notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Ukraine
FreshPorts needs to find a new hosting provide willing to take a 2U chassis and host it free of charge. This is part of the FreshPorts project. Preferably in the Austin area. This is not a primary server, but it used for development.
non port: security/vuxml/vuln.xml
SVNWeb

Number of commits found: 6268 (showing only 100 on this page)

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11  »  [Last Page]

Wed, 5 Jan 2022
[ 13:14 Rene Ladan (rene) search for other commits by this committer ]    commit hash:355c650718a5af17bd7d977253c1e6186e495f07  355c650 
security/vuxml: document www/chromium < 97.0.4692.71

While here add definitions for 2022, as this is the first vuxml commit
of the year.  This cannot be done in its own commit because `make
  validate` complains in that case (even with a 0-byte vuln-2022.xml).

Obtained
from:	https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html
Thu, 24 Jun 2021
[ 10:03 Li-Wen Hsu (lwhsu) search for other commits by this committer ]    commit hash:9f71f97163833d903bbf94c5e15434c9f3b4ece1  9f71f97 
security/vuxml: Update the doc link and the comment of where to add new entry

Approved by:	ports-secteam (implicitly)
Wed, 23 Jun 2021
[ 14:34 Li-Wen Hsu (lwhsu) search for other commits by this committer ]    commit hash:6954792fe916862afd25cf6ce961bd7062dfb21f  6954792 
security/vuxml: Create 2021 entity

Let's create a new entity in the beginning of each year and append to it,
instead of massive copying in the end of each year.
[ 10:00 Li-Wen Hsu (lwhsu) search for other commits by this committer ]    commit hash:f3e4dbcb5ff2fe2a018f78f396a4247f1dd32cc9  f3e4dbc 
security/vuxml: Fix version range of www/py-aiohttp

This also marks 3.7.4.p0 as fixed.

PR:	256219
Tue, 22 Jun 2021
[ 16:14 Juraj Lutter (otis) search for other commits by this committer ]    commit hash:235ae8796642ebb88cee237620c61e4f4e911aed  235ae87 
security/vuxml: Document mail/dovecot vulnerabilities
[ 16:14 Juraj Lutter (otis) search for other commits by this committer ]    commit hash:a7e91b4a2f898dba97d195a0ed946b7f70240112  a7e91b4 
security/vuxml: Document mail/dovecot-pigeonhole vulnerability
Mon, 21 Jun 2021
[ 20:34 Brad Davis (brd) search for other commits by this committer ]    commit hash:c2a2f2b35ad4a23486bd9c1b4ccb50bb5eb75bbc  c2a2f2b 
security/vuxml: Fix range for www/nginx CVE-2021-23017

Reviewed by:	garga
Sponsored by:	Rubicon Communications, LLC ("Netgate")
[ 16:20 Danilo G. Baio (dbaio) search for other commits by this committer ]    commit hash:9dc61dc24711b7ffab85e219ac0bcb831005d85d  9dc61dc 
security/vuxml: Fix 'make validate'

While here, remove hyperlinks to simplify, they can be accessed through
the report's url.
Sun, 20 Jun 2021
[ 01:31 Adam Weinberger (adamw) search for other commits by this committer ]    commit hash:f7a5ae58011b7bbd155c53e071412155f0893d7f  f7a5ae5 
security/vuxml: Add entry for gitea < 1.14.3

PR:		256720
Fri, 18 Jun 2021
[ 11:01 Rene Ladan (rene) search for other commits by this committer ]    commit hash:fd3ddcabac2eaa421903819697de73add5f71930  fd3ddca 
security/vuxml: Add www/chromium < 91.0.4472.114

Obtained
from:	https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop_17.html
Tue, 15 Jun 2021
[ 15:48 Kevin Bowling (kbowling) search for other commits by this committer ]    commit hash:bfa25459fcfaf5bcb4803ff598d72208fd920580  bfa2545 
security/vuxml: Document CVE-2021-29376 for irc/ircII

PR:		255492
Reported by:	Andrew Gierth <andrew@tao11.riddles.org.uk>
Mon, 14 Jun 2021
[ 07:15 Bernard Spil (brnrd) search for other commits by this committer ]    commit hash:029ca9d69fdb1711bbb9b29ea017ab8055549989  029ca9d 
security/vuxml: Document Apache httpd vulns
Fri, 11 Jun 2021
[ 10:50 Dmitry Marakasov (amdmi3) search for other commits by this committer ]    commit hash:8c237a296c41c802eb47371f94d5e88ea250ca33  8c237a2 
security/vuxml: document CVE-2021-33564 for rubygem-dragonfly
Thu, 10 Jun 2021
[ 14:37 Rodrigo Osorio (rodrigo) search for other commits by this committer ]    commit hash:c7737d4b2e5d96b01ebc3034bdef1216456cd07d  c7737d4 
security/vuxml: Document CVE-2020-35701 for net-mgmt/cacti
[ 11:37 Rene Ladan (rene) search for other commits by this committer ]    commit hash:e3a211b95d93ae9ebae769c8b9ba5095b0fe5b21  e3a211b 
security/vuxml: add Chromium < 91.0.4472.101

Obtained
from:	https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html
Tue, 8 Jun 2021
[ 19:30 Ashish SHUKLA (ashish) search for other commits by this committer ]    commit hash:4d177318cb45c368c213f4e155ee23f16d921789  4d17731 
security/vuxml: Document CVE-2021-33896 in net-im/dino port
Sun, 6 Jun 2021
[ 20:48 Matthew Seaman (matthew) search for other commits by this committer ]    commit hash:ef3b8b2cfe595e9d2ade55206497199382ef6046  ef3b8b2 
security/vuxml: Document CVE-2021-3515 for databases/pglogical

A shell injection flaw was found in pglogical in versions before 2.3.4
and before 3.6.26. An attacker with CREATEDB privileges on a
PostgreSQL server can craft a database name that allows execution of
shell commands as the postgresql user when calling
pglogical.create_subscription().
[ 08:48 Kurt Jaeger (pi) search for other commits by this committer Author: Simon Wright ]    commit hash:daffeee5e909fad7c384d2ab5f759472db1e6c75  daffeee 
security/vuxml: add www/drupal7 CVE
Fri, 4 Jun 2021
[ 18:29 Tobias C. Berner (tcberner) search for other commits by this committer ]    commit hash:0958ffc12c9c0bba44f9a1adc0ca5173d7cd8bf9  0958ffc 
security/vuxml: document vulnerability in sysutils/polkit

Cedric Buissart reports:

	The function `polkit_system_bus_name_get_creds_sync` is used to get the
	uid and pid of the process requesting the action. It does this by
	sending the unique bus name of the requesting process, which is
	typically something like ":1.96", to `dbus-daemon`. These unique names
	are assigned and managed by `dbus-daemon` and cannot be forged, so this
	is a good way to check the privileges of the requesting process.

	The vulnerability happens when the requesting process disconnects from
	`dbus-daemon` just before the call to
	`polkit_system_bus_name_get_creds_sync` starts. In this scenario, the
	unique bus name is no longer valid, so `dbus-daemon` sends back an error
(Only the first 15 lines of the commit message are shown above View all of this commit message)
[ 09:59 Thomas Zander (riggs) search for other commits by this committer ]    commit hash:44ca7573855d48957714ccbe1e0849617ac18915  44ca757 
security/vuxml: Document CVE-2021-33054 for www/sogo*.

PR:		256374
Reported by:	rob2g2 <spam123@bitbert.com>
[ 09:38 Fernando ApesteguĂ­a (fernape) search for other commits by this committer ]    commit hash:a64c3e0ebe0c6b62e95e07d28eea2d0fad4525b8  a64c3e0 
security/vuxml: Add CVE-2020-8492 for lang/tauthon

PR: 256387
Reported by:	olivier.freebsd@free.fr
[ 09:32 Thomas Zander (riggs) search for other commits by this committer ]    commit hash:df775d9b0750551c46c5f344faa1e8789bbad071  df775d9 
security/vuxml: Document CVE-2021-28091 for security/lasso.

PR:		256373
Reported by:	spam123@bitbert.com
Thu, 3 Jun 2021
[ 23:17 Dmitri Goutnik (dmgk) search for other commits by this committer ]    commit hash:597614c7aa35a47ce2f5e909aa2c66055ed89e3a  597614c 
security/vuxml: Document lang/go vulnerabilities
[ 11:26 Dmitry Marakasov (amdmi3) search for other commits by this committer ]    commit hash:35af594b7bc172468bc41af66cc26faae91758fb  35af594 
security/vuxml: document aiohttp CVE-2021-21330
Wed, 2 Jun 2021
[ 23:53 Craig Leres (leres) search for other commits by this committer ]    commit hash:29ff3797d89eb84c5d40bb59ba2b9f8998287b64  29ff379 
security/vuxml: Mark zeek < 4.0.2 as vulnerable as per:

    https://github.com/zeek/zeek/releases/tag/v4.0.2

 - Fix potential Undefined Behavior in decode_netbios_name() and
   decode_netbios_name_type() BIFs. The latter has a possibility
   of a remote heap-buffer-overread, making this a potential DoS
   vulnerability.

 - Add some extra length checking when parsing mobile ipv6 packets.
   Due to the possibility of reading invalid headers from remote
   sources, this is a potential DoS vulnerability.
[ 18:41 Dmitry Marakasov (amdmi3) search for other commits by this committer ]    commit hash:2acbd03da0c12f63b77be9348b7f1d662322cc7d  2acbd03 
security/vuxml: add entry for PyYAML CVE-2020-14343

PR:		256220
[ 13:48 Ryan Steinmetz (zi) search for other commits by this committer ]    commit hash:687785a86a755feb934a5e7eb1d902c4431ce0ad  687785a 
security/vuxml: Document isc-dhcp44-* vulnerability

PR:		256377
[ 13:48 Ryan Steinmetz (zi) search for other commits by this committer ]    commit hash:72a5d3cd59a6a858cb043cf67579dd1621676300  72a5d3c 
security/vuxml: Fix overly large entry that violates 'make validate'
Tue, 1 Jun 2021
[ 22:37 Matthias Fechner (mfechner) search for other commits by this committer ]    commit hash:ddf691df64ce12d2b147348bb3055eaa0235d426  ddf691d 
security/vuxml: Document gitlab vulnerabilities.
[ 16:59 Jung-uk Kim (jkim) search for other commits by this committer ]    commit hash:6e4e87484e5fa0bafb115be2207ffcf4be8f4606  6e4e874 
security/vuxml: Correct CVE entry for the x11/libX11 vulnerability
[ 15:35 Sergey A. Osokin (osa) search for other commits by this committer ]    commit hash:ae21649ab74532ad61cb080c8c5d36f17d13ea73  ae21649 
security/vuxml: document vulnerability in databases/redis

Security:	CVE-2021-32625
[ 15:13 Jung-uk Kim (jkim) search for other commits by this committer ]    commit hash:51990d40050a8fb47d2296d87f205423613f0707  51990d4 
security/vuxml: Document vulnerability in x11/libX11

PR:		256034
Security:	CVE-2021-31535
[ 03:02 Guangyuan Yang (ygy) search for other commits by this committer Author: David O'Rourke ]    commit hash:6890a3c0b215c66ee4ac27745dc8caee73dda7f8  6890a3c 
security/vuxml: Document vulnerability in net-mgmt/prometheus2

PR:		255976
Security:	CVE-2021-29622
Approved by:	lwhsu (mentor)
Mon, 31 May 2021
[ 20:55 Adriaan de Groot (adridg) search for other commits by this committer ]    commit hash:0bd31cd6df4e2110846ea19edd591fdd34e3e15d  0bd31cd 
security/vuxml: Document graphics/wayland <= 1.19.0
Thu, 27 May 2021
[ 05:17 Philip Paeps (philip) search for other commits by this committer ]    commit hash:23f6f30d5c54472a4039759ebb031ea4518b8c0b  23f6f30 
security/vuxml: add FreeBSD SA-21:11.smap
[ 05:17 Philip Paeps (philip) search for other commits by this committer ]    commit hash:bbd2f19ba54f58a026d153272a2dfced70a6bb87  bbd2f19 
security/vuxml: add FreeBSD SA-21:12.libradius
Wed, 26 May 2021
[ 10:17 Rene Ladan (rene) search for other commits by this committer ]    commit hash:05bea260baec460d64150f2d581fe6749c7cd70b  05bea26 
vuln.xml: Document chromium < 91.0.4472.77

Obtained
from:	https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html
[ 00:33 Danilo G. Baio (dbaio) search for other commits by this committer ]    commit hash:b48ef2625f60a360d0c7618d1650a7dd9155b89b  b48ef26 
security/vuxml: Document net/libzmq4 issues

PR:		255102
Reported by:	Thomas Petig <thomas@petig.eu>
Security:	CVE-2019-13132
Security:	CVE-2020-15166
Tue, 25 May 2021
[ 15:40 Sergey A. Osokin (osa) search for other commits by this committer ]    commit hash:1109a4b0c62848f107f03195e7b92480b77769c1  1109a4b 
security/vuxml: document vulnerability in www/nginx and www/nginx-devel

Security:	CVE-2021-23017
Mon, 24 May 2021
[ 15:57 Palle Girgensohn (girgen) search for other commits by this committer ]    commit hash:4132a67c6395dd389c143a51fe518eccb3562cee  4132a67 
databases/pg_partman: arbitrary code execution

Security:	CVE-2021-33204
[ 15:02 Tobias C. Berner (tcberner) search for other commits by this committer ]    commit hash:4ff544422ffe21f039595fc312b2e4bff39a705c  4ff5444 
security/vuxml: document vulnerability in texptroc/expat2

Security:	CVE-2013-0340
PR: 		256121
Sun, 23 May 2021
[ 14:44 Tobias C. Berner (tcberner) search for other commits by this committer Author: Yasuhiro Kimura ]    commit hash:d4a41873b303f4097db1fb304c15e5c7d038391d  d4a4187 
security/vuxml: document vulnerability in texptroc/libxml2

PR:		256093
Security:	CVE-2021-3541
Sat, 15 May 2021
[ 09:12 Palle Girgensohn (girgen) search for other commits by this committer ]    commit hash:41060618343864d958bac8d10ff4dd39b398b3a3  4106061 
databases/postgresql??-server: multiple security issues
Thu, 13 May 2021
[ 19:44 Neel Chauhan (nc) search for other commits by this committer Author: Thomas Morper ]    commit hash:b1a6389106ec82ccd66ab4f92f604f57e1843b11  b1a6389 
security/vuxml: Add entry for net-im/prosody

PR:	255845, 255849
[ 14:43 Thierry Thomas (thierry) search for other commits by this committer ]    commit hash:0e7c332de8bbd7100f615c8b07569925f6a2e42c  0e7c332 
security/vuxml: declare vulnerabilities for ImageMagick7

PR:		255802
[ 14:43 Thierry Thomas (thierry) search for other commits by this committer ]    commit hash:e34fc76d33306c0a9b886728887f4b43692825dc  e34fc76 
security/vuxml: declare vulnerabilities for ImageMagick6

PR:		255818
Wed, 12 May 2021
[ 10:09 Thierry Thomas (thierry) search for other commits by this committer ]    commit hash:b1fa93c1a77c2d06b6c80cd4dc4ec6105e2f06d8  b1fa93c 
security/vuxml: add vunerabilities fixed in 8.2.0

PR:		255361
Tue, 11 May 2021
[ 18:11 Rene Ladan (rene) search for other commits by this committer ]    commit hash:8a46088e42ea23088057e5597de37a7db3f87496  8a46088 
Document vulnerabilities in Chromium < 90.0.4430.212

Obtained
from:	https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop.html
[ 15:19 Neel Chauhan (nc) search for other commits by this committer Author: Sascha Biberhofer ]    commit hash:d110fd22b0220d9920ab6c2ff331a697f9d603f6  d110fd2 
security/vuxml: Add entry for net-im/py-matrix-synapse
Mon, 10 May 2021
[ 12:35 Hajimu UMEMOTO (ume) search for other commits by this committer ]    commit hash:ca2859597c061cc09e5b1feb2cd4812abac8f468  ca28595 
security/vuxml: cyrus-imapd -- Remote authenticated users could bypass intended
access restrictions on c\ertain server annotations.
Sat, 8 May 2021
[ 16:03 Christian Weisgerber (naddy) search for other commits by this committer ]    commit hash:11845a30ff2383ce2de5568c3b02278e980fc0a1  11845a3 
security/vuxml: Document FLAC out-of-bounds read
[ 09:33 Matthias Andree (mandree) search for other commits by this committer ]    commit hash:487828600d153ea9347fafb6338bf742e8fe8aeb  4878286 
security/vuxml: add CVE #s for OpenEXR 2.5.4 fixes
Fri, 7 May 2021
[ 09:52 Po-Chuan Hsieh (sunpoet) search for other commits by this committer ]    commit hash:066d3dbe5cca34958c37627ee2a0363f118d2ecd  066d3db 
security/vuxml: Document rails vulnerability
Thu, 6 May 2021
[ 20:12 Dmitri Goutnik (dmgk) search for other commits by this committer ]    commit hash:bf7bd67c9b107d54328577a2e71b467090b180c4  bf7bd67 
security/vuxml: Document lang/go vulnerability
Wed, 5 May 2021
[ 08:39 Mateusz Piotrowski (0mp) search for other commits by this committer ]    commit hash:56db8443c94a9784fdc9d3b6d58eacf16fc14c60  56db844 
security/vuxml: Document Ansible vulnerability
[ 07:05 Wen Heping (wen) search for other commits by this committer ]    commit hash:f468496e18bf89a76f96495c0a382cacb29b7b52  f468496e 
security/vuxml : Document django's multiple vulnerabilities
[ 03:39 Wen Heping (wen) search for other commits by this committer ]    commit hash:1388ee6c4cbebc0c6285ce0973a2e5be0632855e  1388ee6 
Document Python's multiple vulnerabilities
Tue, 4 May 2021
[ 14:26 Bernard Spil (brnrd) search for other commits by this committer ]    commit hash:ebf298637d17a99676d2bf535fd5ebfa41ae152b  ebf2986 
security/vuxml: Update latest MySQL vuln entry

 * Adds CVE numbers
 * Mark MariaDB partially affected
Mon, 3 May 2021
[ 21:44 Sergey A. Osokin (osa) search for other commits by this committer ]    commit hash:f7743680c102e31388b1ea20a58dcded671a8746  f774368 
security/vuxml: document recent vulnerabilities with redis ports.
PR:	255580
[ 13:59 Koichiro Iwao (meta) search for other commits by this committer ]    commit hash:4689236288cc83f50bf133cd253dcc58ce61ad54  4689236 
security/vuxml: Document command injection vulnerability in RDoc

PR:		255552
Reported by:	Yasuhiro Kimura <yasu@utahime.org>
Security:	CVE-2021-31799
Sun, 2 May 2021
[ 12:59 Kurt Jaeger (pi) search for other commits by this committer Author: Geoffroy Desvernay ]    commit hash:5271faba4b2a2f9f28a3d84dcc7342442452d9b4  5271fab 
security/vuxml: add mail/sympa CVE

PR:		252464
Sat, 1 May 2021
[ 01:25 Timur I. Bakeyev (timur) search for other commits by this committer ]    commit hash:265e9a670c90ee806226bdf152df954d5f5b5898  265e9a6 
Add an entry about Samba vulnerability CVE-2021-20254:

Negative idmap cache entries can cause incorrect group entries in the Samba file
server process token.

PR:
Submitted by:
Reported by:
Reviewed by:
Approved by:
Obtained from:
MFC after:
MFH:
Relnotes:
Security:	CVE-2021-20254
Sponsored by:
Differential Revision:
Thu, 29 Apr 2021
[ 23:00 Don Lewis (truckman) search for other commits by this committer ]    commit hash:4eea2e58a13352a2ca56b9ec2c40d48072cb0d1f  4eea2e5 
security/vuxml: Update fixed version of openoffice-devel.

CVE-2021-30245 is fixed in version 1619649022 of
editors/openoffice-devel.
Wed, 28 Apr 2021
[ 21:57 Matthias Fechner (mfechner) search for other commits by this committer ]    commit hash:199adc301bbcbef519f19845dbd3d4da5295c53e  199adc3 
Document gitlab-ce vulnerabilities.
[ 21:57 Matthias Fechner (mfechner) search for other commits by this committer ]    commit hash:41ffee85fee36c10e56d70882db7f212b462560f  41ffee8 
Document vulnerabilities for www/rubygem-carrierwave.
[ 16:56 Neel Chauhan (nc) search for other commits by this committer ]    commit hash:10ad22f83cf7c9a495f3f04c822e2b63ee580215  10ad22f 
mail/sympa: add vuxml entry

PR:		255455
Submitted by:	Geoffroy Desvernay <dgeo@centrale-marseille.fr> (maintainer)
Tue, 27 Apr 2021
[ 17:11 Rene Ladan (rene) search for other commits by this committer ]    commit hash:1eeb9f4c46a0c635789fcc83ccc7ea9a9478022e  1eeb9f4 
Document new vulns, www/chromium < 90.0.4430.93

Obtained
from:	https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_26.html
Mon, 26 Apr 2021
[ 13:30 Palle Girgensohn (girgen) search for other commits by this committer ]    commit hash:7e0f5d9dfdc256ae93158afcc75292f4d42c3a93  7e0f5d9 
security/shibboleth.sp: add more information to security advisory
[ 08:36 Palle Girgensohn (girgen) search for other commits by this committer ]    commit hash:f0d60c47251226f5679aa2a1c06cafc36ce979d3  f0d60c4 
security/shibboleth-sp: add entry for upcoming vulnerability

The details are not yet disclosed.
Wed, 21 Apr 2021
[ 21:40 Craig Leres (leres) search for other commits by this committer ]    commit hash:53d0f5e5bcd4f652fdb8f2b4d0b0e2b03e2526d1  53d0f5e 
security/vuxml: Mark zeek < 4.0.1 as vulnerable as per:

    https://github.com/zeek/zeek/releases/tag/v4.0.1

Fix null-pointer dereference when encountering an invalid enum name
in a config/input file that tries to read it into a set[enum]. For
those that have such an input feed whose contents may come from
external/remote sources, this is a potential DoS vulnerability.
[ 17:48 Matthias Andree (mandree) search for other commits by this committer ]    commit hash:d1184f27e5473ca66cb58643eefb5eec8f9a8f07  d1184f2 
security/vuxml: add devel/openvpn < 2.5.2 entry

Security:	CVE-2020-15078
Security:	efb965be-a2c0-11eb-8956-1951a8617e30
[ 08:11 Rene Ladan (rene) search for other commits by this committer ]    commit hash:d70c998cc6e35b952db804a966810e4c0623be8d  d70c998 
Document new vulnerabilities in www/chromium < 90.0.4430.85

Obtained
from:	https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_20.html
Tue, 20 Apr 2021
[ 19:28 Bryan Drewery (bdrewery) search for other commits by this committer ]    commit hash:c55e97c0f341dd40a9360334e6d615e0f98cf85f  c55e97c 
Another openssh version fix for CVE-2021-28041.

Reported by:	leres
[ 19:26 Li-Wen Hsu (lwhsu) search for other commits by this committer ]    commit hash:87da0092a49ead1ae480c19dbf76bea6e3996202  87da009 
Document Jenkins Security Advisory 2021-04-20

Sponsored by:	The FreeBSD Foundation
[ 15:37 Bryan Drewery (bdrewery) search for other commits by this committer ]    commit hash:da89336b8dd885b50dd9994c56f731362270ce64  da89336 
Fix openssh version in entry for CVE-2021-28041

Reported by:	leres
[ 10:00 Bernard Spil (brnrd) search for other commits by this committer ]    commit hash:7dc3c800f66c52ab9bef7bcabe0835f9fb8638b4  7dc3c80 
security/vuxml: Add MySQL vulns
[ 03:49 Don Lewis (truckman) search for other commits by this committer ]    commit hash:940cf9711a1e9fffe0878f2c9bf916479f170972  940cf97 
security/vuxml: Document OpenOffice vulnerability CVE-2021-30245
Mon, 19 Apr 2021
[ 04:11 Kevin Bowling (kbowling) search for other commits by this committer ]    commit hash:887cfadcdf5e7ce9a33ef83ee6ee7b63ff855830  887cfad 
devel/maven: update to 3.8.1

This is not just a bugfix as it contains three features that cause a change of
default behavior (external HTTP insecure URLs are now blocked by default): your
builds may fail when using this new Maven release, if you use now blocked
repositories. Please check and eventually fix before upgrading.

Changes http://maven.apache.org/docs/3.8.1/release-notes.html

PR:		255161
Approved by:	Jonathan Chen <jonc@chen.org.nz> (maintainer)
Security:	CVE-2021-26291
		CVE-2020-13956
Sat, 17 Apr 2021
[ 16:31 Brad Davis (brd) search for other commits by this committer ]    commit hash:7031bbf81b99685426aae961c474a4e85bdef13c  7031bbf 
Document sysutils/consul vulnerabilities
Thu, 15 Apr 2021
[ 22:55 Mateusz Piotrowski (0mp) search for other commits by this committer ]    commit hash:d227a2fea96ed1c7d39c6088164ea8d5357b4e97  d227a2f 
Document accountsservice vulnerability
[ 14:46 Mateusz Piotrowski (0mp) search for other commits by this committer ]    commit hash:bc32e1b3c9bb4cd5a415e6ed3924835ecaefc197  bc32e1b 
Document textproc/mdbook vulnerability
[ 14:32 Matthias Fechner (mfechner) search for other commits by this committer ]    commit hash:d6ac57abb92763eb47a1d65ae42406568ed3df96  d6ac57a 
Document gitlab vulnerabilities.
[ 13:51 Rene Ladan (rene) search for other commits by this committer ]    commit hash:4ec0339f7320234aa2a0739ddb7b6b04598b9226  4ec0339 
Document new vulnerabilities in www/chromium < 90.0.4430.72
Wed, 14 Apr 2021
[ 17:47 Rene Ladan (rene) search for other commits by this committer ]    commit hash:34921a9d57dfccc296c4ac2aff7d3ed4d11e1923  34921a9 
Document new vulnerabilities in www/chromium < 89.0.4389.128

Obtained
from:	https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop.html
Tue, 13 Apr 2021
[ 15:50 Emmanuel Vadot (manu) search for other commits by this committer ]    commit hash:f7859bc7347197ffe57ef514a1b9774704b1f93e  f7859bc 
security/vuxml: Document xorg-server vuln
Mon, 12 Apr 2021
[ 18:29 Adam Weinberger (adamw) search for other commits by this committer ]    commit hash:8497a2d690681142cd0ed97c01a9f1940d4cf277  8497a2d 
security/vuxml: Add entry for gitea < 1.14.0

PR:		254976
Submitted by:	Stefan Bethke
[ 02:04 Steve Wills (swills) search for other commits by this committer ]    commit hash:6715140e8ba4290273585001a21a49bd5d0a793b  6715140 
security/vuxml: Document syncthing issue
Sat, 10 Apr 2021
[ 07:13 Thomas Zander (riggs) search for other commits by this committer ]    commit hash:1d4cfc12c8fa8c58010c2468a2181bcc96302e36  1d4cfc1 
security/vuxml: Document information disclosure vulnerability in python.
PR:		254780
Reported by:	yasu@utahime.org
Security:	CVE-2021-3426
[ 06:31 Thomas Zander (riggs) search for other commits by this committer ]    commit hash:1e8993822a938afd8bd61f5914150ed173a394bb  1e89938 
security/vuxml: Document 2 vulnerabilities in ftp/curl
Security:	CVE-2021-22876
		CVE-2021-22890

PR:		254772
Reported by:	yasu@utahime.org
Fri, 9 Apr 2021
[ 22:08 Adam Weinberger (adamw) search for other commits by this committer ]    commit hash:b3cd19559e13396d1f4da829fb2f2f6a8cd043eb  b3cd195 
security/vuxml: Add entry for gitea < 1.13.7

PR:	254930
Submitted by:	Stefan Bethke
Thu, 8 Apr 2021
[ 04:36 Neel Chauhan (nc) search for other commits by this committer ]    commit hash:48c9ebfaf8c1f2f890a9eefa06a0862d3767bc91  48c9ebf 
Document multiple vulnerabilities in security/clamav

PR:		254861
Submitted by:	Yasuhiro Kimura <yasu AT utahime DOT org>
[ 00:43 Li-Wen Hsu (lwhsu) search for other commits by this committer ]    commit hash:80690bd29e8384316ecda1808f8965269e051c29  80690bd 
Document Jenkins Security Advisory 2021-04-07

Sponsored by:	The FreeBSD Foundation
Wed, 7 Apr 2021
[ 18:58 Bradley T. Hughes (bhughes) search for other commits by this committer ]    commit hash:9d9b2b96740807ae005915f3a3d212557b52f1ed  9d9b2b9 
security/vuxml: document Node.js April 2021 Security Releases

https://nodejs.org/en/blog/vulnerability/april-2021-security-releases/
[ 16:10 Lewis Cook (lcook) search for other commits by this committer ]    commit hash:01b07b7e020b9a5809980a3c85fd5ef73c9a354e  01b07b7 
security/vuxml: Document upnp stack overflow vulnerability

Approved by:		fernape (mentor)
Differential Revision:	https://reviews.freebsd.org/D29618
[ 11:24 Philip Paeps (philip) search for other commits by this committer ]    commit hash:86fc557be0a913534306ca1451e9862b65a3f7dc  86fc557 
security/vuxml: add FreeBSD SA-21:10.jail_mount
[ 11:24 Philip Paeps (philip) search for other commits by this committer ]    commit hash:5fc1c8e1322f9a3fddf86ad129697cfb01c864ba  5fc1c8e 
security/vuxml: add FreeBSD SA to CVE-2021-3449/50

Note that FreeBSD 12.2 prior to FreeBSD 12.2-RELEASE-p5 was vulnerable
to CVE-2021-3449 and CVE-2021-3450.  Reference FreeBSD-SA-21:07.openssl.
[ 11:24 Philip Paeps (philip) search for other commits by this committer ]    commit hash:f5644310b27dc209f0c508945c2630a8cdf3b6ec  f564431 
security/vuxml: add FreeBSD SA-21:08.vm
[ 11:24 Philip Paeps (philip) search for other commits by this committer ]    commit hash:ea0a0473cb840eba059195fb2b36d912f60ec060  ea0a047 
security/vuxml: add FreeBSD SA-21:09.accept_filter
Tue, 6 Apr 2021
[ 14:31 Mathieu Arnold (mat) search for other commits by this committer ]    commit hash:135fdeebb99c3569e42d8162b265e15d29bd937d  135fdee  (Only the first 10 of 2028 ports in this commit are shown above. View all ports for this commit)
all: Remove all other $FreeBSD keywords.
[ 13:53 Koichiro Iwao (meta) search for other commits by this committer ]    commit hash:cbbdab46f9b73b3593fb453c4a2523936d569e15  cbbdab4 
security/vuxml: Document XML round-trip vulnerability of REXML in Ruby

Document XML round-trip vulnerability of REXML in Ruby.

PR:		254793
Reported by:	Yasuhiro Kimura <yasu@utahime.org>
Security:	CVE-2021-28965

Number of commits found: 6268 (showing only 100 on this page)

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11  »  [Last Page]