kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
224700 commits 42 branches 80 tags 2.7 GiB
Commit graph

2050 commits

Author SHA1 Message Date
Martin Wilke
3b192bf394 - Rework latest horde-base entry (ee23aa09-a175-11de-96c0-0011098ad87f) 
Feature safe:	yes
 2009-09-21 22:23:27 +00:00
Cy Schubert
bb5791eb2b Fix a formatting issue. 
Pointy hat to:		myself
Noticed by:		miwi
Feature safe:		Yes
 2009-09-20 14:54:45 +00:00
Xin LI
a7bc818a58 Fix build. 
Feature safe:	yes
 2009-09-20 05:58:11 +00:00
Cy Schubert
71b70a417a Document a security problem in fwbuilder/libfwbuilder 3.0.4 - 3.0.6. 
Generated iptables scripts when used to generate static routing
configurations have a security issue.

Feature safe:	Yes
 2009-09-20 05:37:33 +00:00
Sergey Skvortsov
d54cc74933 Document "bugzilla" - two SQL injections, sensitive data exposure. 
Feature safe:	yes
 2009-09-17 13:28:23 +00:00
Thierry Thomas
fbf9be95f2 Adding an entry for three vulnerabilities fixed in the latest Horde 
framework (i.e. the port www/horde-base).
 2009-09-14 21:57:10 +00:00
Stanislav Sedov
b8f4579b4f - Fix formatting. 
- Add link to the debian security advisory.
- Fix the description to be the actual citation from the official sources
  instead of some wild interpretation.  We do not know for sure if remote
  code execution is possible at all and from looking to the source code it
  seems unlikely as the buffer undeflown is allocated on the heap.  Moreover,
  it is not clear if this is exploitable in the default install.

Discussed with:	az
 2009-09-14 20:06:29 +00:00
Wesley Shields
facff74f71 Document nginx DoS condition. 
Submitted by:	az@ (via IRC)
 2009-09-14 19:48:49 +00:00
Hajimu UMEMOTO
85730a61e2 Add cvename and bid for cyrus-imapd potential buffer overflow 
in Sieve.
 2009-09-13 16:56:09 +00:00
Henrik Brix Andersen
1a531796cb Add ikiwiki vulnerability. 2009-09-13 16:06:09 +00:00
Martin Wilke
5b8a5face1 - Cleanup previous commit 2009-09-13 11:24:29 +00:00
Henrik Brix Andersen
c397125d4e - Add xapian-omega cross-scripting vulnerability 2009-09-13 11:06:03 +00:00
Martin Wilke
e1deac5720 - Document mozilla firefox -- Multiple Vulnerabilities 2009-09-10 17:28:31 +00:00
Hajimu UMEMOTO
7878fbe676 Fix xml broke by my previous commit. 2009-09-09 15:13:18 +00:00
Hajimu UMEMOTO
b5676c9c51 Document cyrus-imapd potential buffer overflow vulnerability in Sieve. 2009-09-09 15:08:34 +00:00
Wesley Shields
771a86a6e6 - Document silc-toolkit format string vulnerabilities. Unfortunately little 
information is provided publicly.
 2009-09-08 23:24:30 +00:00
Martin Wilke
89cf4d3959 - Mark seamonkey as safe 2009-09-04 08:18:06 +00:00
Martin Wilke
254ca80c95 - Update latest Opera entry, 
* add missing linux-opera
	* fix topic
 2009-09-04 08:02:40 +00:00
Philippe Audeoud
6e04f07d94 - Fix vuxml build 
Pointyhat to:	me
 2009-09-04 07:26:23 +00:00
Philippe Audeoud
165d40e840 - Fix vuxml build 
Pointyhat to:	itetcu
 2009-09-04 07:12:23 +00:00
Ion-Mihai Tetcu
a31d838185 Add an atry for opera < 10.00 
PR:		138449
Submitted by:	maintainer
 2009-09-04 05:59:39 +00:00
Martin Wilke
185b81ad7b - Fix cvenames 2009-09-02 12:32:23 +00:00
Martin Wilke
41ef7e81cb - Document dnsmasq -- TFTP server remote code injection vulnerability 
PR:		138418 (based on)
Submitted by:	Matthias Andree <matthias.andree@gmx.de>
 2009-09-02 11:42:22 +00:00
Jun Kuriyama
7d8c4cf6ea - I cannot confirm these vulns can be affected to 1.3.x and 2.0.x 
lines.  Limit this entry to 2.2.x until confirmed.
 2009-08-25 08:20:28 +00:00
Jun Kuriyama
f75ce29b94 Add apache-2.2.12 fixes. 2009-08-25 06:47:17 +00:00
Beat Gaetzi
c7524d4dd9 - Mark thunderbird 2.0.0.23 and higher as safe 
Approved by:	secteam (miwi)
 2009-08-22 11:48:56 +00:00
Wesley Shields
7680918088 - Document pidgin, libpurple, and finch memory corruption. 
PR:		ports/137997
Submitted by:	Armin Pirkovitsch <armin@frozen-zone.org>
 2009-08-20 19:37:44 +00:00
Wesley Shields
f3bdda8556 - Document NUL byte problem in gnutls and gnutls-devel 
- Document multiple vulnerabilities in older versions[1]

Note:  These have all been fixed with the exception of the NUL byte problem
in gnutls-devel.

PR:		[1]: ports/134785
Submitted by:	[1]: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
Reviewed by:	miwi
 2009-08-17 14:37:29 +00:00
Marcus Alves Grando
26e6464db9 - memcached -- memcached stats maps Information Disclosure Weakness 
PR:		134206
Submitted by:	Mark Foster <mark___foster.cc>
 2009-08-17 13:26:56 +00:00
Martin Wilke
a4b3ce54d5 - Update latest wordpress entry 
* add wordpress-mu which was also affected
- Mark latest fetchmail entry as safe
 2009-08-13 09:55:13 +00:00
Steven Kreuzer
7e56d9a294 Document remote admin password reset vulnerability in wordpress <= 3.8.3 
Reviewed by:	simon
 2009-08-12 14:57:25 +00:00
Dmitry Marakasov
5ece323d77 - Document fetchmail -- improper SSL certificate subject verification 2009-08-11 14:54:15 +00:00
Steven Kreuzer
8f0396b267 Fix typo in affected version number for vid 
739b94a4-838b-11de-938e-003048590f9e

Submitted by:	Roberto Nunnari <robi@nunnisoft.ch> (Private eMail)
Reviewed by:	simon
 2009-08-11 13:35:15 +00:00
Steven Kreuzer
4809b1d326 - Fix improper formatting reported by miwi 
- Add additioinal reference url for vid 739b94a4-838b-11de-938e-003048590f9e
reported by miwi

Reviewed by:	miwi
 2009-08-07 21:24:48 +00:00
Steven Kreuzer
eeb8739db6 Document com_mailto Timeout Issue in www/joomla15 2009-08-07 20:06:23 +00:00
Simon L. B. Nielsen
b8763cbc76 Cleanup whitespace and XML format using 'make tidy' and a bit manual 
editing.
 2009-08-07 16:30:31 +00:00
Simon L. B. Nielsen
c1f51dfec3 When running the tidy target: 
- Pipe ouput into vuln.xml.tidy instead of stdout.
- Don't hide what command we are running so it's clear where the tidy
  version of the output went.
 2009-08-07 16:25:52 +00:00
Simon L. B. Nielsen
948097f746 Various affects fixes to the last 3 Mozilla/Firefox entries to make then 
match correctly against package names.  In particular the port name
instead of package name was used in a couple of places.  For Seamonkey
and Thunderbird where no known fixes exist don't include a fixed
version.
 2009-08-07 13:18:43 +00:00
Martin Wilke
bca2f3a744 - Update previous subversion entry, 
add missing p5-subversion and py-subversion
 2009-08-07 10:48:55 +00:00
Martin Wilke
0f1c4967d5 - Fix latest firefox entry. 
Reported by:	b.f <bf1793@gmail.com>
 2009-08-07 09:31:30 +00:00
Simon L. B. Nielsen
e341f2cd72 Document subversion -- heap overflow vulnerability. 2009-08-06 21:41:57 +00:00
Simon L. B. Nielsen
27300f3251 Add a few CVE names to the 'squid -- several remote denial of service 
vulnerabilities' entry.
 2009-08-05 23:23:26 +00:00
Simon L. B. Nielsen
ffa5a2aa6e Document bugzilla -- product name information leak. 2009-08-05 23:19:37 +00:00
Martin Wilke
b2bf020f5a - Mark squid 3.1.0.12 as safe 2009-08-04 23:15:11 +00:00
Martin Wilke
2d8c727e39 - Document mozilla -- multiple vulnerabilities 2009-08-04 22:57:02 +00:00
Wesley Shields
43938ae30f - Add bind9-sdb-ldap and bind9-sdb-postgresql to recent BIND DoS. 
Reviewed by:	miwi
 2009-08-04 18:20:18 +00:00
Wesley Shields
7ef95f2d74 - Document silc-client and silc-irssi-plugin format string vulnerability. 
Reviewed by:	miwi
 2009-08-04 18:06:58 +00:00
Thierry Thomas
9bd4a28be3 Mark mail/squirrelmail-multilogin-plugin as FORBIDDEN and add the 
corresponding entry in VuXML.

Security:	VuXML: 0d0237d0-7f68-11de-984d-0011098ad87f
 2009-08-02 14:11:24 +00:00
Wesley Shields
bad56ae20d - White space fixes and correct the entry date in 
vid 83725c91-7c7e-11de-9672-00e0815b8da8
 2009-08-01 14:25:45 +00:00
Wesley Shields
3409d821d2 s/package/system/ for vid fbc8413f-2f7a-11de-9a3f-001b77d09812. 
Reviewed by:	remko
Approved by:	secteam (remko)
 2009-08-01 14:17:29 +00:00