Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
Commit | Credits | Log message |
1.1_5 21 Oct 2022 10:14:20 |
Florian Smeets (flo) |
security/vuxml: Document vulnerabilities in phpmyfaq |
1.1_5 20 Oct 2022 11:00:58 |
Wen Heping (wen) |
security/vuxml: Document Python multiple vulnerabilities |
1.1_5 19 Oct 2022 13:53:38 |
Sergey A. Osokin (osa) |
security/vuxml: document nginx vulnerabilities
Document CVE-2022-41741, CVE-2022-41742 |
1.1_5 18 Oct 2022 18:13:21 |
Renato Botelho (garga) |
security/vuxml: Document git vulnerabilities
Document CVE-2022-39253 and CVE-2022-39260
Sponsored by: Rubicon Communications, LLC ("Netgate") |
1.1_5 18 Oct 2022 07:53:34 |
Bernard Spil (brnrd) |
security/vuxml: Document OpenSSL 3.0 vuln |
1.1_5 15 Oct 2022 22:22:08 |
Nuno Teixeira (eduardo) Author: Stefan Bethke |
security/vuxml: Document Gitea vulnerabilities
PR: 267106 |
1.1_5 12 Oct 2022 20:01:26 |
Nuno Teixeira (eduardo) |
security/vuxml: Format 0d1d2c1 text |
1.1_5 12 Oct 2022 19:37:18 |
Nuno Teixeira (eduardo) |
security/vuxml: Fix malformed CVE
Fix malformed cvename entry by removing this tag since there is no CVE
for this security issue committed in 0d1d2c1 |
1.1_5 12 Oct 2022 12:33:28 |
Nuno Teixeira (eduardo) |
security/vuxml: Add mail/roundcube-thunderbird_labels vulnerabilities
PR: 266986 |
1.1_5 12 Oct 2022 10:23:11 |
Rene Ladan (rene) |
security/vuxml: add www/*chromium < 106.0.5249.119
Obtained
from: https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_11.html |
1.1_5 11 Oct 2022 05:26:58 |
Yasuhiro Kimura (yasu) |
security/vuxml: Document multiple vulnerabilities in Samba |
1.1_5 10 Oct 2022 12:21:57 |
Fernando ApesteguĂa (fernape) Author: rob2g2 |
security/strongswan: Document DOS vulnerability
ChangeLog:
https://www.strongswan.org/blog/2022/10/03/strongswan-vulnerability-(cve-2022-40617).html
PR: 266938
Reported by: rob2g2-freebsd@bitbert.com
Security: CVE-2022-40617 |
1.1_5 07 Oct 2022 15:45:00 |
Fernando ApesteguĂa (fernape) Author: Jaap Akkerhuis |
net/routinator: Add net/routinator CVE
Recent versions of Routinator contain a problem that causes Routinator to
exit if it encounters invalid data in RRDP snapshot or delta files.
Details: https://nlnetlabs.nl/downloads/routinator/CVE-2022-3029.txt
PR: 266865
Reported by: jaap@NLnetLabs.nl |
1.1_5 07 Oct 2022 01:43:31 |
Li-Wen Hsu (lwhsu) |
security/vuxml: Improve the description of c2a89e8f-44e9-11ed-9215-00e081b7aa2d
Suggested by: joneum |
1.1_5 06 Oct 2022 12:57:04 |
Wen Heping (wen) |
security/vuxml: Document Django multiple vulnerabilities |
1.1_5 06 Oct 2022 01:38:02 |
Dan Langille (dvl) |
security/vuxml: Fix broken tags |
1.1_5 05 Oct 2022 20:14:48 |
Li-Wen Hsu (lwhsu) |
security/vuxml: Document Jenkins Security Advisory 2022-09-21
Sponsored by: The FreeBSD Foundation |
1.1_5 04 Oct 2022 20:57:19 |
Dmitri Goutnik (dmgk) |
security/vuxml: Document Go vulnerabilities |
1.1_5 04 Oct 2022 06:07:19 |
Fernando ApesteguĂa (fernape) |
security/vuxml: Add devel/zydis buffer overflow
CVE-2021-41253 devel/zydis buffer overflow vulnerability.
PR: 266766
Reported by: Martin Filla <freebsd@sysctl.cz> (maintainer) |
1.1_5 02 Oct 2022 02:00:34 |
Wen Heping (wen) |
security/vuxml: Document mediawiki multiple vulnerabilities |
1.1_5 30 Sep 2022 20:50:47 |
Rene Ladan (rene) |
security/vuxml: add www/chromium < 106.0.5249.91
Obtained from:
https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_30.html |
1.1_5 30 Sep 2022 16:11:14 |
Matthias Fechner (mfechner) |
security/vuxml: document gitlab-ce vulnerabilities |
1.1_5 29 Sep 2022 05:35:45 |
Fernando ApesteguĂa (fernape) |
security/vuxml: Document unbound vulnerability
PR: 266654
Reported by: Herbert J. Skuhra <herbert@gojira.at>
Security: CVE-2022-3204 |
1.1_5 28 Sep 2022 16:00:59 |
Ashish SHUKLA (ashish) |
security/vuxml: Document vulnerabilities for Matrix clients |
1.1_5 27 Sep 2022 19:43:48 |
Rene Ladan (rene) |
security/vuxml: add www/chromium < 106.0.5249.61
Obtained
from: https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html |
1.1_5 27 Sep 2022 04:17:13 |
Tobias C. Berner (tcberner) |
security/vuxml: document vulnerability in expat < 2.4.9
Rhodri James discovered a heap use-after-free vulnerability in the
doContent function in Expat, an XML parsing C library, which could
result in denial of service or potentially the execution of arbitrary
code, if a malformed XML file is processed.
https://www.debian.org/security/2022/dsa-5236
https://nvd.nist.gov/vuln/detail/CVE-2022-40674
Security: CVE-2022-40674 |
1.1_5 26 Sep 2022 10:17:05 |
Yasuhiro Kimura (yasu) |
security/vuxml: Document exposure of sensitive information in cache manager of
squid |
1.1_5 22 Sep 2022 07:32:04 |
Yasuhiro Kimura (yasu) |
security/vuxml: Document potential remote code execution vulnerability in redis |
1.1_5 21 Sep 2022 14:25:34 |
Nuno Teixeira (eduardo) Author: Boris Korzun |
security/vuxml: Document Grafana vulnerabilies
PR: 266530 |
1.1_5 19 Sep 2022 23:50:54 |
Craig Leres (leres) |
security/vuxml: Mark zeek < 5.0.2 as vulnerable as per:
https://github.com/zeek/zeek/releases/tag/v5.0.2
The potential DoS vulnerabilities include:
- Fix a possible overflow and crash in the ICMP analyzer when
receiving a specially crafted packet
- Fix a possible overflow and crash in the IRC analyzer when
receiving a specially crafted packet
- Fix a possible overflow and crash in the SMB analyzer when
receiving a specially crafted packet
- Fix two possible crashes when converting IP headers for output
via the raw_packet event
Reported by: Tim Wojtulewicz |
1.1_5 16 Sep 2022 20:57:40 |
Romain Tartière (romain) |
security/vuxml: Document vulnerability in PuppetDB |
1.1_5 14 Sep 2022 20:47:02 |
Rene Ladan (rene) |
security/vuxml: add www/chromium < 105.0.5195.125
Obtained
from: https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html |
1.1_5 12 Sep 2022 12:56:53 |
Ashish SHUKLA (ashish) |
security/vuxml: Document vulnerability for net-im/dendrite |
1.1_5 11 Sep 2022 14:03:23 |
Dmitri Goutnik (dmgk) Author: Stefan Bethke |
security/vuxml: Document Gitea vulnerabilities
PR: 266359 |
1.1_5 08 Sep 2022 00:22:51 |
Wen Heping (wen) |
security/vuxml: Document python multiple vulnerabilities |
1.1_5 07 Sep 2022 12:36:51 |
Dmitri Goutnik (dmgk) |
security/vuxml: Document Go vulnerabilities |
1.1_5 03 Sep 2022 11:30:39 |
Rene Ladan (rene) |
security/vuxml: add www/chromium < 105.0.5195.102
Obtained from:
https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop.html |
1.1_5 01 Sep 2022 22:21:10 |
Ashish SHUKLA (ashish) |
security/vuxml: Unbreak vuxml build
Fix malformed CVE entry which I added in 46eb6e07f37e2. Thanks to dbaio@
for pointing it out. |
1.1_5 01 Sep 2022 21:55:10 |
Neel Chauhan (nc) Author: Ralf van der Enden |
dns/powerdns-recursor: Add VUXML entry |
1.1_5 01 Sep 2022 12:00:54 |
Nuno Teixeira (eduardo) |
security/vuxml: Document Grafana vulnerabilities
- vuxml: CVE-2022-31176 - Unauthorized file disclosure
PR: 266128 |
1.1_5 31 Aug 2022 22:37:41 |
Ashish SHUKLA (ashish) |
security/vuxml: Document Matrix clients' vulnerabilities |
1.1_5 31 Aug 2022 10:33:41 |
Rene Ladan (rene) |
security/vuxml: document www/chromium < 105.0.5195.52
Obtained
from: https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html |
1.1_5 31 Aug 2022 06:04:38 |
Philip Paeps (philip) |
security/vuxml: add FreeBSD SA-22:13.zlib |
1.1_5 30 Aug 2022 18:45:20 |
Matthias Fechner (mfechner) |
security/vuxml: document gitlab-ce vulnerabilities |
1.1_5 26 Aug 2022 23:50:45 |
Craig Leres (leres) |
security/vuxml: Mark zeek < 5.0.1 as vulnerable as per:
https://github.com/zeek/zeek/releases/tag/v5.0.1
The potential DoS vulnerabilities include:
- Fix a possible overflow and crash in the ARP analyzer when
receiving a specially crafted packet.
- Fix a possible overflow and crash in the Modbus analyzer when
receiving a specially crafted packet.
- Fix two possible crashes when converting IP headers for output
via the raw_packet event.
- Fix an abort related to an error related to the ordering of
record fields when processing DNS EDNS headers via events
Reported by: Tim Wojtulewicz |
1.1_5 25 Aug 2022 19:56:02 |
Ashish SHUKLA (ashish) |
security/vuxml: update Dendrite vulnerability
- add CVE information |
1.1_5 25 Aug 2022 15:56:42 |
Bernard Spil (brnrd) |
security/vuxml: Document MariaDB vulnerabilities |
1.1_5 23 Aug 2022 05:05:01 |
Matthias Fechner (mfechner) |
security/vuxml: Document gitlab vulnerability |
1.1_5 20 Aug 2022 01:24:38 |
Wen Heping (wen) |
security/vuxml: Document drupal9 multiple vulnerabilities |
1.1_5 17 Aug 2022 08:34:12 |
Rene Ladan (rene) |
security/vuxml: add www/chromium < 104.0.5112.101
Obtained
from: https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html |
1.1_5 15 Aug 2022 13:57:01 |
Ashish SHUKLA (ashish) |
security/vuxml: Document dendrite vulnerability |
1.1_5 14 Aug 2022 17:00:29 |
Nuno Teixeira (eduardo) |
security/vuxml: Document Apache Tomcat vulnerability
CVE-2022-34305 Apache Tomcat - XSS in examples web application
PR: 265821
Approved by: riggs (ports-secteam) |
1.1_5 12 Aug 2022 09:15:01 |
Guido Falsi (madpilot) |
security/vuxml: Document xfce4-tumbler vulnerability.
The vulnerability details are undisclosed at present. |
1.1_5 10 Aug 2022 21:30:06 |
Danilo G. Baio (dbaio) |
security/vuxml: Document varnish cache vulnerability |
1.1_5 10 Aug 2022 10:20:09 |
Philip Paeps (philip) |
security/vuxml: correct entry for FreeBSD SA-22:10.aio
The vulnerability reported in FreeBSD-SA-22:10.aio was corrected on the
stable/13 branch before releng/13.1 was created. Consequently, FreeBSD
13.1-RELEASE-p0 is not affected. |
1.1_5 10 Aug 2022 10:20:08 |
Philip Paeps (philip) |
security/vuxml: add FreeBSD SA-22:12.lib9p |
1.1_5 10 Aug 2022 10:20:08 |
Philip Paeps (philip) |
security/vuxml: add FreeBSD SA-22:11.vm |
1.1_5 10 Aug 2022 09:53:28 |
Philip Paeps (philip) |
security/vuxml: add FreeBSD SA-22:10.aio |
1.1_5 10 Aug 2022 09:53:28 |
Philip Paeps (philip) |
security/vuxml: add FreeBSD SA-22:09.elf |
1.1_5 10 Aug 2022 09:04:11 |
Rodrigo Osorio (rodrigo) |
security/vuxml: Document rsync client-side arbitrary file write vulnerability
PR: 265633 |
1.1_5 09 Aug 2022 09:07:27 |
Yasuhiro Kimura (yasu) |
security/vuxml: Document double free vulnerability in GnuTLS |
1.1_5 08 Aug 2022 20:35:27 |
Santhosh Raju (fox) |
security/vuxml: Document wolfSSL multiple vulnerabilities. |
1.1_5 05 Aug 2022 19:02:44 |
Nuno Teixeira (eduardo) Author: Stefan Bethke |
security/vuxml: Document Gitea multiple vulnerabilities
PR: 265527 |
1.1_5 05 Aug 2022 18:39:58 |
Bernard Spil (brnrd) |
security/vuxml: Document Unbound vulnerabilities |
1.1_5 05 Aug 2022 16:36:48 |
Nuno Teixeira (eduardo) Author: Stefan Bethke |
security/vuxml: Document Gitea multiple vulnerabilities
- Add write check for creating Commit status
https://github.com/go-gitea/gitea/pull/20334
- Check for permission when fetching user controlled issues
https://github.com/go-gitea/gitea/pull/20196
PR: 265526 |
1.1_5 05 Aug 2022 02:08:36 |
Wen Heping (wen) |
security/vuxml: Document Django multiple vulnerabilities |
1.1_5 03 Aug 2022 14:50:50 |
Rene Ladan (rene) |
security/vuxml: add www/chromium < 104.0.5112.79
Obtained from:
https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop.html |
1.1_5 02 Aug 2022 13:24:41 |
Dmitri Goutnik (dmgk) |
security/vuxml: Document Go vulnerability |
1.1_5 30 Jul 2022 06:50:09 |
Matthias Fechner (mfechner) |
security/vuxml: Document www/gitlab-ce vulnerabilities |
1.1_5 23 Jul 2022 21:57:43 |
Nuno Teixeira (eduardo) Author: Boris Korzun |
security/vuxml: Document new Grafana vulnerabilities
CVE-2022-31097 - Stored XSS
CVE-2022-31107 - OAuth Account Takeover
PR: 265330 |
1.1_5 21 Jul 2022 08:59:18 |
Guido Falsi (madpilot) |
security/vuxml: Document new VirtualBox vulnerabilities.
PR: 265350 |
1.1_5 21 Jul 2022 08:10:24 |
Bernard Spil (brnrd) |
security/vuxml: Document new MySQL vulnerabilities |
1.1_5 20 Jul 2022 14:22:56 |
Tobias C. Berner (tcberner) |
security: remove 'Created by' lines
A big Thank You to the original contributors of these ports:
* <ports@c0decafe.net>
* Aaron Dalton <aaron@FreeBSD.org>
* Adam Weinberger <adamw@FreeBSD.org>
* Ade Lovett <ade@FreeBSD.org>
* Aldis Berjoza <aldis@bsdroot.lv>
* Alex Dupre <ale@FreeBSD.org>
* Alex Kapranoff <kappa@rambler-co.ru>
* Alex Samorukov <samm@freebsd.org>
* Alexander Botero-Lowry <alex@foxybanana.com>
* Alexander Kriventsov <avk@vl.ru>
* Alexander Leidinger <netchild@FreeBSD.org> (Only the first 15 lines of the commit message are shown above ) |
1.1_5 20 Jul 2022 08:32:05 |
Rene Ladan (rene) |
security/vuxml: add www/chromium < 103.0.5060.134
Obtained
from: https://chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop_19.html |
1.1_5 18 Jul 2022 16:11:25 |
Yasuhiro Kimura (yasu) |
security/vuxml: Document potential remote code execution vulnerability in redis |
1.1_5 14 Jul 2022 12:39:43 |
Dmitri Goutnik (dmgk) |
security/vuxml: Document Go vulnerabilities |
1.1_5 12 Jul 2022 22:54:57 |
Brad Davis (brd) |
security/vuxml: document devel/git CVE-2022-29187 |
1.1_5 11 Jul 2022 15:47:56 |
Joseph Mingrone (jrm) |
security/vuxml: Note that the 2022-07-08 Node.js entry was modified
Requested by: sunpoet |
1.1_5 10 Jul 2022 09:19:26 |
Dries Michiels (driesm) Author: Robert Clausecker |
security/vuxml: document multimedia/py-mat2 CVE-2022-35410
PR: 265104 |
1.1_5 09 Jul 2022 06:09:01 |
Matthias Fechner (mfechner) |
security/vuxml: document gitlab-ce vulnerabilities |
1.1_5 08 Jul 2022 13:08:26 |
Joseph Mingrone (jrm) |
security/vuxml: Remove extra dash in 2022-07-08 Node.js CVE name
Reported by: joneum |
1.1_5 08 Jul 2022 12:56:23 |
Joseph Mingrone (jrm) |
security/vuxml: Fix CVE Names in 2022-07-08 Node.js entry
Sponsored by: The FreeBSD Foundation |
1.1_5 08 Jul 2022 12:12:18 |
Joseph Mingrone (jrm) |
security/vuxml: Document Node.js July 7th 2022 Security Releases
https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
Sponsored by: The FreeBSD Foundation |
1.1_5 07 Jul 2022 16:15:20 |
Rene Ladan (rene) |
security/vuxml: add www/chromium < 103.0.5060.114
Obtained
from: https://chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop.html |
1.1_5 05 Jul 2022 14:51:47 |
Bernard Spil (brnrd) |
security/vuxml: Add/update OpenSSL vulnerability
* Update the RSA key AVX512 vuln to 3.0.4 only
* Add new AES OCB vuln in 1.1.1q/3.0.5 |
1.1_5 04 Jul 2022 10:52:31 |
Wen Heping (wen) |
security/vuxml: Fix a typo in previous commit of document django multiple
vulnerabilities |
1.1_5 04 Jul 2022 10:48:08 |
Wen Heping (wen) |
security/vuxml: Document Django multiple vulnerabilities |
1.1_5 03 Jul 2022 18:55:26 |
Bernard Spil (brnrd) |
security/vuxml: Document OpenSSL vulnerability |
1.1_5 03 Jul 2022 06:04:08 |
Wen Heping (wen) |
security/vuxml: Document mediawiki multiple vulnerabilities |
1.1_5 29 Jun 2022 03:56:40 |
Ashish SHUKLA (ashish) |
security/vuxml: Document vulnerability for net-im/py-matrix-synapse |
1.1_5 27 Jun 2022 08:16:36 |
Bernard Spil (brnrd) |
security/vuxml: Document cURL vulnerabilities |
1.1_5 23 Jun 2022 19:18:01 |
Li-Wen Hsu (lwhsu) |
security/vuxml: Fix vuxml build
<cvename> tag needs a valid CVE name
Fixes: 8f4091638ddd9e3c0484c5791359e58aa97b493a |
1.1_5 22 Jun 2022 19:11:40 |
Li-Wen Hsu (lwhsu) |
security/vuxml: Document Jenkins Security Advisory 2022-06-22
Sponsored by: The FreeBSD Foundation |
1.1_5 22 Jun 2022 08:29:39 |
Bernard Spil (brnrd) |
security/vuxml: Document OpenSSL vulnerability
* Pet `make validate`
* Fix spacing for 482456fb-e9af-11ec-93b6-318d1419ea39
* Add discovery date for 482456fb-e9af-11ec-93b6-318d1419ea39
using tor wiki page update date. |
1.1_5 22 Jun 2022 08:02:26 |
Rene Ladan (rene) |
security/vuxml: add www/chromium < 103.0.5060.53 |
1.1_5 21 Jun 2022 21:09:38 |
Neel Chauhan (nc) Author: Rafael Grether |
graphics/p5-Image-ExifTool: Add an vuxml entry for update 12.42
PR: 264618 |
1.1_5 20 Jun 2022 14:09:26 |
Li-Wen Hsu (lwhsu) Author: Hung-Yi Chen |
security/vuxml: Add CVE-2022-24766 for www/mitmproxy
PR: 264782 |
1.1_5 17 Jun 2022 15:26:50 |
Yuri Victorovich (yuri) |
security/vuxml: Add vulnerability record for security/tor TROVE-2022-001[0] |
1.1_5 11 Jun 2022 08:06:56 |
Guido Falsi (madpilot) |
security/vuxml: Document XFCE libexo vulnerability. |
1.1_5 11 Jun 2022 00:18:10 |
Wen Heping (wen) |
security/vuxml: Document numpy vulnerabilities |