/
Approved by: tcberner (mentor)
Differential Revision: https://reviews.freebsd.org/D13231 |
1.1_3 23 Nov 2017 15:06:25 |
woodsb02 |
Document multiple vulnerabilities in sysutils/py-salt
Security: CVE-2017-14695
Security: CVE-2017-14696 |
1.1_3 23 Nov 2017 14:08:49 |
junovitch |
Document security issue fixed in CodeIgniter 3.1.6
Security: https://vuxml.FreeBSD.org/freebsd/ef3423e4-d056-11e7-a52c-002590263bf5.html |
1.1_3 21 Nov 2017 16:12:20 |
zi |
- Document vulnerability in procmail |
1.1_3 21 Nov 2017 14:45:46 |
olivier |
Document vulnerability in net/frr
Security: CVE-2017-15865
Sponsored by: Orange |
1.1_3 21 Nov 2017 12:01:23 |
pizzamig |
security/vuxml: Document multiple vulnerabilities in net-mgmt/cacti
PR: 223756
Reported by: freebsd-ports@dan.me.uk
Approved by: olivier (mentor)
Security: CVE-2017-16641
Security: CVE-2017-16660
Security: CVE-2017-16661
Security: CVE-2017-16785 |
1.1_3 19 Nov 2017 02:38:30 |
wen |
- Document vulnerability in www/mediawiki127, www/mediawiki128 and
www/mediawiki129. |
1.1_3 18 Nov 2017 11:38:24 |
brnrd |
security/vuxml: Mark MariaDB <10.1.29 vulnerable
- As per release notes [1]
1: https://mariadb.com/kb/en/library/mariadb-10129-release-notes/ |
1.1_3 16 Nov 2017 19:05:01 |
jkim |
Document the latest Flash Player vulnerability.
https://helpx.adobe.com/security/products/flash-player/apsb17-33.html |
1.1_3 15 Nov 2017 17:30:56 |
gjb |
Fix vuxml build.
Sponsored by: The FreeBSD Foundation |
1.1_3 15 Nov 2017 17:17:37 |
girgen |
Information about shibbloeth2-sp security issue |
1.1_3 15 Nov 2017 17:12:33 |
madpilot |
- This vulnerability aapplies to pjsip too.
- Fix typo. |
1.1_3 14 Nov 2017 19:04:24 |
jbeich |
security/vuxml: mark firefox < 57 as vulnerable |
1.1_3 14 Nov 2017 13:59:23 |
tz |
Fix wrong ranges of affected PHP versions
Reported by: Adam McDougall <mcdouga9@egr.msu.edu> |
1.1_3 13 Nov 2017 19:36:47 |
sunpoet |
Document rubygem-geminabox vulnerability |
1.1_3 12 Nov 2017 21:55:15 |
adridg |
security/vuxml: Document vulnerability in irc/konversation
Reported by: tcberner
Approved by: tcberner (mentor)
Security: CVE-2017-15923 |
1.1_3 11 Nov 2017 17:29:26 |
dbaio |
security/vuxml: Document vulnerability in in mail/roundcube
PR: 223557
Submitted by: Vladimir Krstulja <vlad-fbsd@acheronmedia.com>
Security: CVE-2017-16651 |
1.1_3 10 Nov 2017 23:19:56 |
cpm |
Document new vulnerabilities in www/chromium < 62.0.3202.89
Obtained
from: https://chromereleases.googleblog.com/2017/11/stable-channel-update-for-desktop.html |
1.1_3 09 Nov 2017 16:01:15 |
girgen |
Document PostgreSQL vulnerabilities |
1.1_3 09 Nov 2017 14:17:51 |
swills |
Document jenkins vulnerabilities |
1.1_3 09 Nov 2017 10:12:09 |
madpilot |
Document Asterisk vulnerabilities. |
1.1_3 07 Nov 2017 18:42:10 |
brnrd |
security/vuxml: Fix MySQL 10.1 vulnerable version
PR: 223482
Reported by: Marcin Gryszkalis <mg fork pl> |