Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
Commit | Credits | Log message |
1.1_3 19 Sep 2017 20:12:53 |
madpilot |
Add new asterisk ports vulnerability. |
1.1_3 19 Sep 2017 18:17:33 |
jbeich |
security/vuxml: adjust for seamonkey 2.49.1 |
1.1_3 19 Sep 2017 16:59:15 |
sunpoet |
Document Ruby vulnerability |
1.1_3 19 Sep 2017 15:49:00 |
sunpoet |
Document rubygem-geminabox vulnerability |
1.1_3 19 Sep 2017 12:23:01 |
brd |
Add new entry for Apache "OptionsBleed"
Reviewed by: zi |
1.1_3 14 Sep 2017 10:12:21 |
tz |
Document GitLab vulnerabilities
Security: CVE-2017-5029
Security: CVE-2016-4738
Security:
https://vuxml.FreeBSD.org/freebsd/6a177c87-9933-11e7-93f7-d43d7e971a1b.html |
1.1_3 13 Sep 2017 13:22:14 |
ashish |
- Add emacs-devel to the list of affected packages by emacs vulnerability
- Move it to the top, didn't realize this before. Sorry |
1.1_3 12 Sep 2017 19:48:41 |
jkim |
Document latest Flash Player vulnerabilities.
https://helpx.adobe.com/security/products/flash-player/apsb17-28.html |
1.1_3 12 Sep 2017 14:53:35 |
ashish |
- Correct package name in Emacs vulnerability
- Also add emacs-nox11 to the list |
1.1_3 12 Sep 2017 13:25:17 |
ashish |
- Document emacs vulnerability |
1.1_3 10 Sep 2017 16:54:03 |
ume |
Document cyrus-imapd vulnerability
Security: CVE-2017-14230 |
1.1_3 07 Sep 2017 20:13:17 |
sunpoet |
Fix indent |
1.1_3 06 Sep 2017 20:08:12 |
sunpoet |
Document Django vulnerability |
1.1_3 06 Sep 2017 18:25:04 |
truckman |
Correct vulnerability range for atril and atril-lite.
PR: 221867
Submitted by: rkoberman@gmail.com
Security: CVE-2017-1000083 |
1.1_3 06 Sep 2017 12:01:30 |
cpm |
Document new vulnerabilities in www/chromium < 61.0.3163.79
Obtained
from: https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop.html |
1.1_3 02 Sep 2017 16:52:00 |
feld |
Cancel CVE-2017-6419 for security/clamav
This only affected clamav-devel / the unreleased code for 0.99.3. |
1.1_3 02 Sep 2017 16:43:49 |
feld |
Document clamav vulnerability
PR: 221608
Security: CVE-2017-6419 |
1.1_3 01 Sep 2017 19:36:50 |
feld |
Document gdk-pixbuf2 vulnerabilities
Security: CVE-2017-2862 CVE-2017-2870 |
1.1_3 01 Sep 2017 07:32:36 |
madpilot |
Document vulnerabilities in asterisk ports. |
1.1_3 30 Aug 2017 15:46:55 |
cpm |
Document libgcrypt side-channel attack vulnerability
Security: CVE-2017-0379 |
1.1_3 30 Aug 2017 15:08:52 |
cpm |
Update pspp version range to 1.0.1 |
1.1_3 29 Aug 2017 18:19:34 |
jrm |
security/vuxml: Add entry for multiple rubygems vulnerabilities reported
2017-08-29 at
https://www.ruby-lang.org/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/
Approved by: swills |
1.1_3 26 Aug 2017 12:59:27 |
tobik |
Document vulnerabilities of www/kanboard
PR: 221826 |
1.1_3 24 Aug 2017 01:01:44 |
swills |
Document issues in poppler
PR: 220608 |
1.1_3 23 Aug 2017 12:54:48 |
tz |
Document vulnerabilities of mail/phpmailer |
1.1_3 22 Aug 2017 22:55:31 |
woodsb02 |
Document salt security vulnerability
Obtained
from: https://docs.saltstack.com/en/latest/topics/releases/2017.7.1.html |
1.1_3 22 Aug 2017 20:31:49 |
cpm |
Document dnsdist vulnerabilities
Obtained from: https://dnsdist.org/security-advisories/index.html |
1.1_3 22 Aug 2017 18:22:06 |
swills |
Document security vulnerability in evince and atril
PR: 220713
Submitted by: Vladimir Krstulja <vlad-fbsd@acheronmedia.com> |
1.1_3 22 Aug 2017 17:22:33 |
swills |
Document SquirrelMail vulnerability |
1.1_3 22 Aug 2017 07:40:00 |
cpm |
Document vulnerabilities in math/pspp < 1.0.0
Obtained
from: https://www.cvedetails.com/vulnerability-list/vendor_id-72/product_id-38732/year-2017/GNU-Pspp.html |
1.1_3 20 Aug 2017 07:54:09 |
kwm |
Update the latest libsoup entry with the fixed version. |
1.1_3 19 Aug 2017 04:13:45 |
acm |
- Add entry about drupal8 vulnerabilities |
1.1_3 17 Aug 2017 10:45:47 |
brnrd |
security/vuxml: Document devel/libsoup vulnerability |
1.1_3 16 Aug 2017 15:15:34 |
dbaio |
security/vuxml: Document Zabbix vulnerability
Security: CVE-2017-2824 |
1.1_3 15 Aug 2017 19:18:16 |
dbaio |
security/vuxml: Document vulnerability in sysutils/py-supervisor
PR: 221539
Submitted by: Franz Glasner <f.glasner@feldmann-mg.com>
Security: CVE-2017-11610 |
1.1_3 15 Aug 2017 09:01:20 |
tz |
Fix typo in affected versions of GitLab vulnerabilities |
1.1_3 14 Aug 2017 22:42:53 |
feld |
Document freeradius vulnerabilities |
1.1_3 12 Aug 2017 18:58:32 |
sunpoet |
Document Mercurial vulnerability |
1.1_3 11 Aug 2017 22:05:23 |
brnrd |
security/vuxml: Update recent MySQL entry
- Changelog reveals MariaDB 10.0.31 and 10.1.25 vulnerable |
1.1_3 11 Aug 2017 16:34:39 |
adamw |
Match both dovecot and dovecot2.
Submitted by: mat |
1.1_3 11 Aug 2017 16:09:26 |
adamw |
Chase dovecot2's rename to dovecot.
Reported by: remko |
1.1_3 11 Aug 2017 13:59:57 |
lev |
Add CVE-2017-9800 for subversion ports.
Security: http://subversion.apache.org/security/CVE-2017-9800-advisory.txt |
1.1_3 11 Aug 2017 08:05:10 |
tz |
Document GitLab vulnerabilities
Security: CVE-2017-12426
Security:
https://vuxml.FreeBSD.org/freebsd/abcc5ad3-7e6a-11e7-93f7-d43d7e971a1b.html |
1.1_3 11 Aug 2017 00:03:39 |
dbaio |
security/vuxml: Consolidate duplicate Apache Commons FileUpload entries
This also remove a wrong entry that marks tomcat 6 as vulnerable
Approved by: ports-secteam (zi)
Differential Revision: https://reviews.freebsd.org/D11941 |
1.1_3 10 Aug 2017 14:11:07 |
girgen |
Add CVE:s fixed in latest PostgreSQL release |
1.1_3 10 Aug 2017 05:54:24 |
jkim |
Document latest Flash Player vulnerabilities.
https://helpx.adobe.com/security/products/flash-player/apsb17-23.html |
1.1_3 09 Aug 2017 07:18:42 |
brnrd |
security/vuxml: Document today's cURL vulnerabilities |
1.1_3 09 Aug 2017 00:27:45 |
dbaio |
security/vuxml: Document axis2 vulnerability
Security: CVE-2016-1000031 |
1.1_3 08 Aug 2017 17:25:43 |
jbeich |
security/vuxml: mark firefox < 55 as vulnerable |
1.1_3 08 Aug 2017 16:48:21 |
feld |
Update sqlite3 vuxml entry
The lower bound was incorrect. It has existed much longer than 3.17.0. |
1.1_3 08 Aug 2017 13:29:43 |
feld |
Document sqlite3 vulnerability
Security: CVE-2017-10989 |
1.1_3 05 Aug 2017 03:37:00 |
feld |
Fix Strongswan entries
PR: 220874 |
1.1_3 02 Aug 2017 18:43:23 |
feld |
Document varnish vulnerability
Security: https://varnish-cache.org/security/VSV00001.html |
1.1_3 02 Aug 2017 00:28:29 |
cpm |
Document new vulnerabilities in www/chromium < 60.0.3112.78
Obtained
from: https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html |
1.1_3 29 Jul 2017 14:45:29 |
dbaio |
security/vuxml: Document vulnerability in cacti v1.1.13
Security: CVE-2017-11691 |
1.1_3 27 Jul 2017 09:55:29 |
mm |
security/vuxml: fix indent in last entry |
1.1_3 27 Jul 2017 09:53:52 |
mm |
security/vuxml: Add proftpd chroot secape vulnerability
Security: CVE-2017-7418 |
1.1_3 26 Jul 2017 15:06:28 |
mm |
security/vuxml: Add jabberd vulnerability
PR: 221014
Security: CVE-2017-10807 |
1.1_3 25 Jul 2017 18:17:21 |
kwm |
Document webkit2-gtk3 CVE's |
1.1_3 25 Jul 2017 12:27:58 |
swills |
Document gsoap vulnerability |
1.1_3 23 Jul 2017 18:19:06 |
brnrd |
security/vuxml: Add Percona to recent MySQL vulns
Security: cda2f3c2-6c8b-11e7-867f-b499baebfeaf |
1.1_3 23 Jul 2017 14:19:04 |
brnrd |
security/vuxml: Correct MySQL versions
Security: cda2f3c2-6c8b-11e7-867f-b499baebfeaf |
1.1_3 21 Jul 2017 14:38:40 |
olivier |
Fix collectd5's range version
Reported by: romain |
1.1_3 20 Jul 2017 08:45:11 |
tz |
Document GitLab vulnerabilities |
1.1_3 19 Jul 2017 14:45:31 |
brnrd |
security/vuxml: Document MySQL vulnerabilities |
1.1_3 19 Jul 2017 10:38:09 |
olivier |
Fix vuxmlbuild by replacing lower case by upper case in cvename
Reported by: bz |
1.1_3 19 Jul 2017 10:13:45 |
olivier |
Document vulnerability in collectd5
PR: 220797
Reported by: luca.pizzamiglio@gmail.com
Security: CVE-2017-7401 |
1.1_3 19 Jul 2017 09:43:30 |
olivier |
Document vulnerability in strongswan
PR: 220823
Reported by: i.dani@outlook.com
Security: CVE-2017-9022
Security: CVE-2017-9023 |
1.1_3 17 Jul 2017 14:22:07 |
dbaio |
security/vuxml: Document vulnerability in cacti
Security: CVE-2017-10970
Approved by: garga (mentor)
Differential Revision: https://reviews.freebsd.org/D11611 |
1.1_3 13 Jul 2017 18:45:06 |
brnrd |
security/vuxml: Document vulnerability in apache24 |
1.1_3 13 Jul 2017 17:42:14 |
jkim |
Document latest Flash Player vulnerabilities.
https://helpx.adobe.com/security/products/flash-player/apsb17-21.html |
1.1_3 13 Jul 2017 15:05:03 |
timur |
Add an entry for the CVE-2017-11103 in Samba.
Security: CVE-2017-11103 |
1.1_3 13 Jul 2017 10:57:19 |
bhughes |
ecurity/vuxml: add node.js vulnerabilities announced 2017-07-11
The vulnerability in the bundled c-ares dependency is not included,
since the Node.js ports use dns/c-ares as a dependency instead.
Approved by: mat (co-mentor)
MFH: 2017Q3
Security: http://www.vuxml.org/freebsd/3eff66c5-66c9-11e7-aa1d-3d2e663cef42.html
Differential Revision: https://reviews.freebsd.org/D11561 |
1.1_3 12 Jul 2017 00:06:23 |
osa |
Document nginx security advisory (CVE-2017-7529). |
1.1_3 08 Jul 2017 23:44:57 |
junovitch |
Document security issue fixed in CodeIgniter 3.1.5
Security: https://vuxml.FreeBSD.org/freebsd/aaedf196-6436-11e7-8b49-002590263bf5.html |
1.1_3 08 Jul 2017 14:15:24 |
feld |
Document irssi vulnerabilities
PR: 220544
Security: CVE-2017-10965
Security: CVE-2017-10966 |
1.1_3 07 Jul 2017 10:34:52 |
brnrd |
security/vuxml: Fix <url> for latest PHP entry |
1.1_3 07 Jul 2017 07:59:54 |
brnrd |
security/vuxml: Register oniguruma/php-mbstring vulns |
1.1_3 06 Jul 2017 19:26:54 |
acm |
- Add drupal7 to vuxml entry |
1.1_3 06 Jul 2017 18:47:12 |
acm |
- Document new vulnerabilities in www/drupal8 < 8.3.4 |
1.1_3 05 Jul 2017 06:33:07 |
danfe |
Another round of spelling fixes, covering entries of the year 2015. |
1.1_3 04 Jul 2017 19:01:06 |
danfe |
Fix a bunch of noticed typos and spelling mistakes, covering years
2016-2017. Some of those are so common that I've taken liberty to
fix them all over the file. |
1.1_3 03 Jul 2017 19:29:40 |
ultima |
Added vxvml entry for security/dropbear
PR: 220158
Submitted by: Piotr Kubaj <pkubaj@anongoth.pl> (maintainer)
Reviewed by: lifanov (mentor)
Approved by: lifanov (mentor)
MFH: 2017Q3
Security: http://www.vuxml.org/freebsd/60931f98-55a7-11e7-8514-589cfc0654e1.html
Differential Revision: https://reviews.freebsd.org/D11400 |
1.1_3 03 Jul 2017 09:30:03 |
brnrd |
security/vuxml: Document smarty3 shell injection vuln |
1.1_3 30 Jun 2017 13:01:13 |
cpm |
- Document libgcrypt side-channel attack on RSA secret keys
Security: CVE-2017-7526 |
1.1_3 30 Jun 2017 12:25:37 |
tz |
Document GitLab vulnerabilities |
1.1_3 30 Jun 2017 11:05:28 |
amdmi3 |
- Document tor security regression
Security: CVE-2017-0377 |
1.1_3 30 Jun 2017 07:04:38 |
brnrd |
security/vuxml: Correct apache22 version
- vulns fixed in unreleased 2.2.33
Reported by: filis (irc) |
1.1_3 21 Jun 2017 22:24:25 |
vsevolod |
Document Stack Clash vulnerability related to Exim |
1.1_3 21 Jun 2017 20:42:13 |
mm |
Document pear-Horde_Image vulnerabilities.
Security: CVE-2017-9773
Security: CVE-2017-9774 |
1.1_3 21 Jun 2017 17:20:10 |
mandree |
Document OpenVPN vulnerabilities.
Security: 9f65d382-56a4-11e7-83e3-080027ef73ec
Security: CVE-2017-7508
Security: CVE-2017-7512
Security: CVE-2017-7520
Security: CVE-2017-7521
Security: CVE-2017-7522 |
1.1_3 21 Jun 2017 07:27:28 |
brnrd |
security/vuxml: Fix entry uppercasing
- Introduced in 443943 |
1.1_3 20 Jun 2017 07:05:15 |
brnrd |
security/vuxml: Document Apache httpd vulnerabilities |
1.1_3 16 Jun 2017 10:52:28 |
cpm |
Document new vulnerabilities in www/chromium < 59.0.3071.104
Obtained
from: https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop_15.html |
1.1_3 15 Jun 2017 21:58:23 |
sunpoet |
Document cURL vulnerability |
1.1_3 15 Jun 2017 20:54:28 |
matthew |
Fix the range of vulnerable versions for p5-RT-Authen-ExternalAuth --
BestPractical have released a tarball of patches, but they've also
pushed 0.27 up to CPAN and that has the fixes incorporated. |
1.1_3 15 Jun 2017 20:42:51 |
matthew |
Document multiple vulnerabilities in www/rt42, www/rt44 and
www/p5-RT-Authen-ExternalAuth |
1.1_3 15 Jun 2017 18:26:53 |
jkim |
Document latest Flash Player vulnerabilities.
https://helpx.adobe.com/security/products/flash-player/apsb17-17.html |
1.1_3 13 Jun 2017 19:56:08 |
jbeich |
security/vuxml: mark firefox < 54 as vulnerable |
1.1_3 10 Jun 2017 06:12:55 |
woodsb02 |
Correct vulnerable versions of security/heimdal after the security fix
was backported in 7.1.0_3
PR: 219657
Security: CVE-2017-6594 |