| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
1.1_3
02 Nov 2017 21:02:37
   |
brnrd  |
security/vuxml: Document new OpenSSL vulnerabilitities |
1.1_3
01 Nov 2017 21:14:55
|
joneum |
Document wordpress issues
Approved by: tcberner (mentor)
Differential Revision: https://reviews.freebsd.org/D12898 |
1.1_3
30 Oct 2017 16:57:55
|
swills |
Document wireshark issues |
1.1_3
30 Oct 2017 14:31:11
|
tz |
Document PHP Vulnerability
Security: CVE-2016-1283
Security:
https://vuxml.FreeBSD.org/freebsd/de7a2b32-bd7d-11e7-b627-d43d7e971a1b.html |
1.1_3
28 Oct 2017 09:59:31
|
cpm |
Document new vulnerability in www/chromium < 62.0.3202.75
Obtained
from: https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop_26.html
Security: CVE-2017-15396 |
1.1_3
27 Oct 2017 12:49:42
|
vd |
Document ftp/wget's stack and heap overflow
Submitted by: Andrew Perry <pez_098@yahoo.com>
Security: CVE-2017-13089
Security: CVE-2017-13090 |
1.1_3
26 Oct 2017 22:56:58
|
truckman |
Add headings to each Apache Openoffice vulnerability description. |
1.1_3
26 Oct 2017 22:46:35
|
truckman |
Update Apache OpenOffice entry. |
1.1_3
26 Oct 2017 18:09:10
|
bhughes |
security/vuxml: add node.js remote DoS vulnerability announced 2017-10-24
Reviewed by: swills
Approved by: swills (ports-secteam)
Security: d7d1cc94-b971-11e7-af3a-f1035dd0da62
Differential Revision: https://reviews.freebsd.org/D12788 |
1.1_3
25 Oct 2017 17:49:46
|
truckman |
Revert r452836 to re-add Apache Openoffice entry.
Remove empty <cvename/> to hopefully not break the build this time.
This passes "make validate" just like the last version did.
Suggested by: gavin |
1.1_3
25 Oct 2017 10:35:10
|
tz |
Document GitLab vulnerabilities
Security:
https://vuxml.FreeBSD.org/freebsd/418c172b-b96f-11e7-b627-d43d7e971a1b.html |
1.1_3
25 Oct 2017 09:18:26
|
gavin |
Revert r452818, the vuxmlweb build does not like empty CVE IDs.
This should likely be tested for as part of "make validate".
Hat: clusteradm |
1.1_3
24 Oct 2017 21:22:59
|
truckman |
Placeholder entry for editors/openoffice-4 and editors/openoffice-devel
multiple vulnerabilities. Details are currently embargoed. |
1.1_3
23 Oct 2017 08:57:12
|
brnrd |
security/vuxml: Document cURL vulnerability
- While here, fix date in latest mysql entry |
1.1_3
22 Oct 2017 22:25:53
|
dch |
Multiple vulnerabilites in www/h2o
Reviewed by: jrm (mentor)
Approved by: jrm (mentor)
Security: CVE-2017-10868
Security: CVE-2017-10869
Differential Revision: https://reviews.freebsd.org/D12763 |
1.1_3
22 Oct 2017 17:46:40
|
dbaio |
security/vuxml: Document multiple vulnerabilities in irc/irssi
Security: CVE-2017-15721
Security: CVE-2017-15722
Security: CVE-2017-15723
Security: CVE-2017-15727
Security: CVE-2017-15228
PR: 223169
Reported by: David O'Rourke <dor.bsd@xm0.uk> |
1.1_3
21 Oct 2017 23:01:18
|
cpm |
Document new vulnerabilities in www/chromium < 62.0.3202.62
Obtained
from: https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html |
1.1_3
19 Oct 2017 19:59:16
|
swills |
Document cacti issue |
1.1_3
19 Oct 2017 14:54:59
|
ak |
- Document arj archiver vulnerabilities |
1.1_3
18 Oct 2017 14:34:04
|
woodsb02 |
Ensure all krb5 packages are listed in the recent vulnerability entry |
1.1_3
18 Oct 2017 14:21:58
|
woodsb02 |
Fix formatting (line length) in recent krb5 vulnerability entry |
1.1_3
18 Oct 2017 14:17:39
|
woodsb02 |
Doucument recent MIT Kerberos (krb5) vulnerabilities |
1.1_3
18 Oct 2017 11:46:59
|
brnrd |
security/vuxml: Document MySQL vulnerabilities Q4 2017 |
1.1_3
17 Oct 2017 17:45:10
|
swills |
Document xorg issues |
1.1_3
17 Oct 2017 05:29:41
|
jkim |
Document the latest Flash Player vulnerability.
https://helpx.adobe.com/security/products/flash-player/apsb17-32.html |
1.1_3
17 Oct 2017 02:46:46
|
swills |
Fix version on solr issue |
1.1_3
16 Oct 2017 19:57:56
|
swills |
Document hostapd and wpa_supplicant issue
PR: 223051
Submitted by: Vladimir Krstulja <vlad-fbsd@acheronmedia.com> |
1.1_3
16 Oct 2017 16:29:08
|
swills |
Document mercurial issue |
1.1_3
14 Oct 2017 10:46:24
|
madpilot |
Document textproc/freexl security vulnerabilities.
PR: 222130
Submitted by: lbartoletti@tuxfamily.org (maintainer) |
1.1_3
13 Oct 2017 17:25:50
|
swills |
Document ffmpeg issues
PR: 222957
Submitted by: Vladimir Krstulja <vlad-fbsd@acheronmedia.com> |
1.1_3
13 Oct 2017 16:53:53
|
kwm |
Document xorg-server CVEs 2017-12176 through 2017-12187.
While here replace the SO-AND-SO part in the description of the previous
xorg-server entry[1], with the Alan Coopersmith who send the announce mail to
xorg-announce@ mailing list.
[1] entry: 4f8ffb9c-f388-4fbd-b90f-b3131559d888 |
1.1_3
13 Oct 2017 16:42:49
|
swills |
Document solr issue |
1.1_3
13 Oct 2017 13:39:52
|
swills |
Document jenkins issues |
1.1_3
12 Oct 2017 15:03:08
|
royger |
Document xen-kernel XSA-{237..244} |
1.1_3
12 Oct 2017 13:52:27
|
swills |
Document nss issue
PR: 222952
Submitted by: Vladimir Krstulja <vlad-fbsd@acheronmedia.com> |
1.1_3
11 Oct 2017 18:30:51
|
swills |
Document libosip2 issue |
1.1_3
11 Oct 2017 18:06:46
|
swills |
Document ncurses issues |
1.1_3
11 Oct 2017 12:54:11
|
swills |
Document python issue |
1.1_3
10 Oct 2017 14:11:48
|
swills |
Document node issue |
1.1_3
10 Oct 2017 14:05:06
|
swills |
Document zookeeper issue |
1.1_3
10 Oct 2017 13:24:08
|
swills |
Document libtiff issue |
1.1_3
10 Oct 2017 11:17:19
|
sunpoet |
Document rubygems vulnerability |
1.1_3
09 Oct 2017 19:29:14
|
kwm |
Document two xorg-server vulnabilities.
Security: CVE-2017-13721, CVE-2017-13723 |
1.1_3
08 Oct 2017 13:26:52
|
jhale |
Fix range for 58fafead-cd13-472f-a9bd-d0173ba1b04c |
1.1_3
07 Oct 2017 00:07:13
|
swills |
update versions for tomcat issue |
1.1_3
07 Oct 2017 00:06:11
|
swills |
Document tomcat issue |
1.1_3
04 Oct 2017 07:56:03
|
brnrd |
security/vuxml: Document latest cURL vulnerability |
1.1_3
03 Oct 2017 15:47:26
|
zi |
- Re-add 6887828f-0229-11e0-b84d-00262d5ed8ee as cancelled, instead of purging
it
Submitted by: Mathieu Arnold <mat@FreeBSD.org> |
1.1_3
03 Oct 2017 13:41:15
|
feld |
Document FreeBSD-SA-17:06.openssh |
1.1_3
03 Oct 2017 13:40:26
|
feld |
Document FreeBSD-SA-17:05.heimdal |
1.1_3
03 Oct 2017 05:54:04
|
jbeich |
security/vuxml: seamonkey 2.49.1 build2 uses gecko from firefox 52.4 |
1.1_3
02 Oct 2017 19:19:10
|
mandree |
fix typo in dnsmasq < 2.78 entries
Security: b77b5646-a778-11e7-ac58-b499baebfeaf |
1.1_3
02 Oct 2017 15:15:13
|
brnrd |
security/vuxml: Fix title on latest entry |
1.1_3
02 Oct 2017 14:06:27
|
brnrd |
security/vuxml: Document dnsmasq vulnerabilities |
1.1_3
29 Sep 2017 16:37:20
|
zi |
- Add a warning if the description section seems unnecessarily large
Submitted by: Vladimir Krstulja
Approved by: ports-secteam (with hat) |
1.1_3
29 Sep 2017 16:28:22
|
zi |
- Condense additional entries where description >4500 characters
Approved by: ports-secteam (with hat) |
1.1_3
29 Sep 2017 15:51:08
|
zi |
- Condense entries whose description is >5000 characters
Approved by: ports-secteam (with hat) |
1.1_3
29 Sep 2017 15:31:32
|
zi |
- Add date format validation
Submitted by: Vladimir Krstulja (via IRC) |
1.1_3
29 Sep 2017 15:28:54
|
zi |
- Purge another batch of superceded www/chromium entries to give us additional
headroom under the 5M vuln.xml file size limit
Approved by: ports-secteam (with hat) |
1.1_3
29 Sep 2017 15:23:57
|
swills |
Document phpmyfaq issues |
1.1_3
29 Sep 2017 15:17:49
|
swills |
Document wordpress issues |
1.1_3
29 Sep 2017 15:17:04
|
zi |
- Fix invalid date entries
- Purge 6887828f-0229-11e0-b84d-00262d5ed8ee as it has been superceded by other
entries and it is massive. (We have hit 5M on vuln.xml) |
1.1_3
29 Sep 2017 13:20:16
|
swills |
Fix date format
While here, correct some grammar
PR: 222683
Submitted by: Vladimir Krstulja <vlad-fbsd@acheronmedia.com> |
1.1_3
28 Sep 2017 22:47:58
|
jbeich |
security/vuxml: mark firefox < 56 as vulnerable |
1.1_3
28 Sep 2017 20:53:46
|
swills |
Document sam2p issue |
1.1_3
28 Sep 2017 14:53:43
|
swills |
docuent libraw issue |
1.1_3
27 Sep 2017 21:16:36
|
mandree |
Extend OpenVPN security issue to slave ports.
Security: CVE-2017-12166
Security: 3dd6ccf4-a3c6-11e7-a52e-0800279f2ff8 |
1.1_3
27 Sep 2017 21:13:24
|
mandree |
Document OpenVPN <2.4.4 CVE-2017-12166 legacy vuln.
Security: CVE-2017-12166
Security: 3dd6ccf4-a3c6-11e7-a52e-0800279f2ff8 |
1.1_3
27 Sep 2017 16:50:21
|
rakuco |
Fix version range for libzip's CVE-2017-14107 (r450692).
I am going to land a fix for libzip 1.1.3 (the version currently in the ports
tree) instead of updating the port to 1.3.0. 1.3.0 has a different SOVERSION
number, which also requires updating dependent ports and makes MFH'ing the fix
more difficult.
PR: 222638 |
1.1_3
27 Sep 2017 15:38:47
|
swills |
Document ImageMagick issue |
1.1_3
27 Sep 2017 15:33:46
|
sunpoet |
Update rubygem-geminabox vulnerability |
1.1_3
27 Sep 2017 15:20:31
|
swills |
Document libofx issue |
1.1_3
27 Sep 2017 14:36:02
|
swills |
Correct version of libbson issue |
1.1_3
26 Sep 2017 21:32:56
|
swills |
Document sugarcrm issue |
1.1_3
26 Sep 2017 18:31:50
|
swills |
Document libzip issue |
1.1_3
26 Sep 2017 18:14:30
|
swills |
Document libbson issue |
1.1_3
26 Sep 2017 17:44:24
|
swills |
Document multiple vulnerabilities in tcpdump |
1.1_3
26 Sep 2017 14:48:25
|
swills |
Document libraw issue |
1.1_3
26 Sep 2017 14:46:57
|
swills |
Document libraw issue |
1.1_3
26 Sep 2017 14:39:02
|
swills |
Document issue in gd |
1.1_3
26 Sep 2017 14:37:01
|
swills |
Document issue in php and gd |
1.1_3
26 Sep 2017 13:20:00
|
swills |
Document ledger vulnerabilities |
1.1_3
26 Sep 2017 12:19:09
|
swills |
Document aacplusenc issue |
1.1_3
26 Sep 2017 12:12:25
|
swills |
Document ansible issue |
1.1_3
25 Sep 2017 14:48:13
|
swills |
Add second CVE To geminabox entry, update versions affected |
1.1_3
25 Sep 2017 11:05:15
|
brnrd |
security/vuxml: Document WeeChat 1.9 vulnerability |
1.1_3
24 Sep 2017 19:08:19
|
sunpoet |
Document Perl vulnerability |
1.1_3
22 Sep 2017 21:45:56
|
cpm |
Document new vulnerabilities in www/chromium < 61.0.3163.100
Obtained
from: https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop_21.html |
1.1_3
19 Sep 2017 20:12:53
|
madpilot |
Add new asterisk ports vulnerability. |
1.1_3
19 Sep 2017 18:17:33
|
jbeich |
security/vuxml: adjust for seamonkey 2.49.1 |
1.1_3
19 Sep 2017 16:59:15
|
sunpoet |
Document Ruby vulnerability |
1.1_3
19 Sep 2017 15:49:00
|
sunpoet |
Document rubygem-geminabox vulnerability |
1.1_3
19 Sep 2017 12:23:01
|
brd |
Add new entry for Apache "OptionsBleed"
Reviewed by: zi |
1.1_3
14 Sep 2017 10:12:21
|
tz |
Document GitLab vulnerabilities
Security: CVE-2017-5029
Security: CVE-2016-4738
Security:
https://vuxml.FreeBSD.org/freebsd/6a177c87-9933-11e7-93f7-d43d7e971a1b.html |
1.1_3
13 Sep 2017 13:22:14
|
ashish |
- Add emacs-devel to the list of affected packages by emacs vulnerability
- Move it to the top, didn't realize this before. Sorry |
1.1_3
12 Sep 2017 19:48:41
|
jkim |
Document latest Flash Player vulnerabilities.
https://helpx.adobe.com/security/products/flash-player/apsb17-28.html |
1.1_3
12 Sep 2017 14:53:35
|
ashish |
- Correct package name in Emacs vulnerability
- Also add emacs-nox11 to the list |
1.1_3
12 Sep 2017 13:25:17
|
ashish |
- Document emacs vulnerability |
1.1_3
10 Sep 2017 16:54:03
|
ume |
Document cyrus-imapd vulnerability
Security: CVE-2017-14230 |
1.1_3
07 Sep 2017 20:13:17
|
sunpoet |
Fix indent |
As an Amazon Associate I earn from qualifying purchases.
