| non port: security/vuxml/Makefile |
Number of commits found: 51 |
|
Monday, 25 Sep 2023
|
11:25 Fernando Apesteguía (fernape) 
security/vuxml: Add SA_ID to make newentry
Automate registration of FreeBSD Security Advisories.
It adds a new parameter for the newentry subcommand accepting a SA ID as present
in the FreeBSD Security Advisories web page
(https://www.freebsd.org/security/advisories/)
Fills an entry following the common structure for FreeBSD SAs and leaves some
"FIXME" strings in those places that need special care.
Developers should NOT blindly trust the output of the script.
`make newentry SA_ID=FreeBSD-SA-23:11.wifi.asc`
`make newentry SA_ID=FreeBSD-SA-22:01.vt`
Reviewed by: philip@
Differential Revision: https://reviews.freebsd.org/D41966
    e90a0b1 |
|
Sunday, 12 Mar 2023
|
18:31 Fernando Apesteguía (fernape)
security/vuxml: Autofill CVE information
The `newentry` target accepts an optional parameter CVE_ID.
When provided, the newentry.sh script tries to retrieve information from the
NVD and MITRE databases and fill the template accordingly.
The script needs `textproc/jq` and warns the user and exists if it is not found.
How to use it:
make newentry CVE_ID=CVE-2022-39282
Note that this is just a helper. *YOU HUMAN* have to check that the information
is correct.
Reviewed by: tcberner, jlduran_gmail.com, mat
Differential Revision: https://reviews.freebsd.org/D38894
7744049 |
|
Tuesday, 3 Jan 2023
|
11:12 Thierry Thomas (thierry)
security/vuxml: add an entry for CVE-2022-4170 in x11/rxvt-unicode
Security: CVE-2022-4170
93b08b5 |
|
Tuesday, 15 Nov 2022
|
19:27 Rene Ladan (rene)
security/vuxml: re-organize port
- move vuln-YYYY.xml files into vuln/ as just YYYY.xml
- this prevents problems with the new check_files hook when 2023 arrives.
87748de |
|
Wednesday, 20 Jul 2022
|
14:22 Tobias C. Berner (tcberner)
security: remove 'Created by' lines
A big Thank You to the original contributors of these ports:
* <ports@c0decafe.net>
* Aaron Dalton <aaron@FreeBSD.org>
* Adam Weinberger <adamw@FreeBSD.org>
* Ade Lovett <ade@FreeBSD.org>
* Aldis Berjoza <aldis@bsdroot.lv>
* Alex Dupre <ale@FreeBSD.org>
* Alex Kapranoff <kappa@rambler-co.ru>
* Alex Samorukov <samm@freebsd.org>
* Alexander Botero-Lowry <alex@foxybanana.com>
* Alexander Kriventsov <avk@vl.ru>
* Alexander Leidinger <netchild@FreeBSD.org>
* Alexander Logvinov <ports@logvinov.com>
* Alexander Y. Grigoryev <alexander.4mail@gmail.com>
* Alexey Dokuchaev <danfe@FreeBSD.org>
* Alfred Perlstein
* Alfred Perlstein <alfred@FreeBSD.org>
* Anders Nordby <anders@FreeBSD.org>
* Anders Nordby <anders@fix.no>
* Andreas Klemm <andreas@klemm.gtn.com>
* Andrew Lewis <freeghb@gmail.com>
* Andrew Pantyukhin <infofarmer@FreeBSD.org>
* Andrew St. Jean <andrew@arda.homeunix.net>
* Anes Mukhametov <anes@anes.su>
* Antoine Brodin <antoine@FreeBSD.org>
* Anton Berezin <tobez@FreeBSD.org>
* Antonio Carlos Venancio Junior (<antonio@inf.ufsc.br>)
* Antonio Carlos Venancio Junior <antonio@inf.ufsc.br>
* Ashish SHUKLA <ashish@FreeBSD.org>
* Attila Nagy <bra@fsn.hu>
* Autrijus Tang <autrijus@autrijus.org>
* Axel Rau <axel.rau@chaos1.de>
* Babak Farrokhi <farrokhi@FreeBSD.org>
* Ben Woods <woodsb02@FreeBSD.org>
* Bernard Spil <brnrd@FreeBSD.org>
* Bernard Spil <brnrd@freebsd.org>
* Blaz Zupan <blaz@si.FreeBSD.org>
* Bob Hockney <zeus@ix.netcom.com>
* Boris Kochergin <spawk@acm.poly.edu>
* Brendan Molloy <brendan+freebsd@bbqsrc.net>
* Bruce M Simpson
* Bruce M Simpson <bms@FreeBSD.org>
* Bruce M. Simpson <bms@FreeBSD.org>
* Carlo Strub
* Carlo Strub <cs@FreeBSD.org>
* Carlos J Puga Medina <cpm@FreeBSD.org>
* Carlos J Puga Medina <cpm@fbsd.es>
* Charlie Root <se@FreeBSD.org>
* Cheng-Lung Sung <clsung@FreeBSD.org>
* Cheng-Lung Sung <clsung@dragon2.net>
* Chie Taguchi <taguchi.ch@gmail.com>
* Chris Cowart <ccowart@rescomp.berkeley.edu>
* Chris D. Faulhaber <jedgar@FreeBSD.org>
* Christer Edwards <christer.edwards@gmail.com>
* Christian Lackas
* Christopher Hall <hsw@bitmark.com>
* Clement Laforet <sheepkiller@cultdeadsheep.org>
* Clive Lin <clive@CirX.ORG>
* Colin Percival
* Cory McIntire (loon@noncensored.com)
* Craig Leres <leres@FreeBSD.org>
* Cristiano Deana <cris@gufi.org>
* Cy Schubert (Cy.Schubert@uumail.gov.bc.ca)
* Cy Schubert <Cy.Schubert@uumail.gov.bc.ca>
* Cy Schubert <cy@FreeBSD.org>
* Damian Gerow <dgerow@afflictions.org>
* Damien Bobillot
* Dan Langille
* Dan Langille <dan@freebsddiary.org>
* Dan Langille <dvl@FreeBSD.org>
* Dan Langille <dvl@freebsd.org>
* Dan Langille <dvl@sourcefire.com>
* Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* Daniel Roethlisberger <daniel@roe.ch>
* Danilo Egea Gondolfo <danilo@FreeBSD.org>
* Danton Dorati <urisso@bsd.com.br>
* Dave McKay <dave@mu.org>
* David E. Thiel <lx@FreeBSD.org>
* David O'Brien (obrien@NUXI.com)
* David O'Brien <obrien@FreeBSD.org>
* David Thiel <lx@redundancy.redundancy.org>
* Dean Hollister <dean@odyssey.apana.org.au>
* Denis Shaposhnikov <dsh@vlink.ru>
* Dereckson <dereckson@gmail.com>
* Dirk Froemberg <dirk@FreeBSD.org>
* Ditesh Shashikant Gathani <ditesh@gathani.org>
* Dom Mitchell <dom@happygiraffe.net>
* Dominic Marks <dominic.marks@btinternet.com>
* Don Croyle <croyle@gelemna.org>
* Douglas Thrift <douglas@douglasthrift.net>
* Edson Brandi <ebrandi@fugspbr.org>
* Edwin Groothuis <edwin@mavetju.org>
* Ekkehard 'Ekki' Gehm <gehm@physik.tu-berlin.de>
* Emanuel Haupt <ehaupt@FreeBSD.org>
* Emanuel Haupt <ehaupt@critical.ch>
* Eric Crist <ecrist@secure-computing.net>
* Erwin Lansing <erwin@FreeBSD.org>
* Eugene Grosbein <eugen@FreeBSD.org>
* Fabian Keil <fk@fabiankeil.de>
* Felix Palmen <felix@palmen-it.de>
* Florent Thoumie <flz@xbsd.org>
* Foxfair Hu <foxfair@FreeBSD.org>
* Frank Laszlo <laszlof@vonostingroup.com>
* Frank Wall <fw@moov.de>
* Franz Bettag <franz@bett.ag>
* Gabor Kovesdan
* Gabor Kovesdan <gabor@FreeBSD.org>
* Gabriel M. Dutra <0xdutra@gmail.com>
* Gary Hayers <Gary@Hayers.net>
* Gasol Wu <gasol.wu@gmail.com>
* Gea-Suan Lin <gslin@gslin.org>
* George Reid <greid@ukug.uk.freebsd.org>
* George Reid <services@nevernet.net>
* Greg Larkin <glarkin@FreeBSD.org>
* Greg V <greg@unrelenting.technology>
* Gregory Neil Shapiro <gshapiro@FreeBSD.org>
* Grzegorz Blach <gblach@FreeBSD.org>
* Guangyuan Yang <ygy@FreeBSD.org>
* Hakisho Nukama <nukama@gmail.com>
* Hammurabi Mendes <hmendes@brturbo.com>
* Henk van Oers <hvo.pm@xs4all.nl>
* Horia Racoviceanu <horia@racoviceanu.com>
* Hung-Yi Chen <gaod@hychen.org>
* Jaap Akkerhuis <jaap@NLnetLabs.nl>
* Jaap Boender <jaapb@kerguelen.org>
* Jacek Serwatynski <tutus@trynet.eu.org>
* James FitzGibbon <jfitz@FreeBSD.org>
* James Thomason <james@divide.org>
* Jan-Peter Koopmann <Jan-Peter.Koopmann@seceidos.de>
* Janky Jay <ek@purplehat.org>
* Janos Mohacsi
* Janos Mohacsi <janos.mohacsi@bsd.hu>
* Jean-Yves Lefort <jylefort@brutele.be>
* Jim Geovedi <jim@corebsd.or.id>
* Jim Ohlstein <jim@ohlste.in>
* Joe Clarke <marcus@marcuscom.com>
* Joe Marcus Clarke <marcus@FreeBSD.org>
* Johann Visagie <johann@egenetics.com>
* Johann Visagie <wjv@FreeBSD.org>
* John Ferrell <jdferrell3@yahoo.com>
* John Hixson <jhixson@gmail.com>
* John Polstra <jdp@polstra.com>
* John W. O'Brien <john@saltant.com>
* John-Mark Gurney <jmg@FreeBSD.org>
* Jose Alonso Cardenas Marquez <acardenas@bsd.org.pe>
* Joseph Benden <joe@thrallingpenguin.com>
* Joshua D. Abraham <jabra@ccs.neu.edu>
* Jov <amutu@amutu.com>
* Jui-Nan Lin <jnlin@freebsd.cs.nctu.edu.tw>
* Ka Ho Ng <khng300@gmail.com>
* Kay Lehmann <kay_lehmann@web.de>
* Keith J. Jones <kjones@antihackertoolkit.com>
* Kevin Zheng <kevinz5000@gmail.com>
* Kimura Fuyuki <fuyuki@hadaly.org>
* Kimura Fuyuki <fuyuki@mj.0038.net>
* Klayton Monroe <klm@uidzero.org>
* Konstantin Menshikov <kostjnspb@yandex.ru>
* Koop Mast <kwm@FreeBSD.org>
* Kris Kennaway <kris@FreeBSD.org>
* Kubilay Kocak <koobs@FreeBSD.org>
* Kurt Jaeger <fbsd-ports@opsec.eu>
* LEVAI Daniel <leva@ecentrum.hu>
* Lars Engels <lme@FreeBSD.org>
* Lars Thegler <lth@FreeBSD.org>
* Laurent LEVIER <llevier@argosnet.com>
* Luiz Eduardo R. Cordeiro
* Lukas Slebodnik <lukas.slebodnik@intrak.sk>
* Lukasz Komsta
* Mageirias Anastasios <anastmag@gmail.com>
* Marcel Prisi <marcel.prisi@virtua.ch>
* Marcello Coutinho
* Mario Sergio Fujikawa Ferreira <lioux@FreeBSD.org>
* Mark Felder <feld@FreeBSD.org>
* Mark Hannon <markhannon@optusnet.com.au>
* Mark Murray <markm@FreeBSD.org>
* Mark Pulford <mark@kyne.com.au>
* Marko Njezic <sf@maxempire.com>
* Martin Matuska <martin@tradex.sk>
* Martin Matuska <mm@FreeBSD.org>
* Martin Mersberger
* Martin Wilke <miwi@FreeBSD.org>
* Martti Kuparinen <martti.kuparinen@ericsson.com>
* Mateusz Piotrowski <0mp@FreeBSD.org>
* Matt <matt@xtaz.net>
* Matt Behrens <matt@zigg.com>
* Matthias Andree <mandree@FreeBSD.org>
* Matthias Fechner <mfechner@FreeBSD.org>
* Matthieu BOUTHORS <matthieu@labs.fr>
* Maxim Sobolev <sobomax@FreeBSD.org>
* Meno Abels <meno.abels@adviser.com>
* Michael Haro <mharo@FreeBSD.org>
* Michael Johnson <ahze@FreeBSD.org>
* Michael Nottebrock <lofi@FreeBSD.org>
* Michael Reifenberger <mr@FreeBSD.org>
* Michael Schout <mschout@gkg.net>
* Michal Bielicki <m.bielicki@llizardfs.com>
* Michiel van Baak <michiel@vanbaak.eu
* Mij <mij@bitchx.it>
* Mike Heffner <mheffner@vt.edu>
* Mikhail T. <m.tsatsenko@gmail.com>
* Mikhail Teterin <mi@aldan.algebra.com>
* Milan Obuch
* Mosconi <mosconi.rmg@gmail.com>
* Muhammad Moinur Rahman <5u623l20@gmail.com>
* Mustafa Arif <ma499@doc.ic.ac.uk>
* Neil Booth
* Neil Booth <kyuupichan@gmail.com>
* Nick Barkas <snb@threerings.net>
* Nicola Vitale <nivit@FreeBSD.org>
* Niels Heinen
* Nikola Kolev <koue@chaosophia.net>
* Nobutaka Mantani <nobutaka@FreeBSD.org>
* Oliver Lehmann
* Oliver Lehmann <oliver@FreeBSD.org>
* Olivier Duchateau
* Olivier Duchateau <duchateau.olivier@gmail.com>
* Olli Hauer
* Patrick Li <pat@databits.net>
* Paul Chvostek <paul@it.ca>
* Paul Schmehl <pauls@utdallas.edu>
* Pavel I Volkov <pavelivolkov@googlemail.com>
* Pete Fritchman <petef@databits.net>
* Peter Ankerstal <peter@pean.org>
* Peter Haight <peterh@sapros.com>
* Peter Johnson <johnson.peter@gmail.com>
* Peter Pentchev <roam@FreeBSD.org>
* Petr Rehor <rx@rx.cz>
* Philippe Audeoud <jadawin@tuxaco.net>
* Philippe Rocques <phil@teaser.fr>
* Piotr Kubaj <pkubaj@FreeBSD.org>
* Piotr Kubaj <pkubaj@anongoth.pl>
* Po-Chuan Hsieh <sunpoet@FreeBSD.org>
* RaRa Rasputin <rasputin@submonkey.net>
* Radim Kolar
* Ralf Meister
* Remington Lang <MrL0Lz@gmail.com>
* Renaud Chaput <renchap@cocoa-x.com>
* Roderick van Domburg <r.s.a.vandomburg@student.utwente.nl>
* Roland van Laar <roland@micite.net>
* Romain Tartiere <romain@blogreen.org>
* Roman Bogorodskiy
* Roman Bogorodskiy <novel@FreeBSD.org>
* Roman Shterenzon <roman@xpert.com>
* Rong-En Fan <rafan@FreeBSD.org>
* Ryan Steinmetz <zi@FreeBSD.org>
* Sahil Tandon <sahil@tandon.net>
* Sascha Holzleiter <sascha@root-login.org>
* SeaD
* Seamus Venasse <svenasse@polaris.ca>
* Sean Greven <sean.greven@gmail.com>
* Sebastian Schuetz <sschuetz@fhm.edu>
* Sergei Kolobov <sergei@FreeBSD.org>
* Sergei Kolobov <sergei@kolobov.com>
* Sergei Vyshenski
* Sergei Vyshenski <svysh.fbsd@gmail.com>
* Sergey Skvortsov <skv@protey.ru>
* Seth Kingsley <sethk@meowfishies.com>
* Shaun Amott <shaun@inerd.com>
* Simeon Simeonov <sgs@pichove.org>
* Simon Dick <simond@irrelevant.org>
* Sofian Brabez <sbrabez@gmail.com>
* Stanislav Sedov <ssedov@mbsd.msk.ru>
* Stefan Esser <se@FreeBSD.org>
* Stefan Grundmann
* Stefan Walter <sw@gegenunendlich.de>
* Stephon Chen <stephon@gmail.com>
* Steve Wills <steve@mouf.net>
* Steve Wills <swills@FreeBSD.org>
* Steven Kreuzer
* Steven Kreuzer <skreuzer@exit2shell.com>
* Sunpoet Po-Chuan Hsieh <sunpoet@FreeBSD.org>
* TAKAHASHI Kaoru <kaoru@kaisei.org>
* TAKATSU Tomonari <tota@FreeBSD.org>
* Tatsuki Makino <tatsuki_makino@hotmail.com>
* Thibault Payet <monwarez@mailoo.org>
* Thierry Thomas (<thierry@pompo.net>)
* Thierry Thomas <thierry@pompo.net>
* Thomas Hurst <tom@hur.st>
* Thomas Quinot <thomas@cuivre.fr.eu.org>
* Thomas Zander <riggs@FreeBSD.org>
* Thomas von Dein <freebsd@daemon.de>
* Tilman Linneweh <arved@FreeBSD.org>
* Tim Bishop <tim@bishnet.net>
* Tom Judge <tom@tomjudge.com>
* Tomoyuki Sakurai <cherry@trombik.org>
* Toni Viemerö <toni.viemero@iki.fi>
* Tony Maher
* Torsten Zuhlsdorff <ports@toco-domains.de>
* Travis Campbell <hcoyote@ghostar.org>
* Tsung-Han Yeh <snowfly@yuntech.edu.tw>
* Ulf Lilleengen
* Vaida Bogdan <vaida.bogdan@gmail.com>
* Valentin Zahariev <curly@e-card.bg>
* Valerio Daelli <valerio.daelli@gmail.com>
* Veniamin Gvozdikov <vg@FreeBSD.org>
* Victor Popov
* Victor Popov <v.a.popov@gmail.com>
* Vsevolod Stakhov
* Vsevolod Stakhov <vsevolod@FreeBSD.org>
* Wen Heping <wen@FreeBSD.org>
* Wen Heping <wenheping@gmail.com>
* Yarodin <yarodin@gmail.com>
* Yen-Ming Lee <leeym@FreeBSD.org>
* Yen-Ming Lee <leeym@cae.ce.ntu.edu.tw>
* Yen-Ming Lee <leeym@leeym.com>
* Ying-Chieh Liao <ijliao@FreeBSD.org>
* Yonatan <Yonatan@Xpert.com>
* Yonatan <onatan@gmail.com>
* Yoshisato YANAGISAWA
* Yuri Victorovich
* Yuri Victorovich <yuri@rawbw.com>
* Zach Thompson <hideo@lastamericanempire.com>
* Zane C. Bowers <vvelox@vvelox.net>
* Zeus Panchenko <zeus@gnu.org.ua>
* ache
* adamw
* ajk@iu.edu
* alex@FreeBSD.org
* allan@saddi.com
* alm
* andrej@ebert.su
* andrew@scoop.co.nz
* andy@fud.org.nz
* antoine@FreeBSD.org
* arved
* barner
* brix@FreeBSD.org
* buganini@gmail.com
* chinsan
* chris@still.whet.org
* clement
* clsung
* crow
* cy@FreeBSD.org
* dominik karczmarski <dominik@karczmarski.com>
* dwcjr@inethouston.net
* eivind
* erich@rrnet.com
* erwin@FreeBSD.org
* girgen@FreeBSD.org
* glen.j.barber@gmail.com
* hbo@egbok.com
* ijliao
* jesper
* jfitz
* johans
* joris
* kftseng@iyard.org
* kris@FreeBSD.org
* lx
* markm
* mharo@FreeBSD.org
* michaelnottebrock@gmx.net
* mnag@FreeBSD.org
* mp39590@gmail.com
* nbm
* nectar@FreeBSD.org
* nork@FreeBSD.org
* nork@cityfujisawa.ne.jp
* nsayer@FreeBSD.org
* nsayer@quack.kfu.com
* ntarmos@cs.uoi.gr
* oly
* onatan@gmail.com
* pandzilla
* patrick@mindstep.com
* pauls
* perl@FreeBSD.org
* petef@FreeBSD.org
* peter.thoenen@yahoo.com
* ports@c0decafe.net
* ports@rbt.ca
* roam@FreeBSD.org
* rokaz
* sada@FreeBSD.org
* scrappy
* se
* shane@freebsdhackers.net aka modsix@gmail.com
* snb@threerings.net
* sumikawa
* sviat
* teramoto@comm.eng.osaka-u.ac.jp
* thierry@pompo.net
* tobez@FreeBSD.org
* torstenb@FreeBSD.org
* trasz <trasz@pin.if.uz.zgora.pl>
* trevor
* truckman
* vanhu
* vanilla@
* wen@FreeBSD.org
* will
With hat: portmgr
857c05f |
|
Wednesday, 21 Jul 2021
|
13:40 Rene Ladan (rene)
security/vuxml: fix `make validate'
4c7dacf |
|
Sunday, 18 Jul 2021
|
17:54 Po-Chuan Hsieh (sunpoet)
security/vuxml: Fix make validate after 069e58611c7933431ec82b0b9c119677e8d6cc21
Reported by: lwhsu
Approved by: delphij (ports-secteam)
88c66b7 |
|
Wednesday, 14 Jul 2021
|
16:10 Po-Chuan Hsieh (sunpoet)
security/vuxml: Fix make test
- Respect VUXML_FILE and VUXML_FLAT_FILE [1]
It allows run "make test" on read-only media (e.g. poudriere jail)
- Copy all vuln XML file to the test directory [2]
Since vuln.xml has been split into multiple XML files, all of them must be
copied to the test directory.
Without [1], the error message is as follows:
===> Testing for vuxml-1.1_5
xmllint -noent vuln.xml > vuln-flat.xml
/bin/sh: cannot create vuln-flat.xml: Read-only file system
*** Error code 2
Stop.
Without [2], the error message is as follows:
===> Testing for vuxml-1.1_5
xmllint -noent /wrkdirs/usr/ports/security/vuxml/work/test/vuln.xml >
/wrkdirs/usr/ports/security/vuxml/work/test/vuln-flat.xml
warning: failed to load external entity
"/wrkdirs/usr/ports/security/vuxml/work/test/vuln-2021.xml"
warning: failed to load external entity
"/wrkdirs/usr/ports/security/vuxml/work/test/vuln-2020.xml"
warning: failed to load external entity
"/wrkdirs/usr/ports/security/vuxml/work/test/vuln-2019.xml"
warning: failed to load external entity
"/wrkdirs/usr/ports/security/vuxml/work/test/vuln-2018.xml"
warning: failed to load external entity
"/wrkdirs/usr/ports/security/vuxml/work/test/vuln-2017.xml"
warning: failed to load external entity
"/wrkdirs/usr/ports/security/vuxml/work/test/vuln-2016.xml"
warning: failed to load external entity
"/wrkdirs/usr/ports/security/vuxml/work/test/vuln-2015.xml"
warning: failed to load external entity
"/wrkdirs/usr/ports/security/vuxml/work/test/vuln-2014.xml"
warning: failed to load external entity
"/wrkdirs/usr/ports/security/vuxml/work/test/vuln-2013.xml"
warning: failed to load external entity
"/wrkdirs/usr/ports/security/vuxml/work/test/vuln-2012.xml"
warning: failed to load external entity
"/wrkdirs/usr/ports/security/vuxml/work/test/vuln-2011.xml"
warning: failed to load external entity
"/wrkdirs/usr/ports/security/vuxml/work/test/vuln-2010.xml"
warning: failed to load external entity
"/wrkdirs/usr/ports/security/vuxml/work/test/vuln-2009.xml"
warning: failed to load external entity
"/wrkdirs/usr/ports/security/vuxml/work/test/vuln-2008.xml"
warning: failed to load external entity
"/wrkdirs/usr/ports/security/vuxml/work/test/vuln-2007.xml"
warning: failed to load external entity
"/wrkdirs/usr/ports/security/vuxml/work/test/vuln-2006.xml"
warning: failed to load external entity
"/wrkdirs/usr/ports/security/vuxml/work/test/vuln-2005.xml"
warning: failed to load external entity
"/wrkdirs/usr/ports/security/vuxml/work/test/vuln-2004.xml"
warning: failed to load external entity
"/wrkdirs/usr/ports/security/vuxml/work/test/vuln-2003.xml"
...
*** Error code 1
Stop.
Approved by: delphij (ports-secteam)
069e586 |
|
Thursday, 1 Jul 2021
|
07:30 Li-Wen Hsu (lwhsu)
security/vuxml: Let vuln-flat.xml depend on all vuln xml files
So it can get rebuilt when any of vuln xml file changed.
Approved by: ports-secteam (fluffy, implicitly)
72458a2 |
|
Wednesday, 23 Jun 2021
|
18:21 Li-Wen Hsu (lwhsu)
security/vuxml: Fix `make validate` to use the latest vuxml file
This is a follow up for 6954792fe916862afd25cf6ce961bd7062dfb21f
Approved by: ports-secteam (fluffy)
21c57a3 |
|
Tuesday, 6 Apr 2021
|
14:31 Mathieu Arnold (mat)
Remove # $FreeBSD$ from Makefiles.
305f148 |
|
Monday, 25 Jan 2021
|
17:16 bapt
Rework vuxml a bit to make them validable again
modify tidy.xsl to make it generates manually the xml declaration
xsl is not able to generate a list of entity otherwise.
Remove copyright form included files, they are redudundant anyway and
in the end only the vuln.xml file is distribued with entities expanded
Rework a bit the entity declaration in order for the document to look
great after expansion (as it did before we introduced the expansion
mechanism)
All validation are now processed direcly on the flattened file.
This is based on a patch from mfechner here
Submitted by: mfechner
Differential Revision: https://reviews.freebsd.org/D28299
  |
|
Thursday, 21 Jan 2021
|
13:18 bapt
Split vuln.xml file [1/2]
The vuln.xml file has grown a lot since 2003. To avoid having to unlock
the svn size limitation, the file is now split into 1 file per year up
to the current year + previous one. The split is made based on the date
when the entry has been added.
In order to achieve the split without breaking any consumer we use a standard
XML mechanism via the definition of entities.
While here add a new target make vuln-flat.xml which will expand the entities
in order to be able to regenerate a one uniq file if needed. This useful to for
example allow to test with pkg audit directly given the XML parser used in pkg
does not support custom entities.
The vuxml web site generator has been modified to ensure the vuln.xml file it
provides is the expanded version, so for consumers it is still only one single
file to download.
|
|
Monday, 9 Nov 2020
|
17:08 tcberner
Prefer graphics/ligvrsvg2-rust over graphics/librsvg2
- switch to the more modern version of librsvg2 on architectures
supporting rust
- this will fix some graphical issues on these architectures
PR: 250276
Exp-run by: antoine
Submitted by: tobik
Differential Revision: https://reviews.freebsd.org/D18878
|
|
Wednesday, 23 Jan 2019
|
16:03 zi
- Add package name validation
|
|
Friday, 21 Oct 2016
|
12:51 mat
${RM} already has -f.
PR: 213570
Submitted by: mat
Exp-run by: antoine
Sponsored by: Absolight
|
|
Friday, 1 Jul 2016
|
12:23 mat
Add a test target, testing that what the port is supposed to do works.
Sponsored by: Absolight
|
12:15 mat
Add missing dependency.
Sponsored by: Absolight
|
|
Tuesday, 24 May 2016
|
22:32 bapt
Add a new keywork xmlcatmgr
It simplifies the handling of the XML and SMGL catalog
It brings a big of consistency by always specifying the catalog path absolute
instead of mixing absolute and relative path.
The keyword is also written a PKG_ROOTDIR friendly to simplify cross installing
Reviewed by: hrs
Differential Revision: https://reviews.freebsd.org/D6539
|
|
Friday, 1 Apr 2016
|
14:25 mat
Remove ${PORTSDIR}/ from dependencies, categories r, s, t, and u.
With hat: portmgr
Sponsored by: Absolight
|
|
Monday, 19 Oct 2015
|
20:22 sunpoet
- Add NO_ARCH
- While I'm here, use "yes" instead of "YES"
Approved by: portmgr (blanket)
|
|
Sunday, 12 Jul 2015
|
19:40 feld
Add ability to produce html files for vuxml entries
This will allow committers to test complex vuxml entries before
submission.
A special thanks to hrs for responding to my plea for this feature
Submitted by: hrs
|
|
Friday, 22 May 2015
|
07:04 delphij
Pass full path to the vuln.xml file to extra-validation.py. Without this,
if .OBJDIR differs from .CURDIR, the validation would fail.
PR: 193923
Reported by: jbeich
|
|
Thursday, 9 Oct 2014
|
13:17 feld
Convert USE_PYTHON_RUN to new USES syntax;
Appease the angry DEVELOPER=YES god
Approved by: mat
|
|
Saturday, 17 May 2014
|
17:58 zi
- Add STAGE support
- Add LICENSE
- Cleanup plist-related clever
- Pacify portlint(1)
- Bump PORTREVISION
With hat: ports-secteam
|
|
Sunday, 17 Nov 2013
|
02:25 eadler
Add back NO_STAGE which snuck away during testing.
|
02:12 eadler
Minor tweak to standard template in order to fit with convention
|
|
Tuesday, 12 Nov 2013
|
13:09 zi
- Set MAINTAINER to ports-secteam
Requested by: des@
With hat: ports-secteam@
|
|
Friday, 20 Sep 2013
|
22:55 bapt
Add NO_STAGE all over the place in preparation for the staging support (cat:
security)
|
|
Wednesday, 19 Jun 2013
|
21:20 eadler
Add extra-validation to the validation target.
While here, test with python2 and permit the script to run with either 2 or 3.
Requested by: delphij
With Hat: ports-secteam
|
|
Wednesday, 27 Mar 2013
|
20:44 delphij
Explicitly use -E for sed(1).
Submitted by: des
Reviewed by: eadler
|
|
Tuesday, 26 Mar 2013
|
23:25 delphij
In validate target, use unexpand and sed to make sure that we are using
consistent space style.
Reviewed by: stas, simon
|
|
Friday, 2 Nov 2012
|
18:45 ohauer
- update apache22 to version 2.22.23
- trim vuxml/Makefile header
with hat apache@
Feature safe: yes
Security: CVE-2012-2687
|
|
Friday, 7 Sep 2012
|
21:34 eadler
Add a sanity check to ensure vuxml is actually installed prior to performing
the tidy step in validate. This step actually requires just the dependancies
but the full validate requires that vuxml be installed.
Reviewed by: simon
Approved by: secteam (implicit)
|
|
Saturday, 26 May 2012
|
03:15 wxs
Make validate target remove the tidy file if it passes.
Approved by: chimera@
|
|
Thursday, 12 Apr 2012
|
00:16 eadler
Add logic to check for tidy differences in the 'make validate' target.
Approved by: secteam (simon, maintainer)
|
|
Friday, 7 Aug 2009
|
16:25 simon
When running the tidy target:
- Pipe ouput into vuln.xml.tidy instead of stdout.
- Don't hide what command we are running so it's clear where the tidy
version of the output went.
|
|
Thursday, 10 May 2007
|
17:34 simon
Backout last change.
Blackboard:
- I will remember to look at which files are committed.
- I will remember to look at which files are committed.
- I will remember to look at which files are committed.
- I will remember to look at which files are committed.
- I will remember to look at which files are committed.
- I will remember to look at which files are committed.
- I will remember to look at which files are committed.
x1000
Pointy hat to: simon
|
17:31 simon
Update PHP entry to include the vulnerable version so the entry is
correct for when PHP is updated in ports (yes it's being worked on),
or for people who upgrade "manually".
With hat: secteam
Requested by: several
|
|
Tuesday, 6 Jun 2006
|
10:57 simon
Mumble, back out local changes which should not have been committed.
|
10:55 simon
Mark squirrelmail-1.4.6_1 as fixed for squirrelmail -- plugin.php
local file inclusion vulnerability.
|
|
Tuesday, 29 Nov 2005
|
08:46 simon
Backup rev 1.9 which should not have been committed since it was just my
local hack.
Note to self: Do not commit before having at least two cups of coffee.
Pointy hat to: simon
|
08:41 simon
Mark flyspar 0.9.8 as fixed wrt. "flyspray -- cross-site scripting
vulnerabilities" since our port version of 0.9.8 includes update1 which
fixes the issue.
Reported by: Volodymyr Kostyrko via pav
|
|
Saturday, 30 Jul 2005
|
19:13 simon
Change MAINTAINER address for ports maintained by the Security Team to
secteam@ instead of security@ to make it more clear that the ports are
not maintained by the freebsd-security@ mailing list. Both addresses
go to the same people.
|
|
Friday, 13 May 2005
|
15:33 nectar
MAINTAINER -> security@FreeBSD.org
|
|
Saturday, 8 Jan 2005
|
15:43 nectar
Add a target, `newentry', that will insert a VuXML <vuln> template
(including generated VID) to the top of the `vuln.xml' file. This will
save a little time when adding new entries.
Inspired by: a patch from simon
|
|
Wednesday, 25 Aug 2004
|
15:36 hrs
- Fix "make validate" problem when textproc/xhtml-basic is
installed by adding an SGML declaration and DTDDECL.
- Remove the --catalogs option for xmllint(1) in validate.sh.
Approved by: nectar (maintainer)
PR: ports/63035
|
|
Friday, 2 Apr 2004
|
23:31 nectar
Add VuXML 1.1 DTD
Update document type declaration to VuXML 1.1
|
|
Tuesday, 30 Mar 2004
|
06:16 nectar
Add a `make tidy' target that will clean up and sort a VuXML
document. Requires xsltproc.
|
|
Wednesday, 25 Feb 2004
|
17:03 nectar
Allow validation without the need to specify which processor to use.
Now just invoke `make validate', and a shell script will be run and try
to use xmllint or nsgmls.
Requested by: des
|
|
Thursday, 12 Feb 2004
|
14:23 nectar
Add VuXML DTDs and the VuXML document for FreeBSD.
|
Number of commits found: 51 |
As an Amazon Associate I earn from qualifying purchases.