kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
224700 commits 42 branches 80 tags 2.7 GiB
Commit graph

2050 commits

Author SHA1 Message Date
Martin Wilke
635e827515 - Fix discovery date from previous entry 2009-03-16 21:01:09 +00:00
Martin Wilke
765337b861 - Document gstreamer-plugins-good -- multiple memory overflows 
PR:		 based on 132428
 2009-03-16 20:37:17 +00:00
Martin Wilke
b4cf27eb74 - Document libsndfile -- CAF processing integer overflow vulnerability 
PR:		based on 132371
 2009-03-16 19:50:10 +00:00
Martin Wilke
9f12e0ff02 - Fix roundcube entry 
Pointy hat to:	me
 2009-03-16 19:33:22 +00:00
Martin Wilke
9e21f29c30 - Document ffmpeg -- 4xm processing memory corruption vulnerability 
PR:		based on 132434
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
 2009-03-16 19:25:06 +00:00
Martin Wilke
ac98934a33 - Document roundcube -- webmail script insertion and php code injection 
PR:		based on 130968
 2009-03-16 18:49:33 +00:00
Martin Wilke
6ff8e622dc - Document proftpd -- multiple sql injection vulnerabilities 
PR:		based on 132369
 2009-03-16 18:11:40 +00:00
Martin Wilke
2da57f878f - Fix a typo 2009-03-16 17:51:11 +00:00
Martin Wilke
905c47c943 - Document zappix -- php frontend multiple vulnerabilities 
PR:		based on 132315
 2009-03-16 17:38:25 +00:00
Martin Wilke
cd6c576ba4 - Document php-mbstring -- php mbstring buffer overflow vulnerability 
PR:		based on 130603
 2009-03-16 17:13:48 +00:00
Martin Wilke
917343365e - Document phppgadmin -- directory traversal with register_globals enabled 
PR:		based on 132346
 2009-03-16 17:01:04 +00:00
Martin Wilke
0fa9447355 - Document opera -- multiple vulnerabilities 
PR:		based on 132437
 2009-03-15 20:42:00 +00:00
Martin Wilke
65e5b90bf4 - Clean up latest curl entry 2009-03-14 08:35:42 +00:00
Thomas Abthorpe
673ff0c2eb - Document epiphany -- untrusted search path vulnerability 2009-03-12 02:30:02 +00:00
Thomas Abthorpe
3ad800ee34 - Document apache -- Cross-site scripting vulnerability 2009-03-11 20:17:10 +00:00
Dmitry Marakasov
fa8fe25c56 - Document pngcrush -- libpng Uninitialised Pointer Arrays Vulnerability 
Reviewed by:	tabthorpe
 2009-03-05 00:35:07 +00:00
Peter Pentchev
bbc81a3bc4 Document the cURL redirection security bypass - CVE-2009-0037. 
I'll update the ftp/curl port itself ASAP.

PR:		132299
Reported by:	Mark Foster <mark@foster.cc> (the PR),
		Daniel Bond <db@danielbond.org> (e-mail)
 2009-03-04 15:30:27 +00:00
Joe Marcus Clarke
3262b5369b Bump the modified date for the previous Firefox change. 
Requested by:	miwi
 2009-02-23 20:48:17 +00:00
Joe Marcus Clarke
7cf62abcff Correct the Firefox 2.0 version for the recent Firefox vulnerabilities. 2009-02-23 20:41:47 +00:00
Marcus Alves Grando
1060ab3514 - Add CVE entries for last lighttpd security issue. 
Reported by:	Eygene Ryabinkin <rea-fbsd___codelabs.ru>
 2009-02-23 00:53:22 +00:00
Greg Larkin
549cd8c770 - Update to 1.7.5 
- Added UPDATING entry about incompatibility between 1.7.4 and 1.7.5
- Added vuln.xml entry for local file inclusion vulnerability in <1.7.5
- Added maintainer mode target in ZF Makefile to speed up fixups of
  pkg-plist output from genplist

Security:	cf495fd4-fdcd-11dd-9a86-0050568452ac
Security:	http://framework.zend.com/issues/browse/ZF-5748
Security:	http://weierophinney.net/matthew/archives/206-Zend-Framework-1.7.5-Released-Important-Note-Regarding-Zend_View.html
 2009-02-18 18:06:37 +00:00
Philippe Audeoud
aae2119c20 - Document dia -- remote command execution vulnerability 
Reviewed by:	miwi
 2009-02-17 21:10:46 +00:00
Martin Wilke
5a76589457 - Document pycrypto -- ARC2 module buffer overflow 
PR:		based on 131689
Submitted by:	Mark Foster <mark@foster.cc>
 2009-02-15 21:45:24 +00:00
Joe Marcus Clarke
8a59b410de Update the latest firefox vulnerability ranges. 2009-02-15 18:23:19 +00:00
Jun Kuriyama
62afe5b355 Minor whitespace nits. 2009-02-15 13:29:57 +00:00
Martin Wilke
62a2e96d35 - Update previous entry 
* remove duplicate bid entry
   * add more referens
   * fix whitespaces
 2009-02-15 13:08:19 +00:00
Dag-Erling Smørgrav
ff2d9848e9 Document Varnish 2.0 DoS. 
PR:		ports/131690
Submitted by:	Mark Foster <mark@foster.cc>
 2009-02-15 11:06:47 +00:00
Martin Wilke
e1bd1d93f0 - Document tor -- multiple vulnerabilites 2009-02-13 13:30:03 +00:00
Martin Wilke
dde88a4d42 - Fix portaudit conflict with www/firefox and www/firefox3 
- Mark www/firefox and www/linux-firefox FORBIDDEN

Discussion by:	simon/stas
With hat:	secteam
 2009-02-11 19:15:07 +00:00
Martin Wilke
db7144e84d - Fix latest firefox entry 2009-02-11 16:52:36 +00:00
Martin Wilke
e87bb59e51 - Document firefox -- multiple vulnerabilities 2009-02-11 14:37:26 +00:00
Greg Larkin
3829910cac - document codeigniter -- arbitrary script execution in the new 
Form Validationclass
 2009-02-11 14:15:25 +00:00
Philippe Audeoud
b732b885ec - Document pyblosxom -- atom flavor multiple XML injection vulnerabilities 
Reviewed by:	miwi
 2009-02-11 13:36:14 +00:00
Martin Wilke
a5ffde8a8b - Document typo3 -- cross-site scripting and information disclosure 2009-02-11 10:15:25 +00:00
Martin Wilke
b10bcbd712 - Update latest squid* entry 
Add CVE-2009-0478

Submitted by:	jadawin
 2009-02-10 20:53:22 +00:00
Stanislav Sedov
1f5ee05656 - Update ruby vuxml entries due to ruby19 version bump. 2009-02-09 17:55:33 +00:00
Martin Wilke
fe7b9f5082 - Document amaya -- multiple buffer overflow vulnerabilities 
PR:		based on 131508
Submitted by:	Mark Foster <mark@foster.cc>
 2009-02-09 15:31:02 +00:00
Martin Wilke
c24432089c - Document websvn -- multiple vulnerabilities 
PR:		based on 130934
Submitted by:	Mark Foster <mark@foster.cc>
 2009-02-09 14:52:55 +00:00
Martin Wilke
7f17dcce80 - Document phplist -- local file inclusion vulnerability 
PR:		based on 130932
 2009-02-09 14:20:16 +00:00
Martin Wilke
8196cf420c - Document squid -- remote denial of service vulnerability 
PR:		based on 131431
 2009-02-09 14:04:18 +00:00
Martin Wilke
c0f7f3032f - Fix topic s/typo/typo3 2009-02-09 13:41:36 +00:00
Martin Wilke
0d145fbb80 - Document typo3 -- Multiple Vulnerabilities 2009-02-09 13:30:09 +00:00
Martin Wilke
bec5701c09 - Fix previous entry 2009-02-06 19:59:49 +00:00
Tom McLaughlin
a2745142d5 Security update for sudo to 1.6.9p20 for CVE 2009-0034 
Changes:
- Only use the cached supplementory group vector when matching groups
  for the invoking user. (security)
- When setting the umask, use the union of the user's umask and the
  default value set in sudoers so that we never lower the user's umask
  when running a command.
- Sudo now operates in the C locale again when doing a match against
  sudoers.

PR:		131446
Submitted by:	Eygene Ryabinkin
Security:	vid:13d6d997-f455-11dd-8516-001b77d09812
 2009-02-06 19:35:46 +00:00
Martin Wilke
a7d87b5548 - Fix a typo (s/drual/drupal) 2009-02-04 14:01:58 +00:00
Martin Wilke
90ab7d09a8 - Cleanup 2009-02-04 13:53:49 +00:00
Martin Wilke
788051a5bf - Document drupal -- multible vulnerabilities 2009-02-04 13:47:09 +00:00
Alex Dupre
5b3afb6eb8 Update php5-gd entry. 2009-02-04 06:47:06 +00:00
Martin Wilke
bb7ac554a0 - Document perl -- Directory Permissions Race Condition 
PR:		based on 129317
 2009-02-03 21:42:52 +00:00
Martin Wilke
ec37c276d9 - Rework ganglia entry 
* Fix topic
  * Fix discovery and entry day
 2009-01-30 09:55:01 +00:00
Martin Wilke
eb52091dd6 - Set modified for b9077cc4-6d04-4bcb-a37a-9ceaebfdcc9e entry 
- more cleanup
 2009-01-30 09:13:58 +00:00
Martin Wilke
7ec1c9e83f - Document moinmoin -- multiple cross site scripting vulnerabilities 2009-01-30 08:59:45 +00:00
Martin Wilke
c294be32da - Cleanup previous entry 
* remove whitespaces
	* sort bid/cvename/url
 2009-01-30 08:51:50 +00:00
Brooks Davis
47e24183d5 Upgrade Ganglia to 3.1.1 plus a fix for CVE-2009-0241. 
PR:		ports/129822, ports/131067
Submitted by:	Mark Foster <mark at foster dot cc> (vuxml)
Security:	vid:b9077cc4-6d04-4bcb-a37a-9ceaebfdcc9e
 2009-01-30 03:56:35 +00:00
Martin Wilke
dbf6acc620 - Document Tor -- Unspecified Memory Corruption Vulnerability 2009-01-29 22:49:09 +00:00
Martin Wilke
b532357cb1 - Cleanup 
* Fix whitespaces/ Tabs
	* Sort <bid>/<cvename>/<url>
 2009-01-28 13:11:23 +00:00
Martin Wilke
b8b9fc65a6 - Rewording 2ffb1b0d-ecf5-11dd-abae-00219b0fc4d (glpi -- SQL Injection) 
- Add more reference sites
 2009-01-28 13:05:28 +00:00
Philip M. Gollucci
92069b4fb5 Document glpi -- SQL Injection vulnerabilty 
PR:             ports/131011
Submitted by:   Mathias Monnerville <mathias@monnerville.com>
 2009-01-28 05:07:48 +00:00
Thomas Abthorpe
d6723ec5fc - Document openfire -- multiple vulnerabilities 
PR:		ports/130606
Submitted by:	Mark Foster <mark foster.cc>
 2009-01-25 00:56:17 +00:00
Xin LI
7a2e3cd4d8 Update information about 9fff8dc8-7aa7-11da-bf72-00123f589060 
and 651996e0-fe07-11d9-8329-000e0c2e438a, newer versions of
apache+ipv6 has the problems fixed.

Submitted by:	sumikawa
 2009-01-24 02:31:09 +00:00
Wesley Shields
f27c4d117f - Document two old ipsec-tools DoS 
PR:		ports/129468
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
 2009-01-21 19:44:14 +00:00
Wesley Shields
0c4df6fc1f - Document directory traversal bug in teamspeak server 
PR:		ports/130608
Submitted by:	Mark Foster <mark@foster.cc>
 2009-01-20 15:20:16 +00:00
Wesley Shields
dba6f35472 - Document graphics/optipng buffer overflow 
PR:		ports/129072
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
 2009-01-19 20:21:31 +00:00
Wesley Shields
ebe2a809df - Document old gitweb privilege escalation vulnerability. 
PR:		ports/130600
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
 2009-01-19 20:04:50 +00:00
Christian Weisgerber
637b6be877 Document vulnerability in older versions of GNU tar. 
PR:		130602
Submitted by:	Mark Foster <mark@foster.cc>
 2009-01-16 16:11:03 +00:00
Martin Wilke
74192b0e82 - Mark net-mgmt/nagios2 as secure 2009-01-16 00:02:52 +00:00
Martin Wilke
fb1db58464 - Document mplayer -- vulnerability in STR files processor 
PR:		based on 130573
 2009-01-15 23:00:51 +00:00
Martin Wilke
5616bcd898 - Cleanup previous entry 
- Add more references
 2009-01-13 12:22:21 +00:00
Wesley Shields
3c02ff951e - Add missing blockquote and linewrap properly 2009-01-13 03:30:52 +00:00
Wesley Shields
914d59516e - Document cgiwrap XSS vulnerability 
PR:		ports/130277
Submitted by:	Eric W. Bates <ericx@vineyard.net>
 2009-01-13 03:19:19 +00:00
Martin Wilke
cbfb20634d - Document nagios -- web interface privilege escalation vulnerability 2009-01-12 12:27:39 +00:00
Martin Wilke
ea09970eab - Document pdfjam -- insecure temporary files 
PR:		based on 130028
 2009-01-11 19:58:49 +00:00
Martin Wilke
633df53255 - Document verlihub -- insecure temporary file usage and arbitrary command execution 2009-01-11 19:35:54 +00:00
Martin Wilke
c945a46b23 - Document mysql -- empty bit-string literal denial of service 
PR:		based on 129978
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
 2009-01-11 18:16:00 +00:00
Martin Wilke
e6b03a8177 - Fix discovery date 2009-01-11 15:38:48 +00:00
Martin Wilke
280550654c - Document mysql multiple vulnerabilities: 
* mysql -- renaming of arbitrary tables by authenticated users
	* mysql -- remote Denial of Service via malformed password packet
	* mysql -- privilege escalation and overwrite of the system table information

PR:		based on 130025
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
 2009-01-11 15:27:57 +00:00
Martin Wilke
567b1cca0d - Document imap-uw -- imap c-client buffer overflow 
PR:		130013
Submitted by:	Mark Foster <mark@foster.cc>
Approved by:	maintainer timeout
 2009-01-11 14:49:32 +00:00
Martin Wilke
ebb3f3cc97 - Fix a small typo 2009-01-11 14:32:43 +00:00
Martin Wilke
74e66cffb3 - Document imap-uw -- local buffer overflow vulnerabilities 
PR:		128923
Submitted by:	Mark Foster <mark@foster.cc>
Approved by:	maintainer timeout
 2009-01-11 14:29:50 +00:00
Martin Wilke
ca61f4353a - Document libcdaudio -- remote buffer overflow and code execution 2009-01-11 13:15:53 +00:00
Thomas Abthorpe
47b4570f87 - Mark xterm 238 safe 2009-01-06 04:31:42 +00:00
Remko Lodder
4e34f82619 Import latest FreeBSD-SA's so that we are up to date again. 2009-01-05 10:09:57 +00:00
Stanislav Sedov
dc769dae8d - Document xterm vulnerability. 2009-01-05 09:40:29 +00:00
Stanislav Sedov
d965e28c53 - Document PHP gd library vulnerability. 2009-01-05 09:06:12 +00:00
Martin Wilke
69689f20c0 - Update awstats entry (also affect www/awstats-devel) 2009-01-04 09:13:16 +00:00
Chin-San Huang
bd27d11ffa - Fix the affected version of awstats 2009-01-04 08:01:22 +00:00
Chin-San Huang
915242e775 - Document awstats -- multiple XSS vulnerabilities 
PR:		ports/129957
Submitted by:	Eygene Ryabinkin <rea-fbsd _at\ codelabs.ru>
Approved by:	Alex Samorukov (maintainer)
Security:	http://secunia.com/advisories/31519
 2009-01-04 06:21:42 +00:00
Martin Wilke
fb60b744cf - Cleanup (fix whitespaces, typos) 2009-01-03 12:35:32 +00:00
Chin-San Huang
3d89865a95 - Completely fix CVE-2005-0448 
PR:		ports/129301
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
 2009-01-03 12:06:45 +00:00
Erwin Lansing
5992cfefd4 Bump copyright year. 2009-01-02 09:56:29 +00:00
Thomas Abthorpe
4a47213bfb - Document vim -- multiple vulnerabilities in the netrw module 
PR:		ports/129137
Submitted by:	Eygene Ryabinkin <rea-fbsd codelabs.ru>
 2009-01-02 04:44:10 +00:00
Jeremy Messenger
f09fefbfe7 Add vinagre -- format string vulnerability entry. 
PR:		ports/129959
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
 2008-12-31 21:23:01 +00:00
Greg Larkin
6691f735ab Document twiki - multiple vulnerabilities 2008-12-30 19:16:14 +00:00
Alex Dupre
ddfc4e0b77 Add entry for roundcube. 
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
 2008-12-30 17:09:02 +00:00
Martin Wilke
9583e35bdb - Document mysql -- MyISAM table privileges security bypass vulnerability for symlinked paths 2008-12-30 11:12:38 +00:00
Martin Wilke
6a99051daf - Document mplayer -- twinvq processing buffer overflow vulnerability 
Reported by:	Thomas Zander <riggs@rrr.de> (mplayer maintainer)
 2008-12-30 09:29:17 +00:00
Philippe Audeoud
dfc1c6e15b - ampache -- insecure temporary file usage 2008-12-26 09:22:47 +00:00
Martin Wilke
211f2c38f8 - Small cleanup for the last cups-base entry 
* CVE-2008-5184 was fixed in 1.3.8.
  * CVE-2008-1722 does not related to anything in this entry;
  * PNG buffer overflow is really CVE-2008-5286.

Reported by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
No Cookies for: miwi
 2008-12-25 16:41:54 +00:00
Martin Wilke
c6066a2ee6 - Document opera -- multiple vulnerabilities 2008-12-19 21:07:06 +00:00
Martin Wilke
9027a5b6e8 - Document mediawiki -- multiple vulnerabilities 2008-12-19 20:59:59 +00:00
Martin Wilke
9581e681f0 - Fix make validate 2008-12-19 20:36:50 +00:00
Martin Wilke
be03f0c48e - document drupal -- Multiple vulnerabilities 2008-12-19 20:29:46 +00:00
Martin Wilke
4e1254924f - Document mozilla -- multiple vulnerabilities 2008-12-19 20:01:32 +00:00
Martin Wilke
6b609129fc - Fix a small typo 2008-12-11 19:39:05 +00:00
Martin Wilke
7ea4bc00a7 - Document phpmyadmin -- cross-site request forgery vulnerability 2008-12-11 19:37:41 +00:00
Thomas Abthorpe
886ef222c2 - Document php5 -- potential magic_quotes_gpc vulnerability 
Reviewed by:	miwi
 2008-12-08 14:15:34 +00:00
Martin Wilke
7ae5ddd50e - Fix a typo 
Reported by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
 2008-12-07 19:13:45 +00:00
Martin Wilke
167bc49559 - Document wireshark -- SMTP Processing Denial of Service Vulnerability 2008-12-07 18:11:30 +00:00
Martin Wilke
e9d6eff634 - Document php -- multiple vulnerabilities 2008-12-07 12:13:14 +00:00
Martin Wilke
e01f75dd7d - Document mgetty+sendfax -- symlink attack via insecure temporary files 
PR:		based on 129471
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
 2008-12-07 11:41:30 +00:00
Martin Wilke
0d89877671 - Document dovecot-managesieve -- Script Name Directory Traversal Vulnerability 
PR:		based on 129303
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
 2008-12-07 11:32:07 +00:00
Martin Wilke
3e9cd5b4d5 Document habari -- Cross-Site Scripting Vulnerability 
PR:		129475
Submitted by:	Ayumi M <ayu@dahlia.commun.jp>
 2008-12-07 11:20:17 +00:00
Martin Wilke
146eb4c81b - Add 32545 to the latest vlc entry. 2008-12-07 09:09:22 +00:00
Martin Wilke
89008f1e7d - Document vlc -- arbitrary code execution in the RealMedia processor 2008-12-06 23:47:27 +00:00
Martin Wilke
d01626c5c2 - S/secunia/Secunia 2008-12-06 23:18:46 +00:00
Martin Wilke
cf6e091a74 - Document mantis - PHP Code Execution Vulnerability 
PR:		based on 129438
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
 2008-12-06 22:00:53 +00:00
Martin Wilke
a06b63d720 Document mantis -- multiple vulnerabilities 
PR:		based on 129438
 2008-12-06 21:55:49 +00:00
Martin Wilke
eb1f04011d - Fix previous entry 2008-12-04 20:10:06 +00:00
Thomas Abthorpe
e7f45de9af - Document squirrelmail -- Cross site scripting vulnerability 2008-12-04 19:37:34 +00:00
Martin Wilke
7296ff0c79 - Fix discovery from previous entry 2008-11-29 16:24:41 +00:00
Martin Wilke
21f546011e - Document openoffice -- arbitrary code execution vulnerabilities 
PR:		based on 129192
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
 2008-11-29 16:16:01 +00:00
Martin Wilke
d0a46d18ec - Document wordpress -- Header RSS Feed Script Insertion Vulnerability 2008-11-29 15:15:33 +00:00
Martin Wilke
1c54bc3bc1 - Document samba -- potential leakage of arbitrary memory contents 
- Fix my previous entry
 2008-11-29 14:31:33 +00:00
Martin Wilke
8c548377ad - Document hplip -- hpssd Denial of Service 
PR:		based on 129097
Submitted by:	Eygene Ryabinkin
 2008-11-29 13:48:43 +00:00
Martin Wilke
be1edfb785 - Document cups -- multiple vulnerabilities 2008-11-29 13:04:54 +00:00
Stanislav Sedov
79d7cbd775 - Document a buffer overflow vulnerability in imlib2. 
PR:		ports/129037
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
 2008-11-24 17:47:52 +00:00
Martin Wilke
5ac5f7cf8b - Fix latest mozilla entry 
Note:
	mail/thunderbird and mail/linux-thunderbird versions are wrong.
	All problems are fixed in 2.0.0.18 and not in 2.0.0.17.

Pointy hat to:	tabthorpe
 2008-11-23 16:04:35 +00:00
Martin Wilke
ed6a0fdedb - Document streamripper -- multiple buffer overflows 
PR:		based on 128999
 2008-11-23 08:38:54 +00:00
Martin Wilke
e1baec3e5a - Dokument -- Mantis: Session hijacking vulnerability 2008-11-22 22:01:10 +00:00
Martin Wilke
547c1dffa6 - Cleanup 
- Fix a lot whitespaces
 2008-11-22 21:46:04 +00:00
Xin LI
301edfdf6c Document two ACL bypassing vulnerabilities of dovecot. 
Submitted by:	Eygene Ryabinkin <rea-fbsd codelabs.ru> (with changes)
PR:		ports/129000
 2008-11-19 22:37:18 +00:00
Thomas Abthorpe
592e12bfdd - Document libxml2 -- multiple vulnerabilities 2008-11-19 21:07:47 +00:00
Thomas Abthorpe
6a1535676c - Document openfire -- multiple vulnerabilities 2008-11-19 15:24:44 +00:00
Wesley Shields
f83ede5241 Document syslog-ng2 chroot vulnerability. 
PR:		ports/128960
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
Reviewed by:	tabthorpe
 2008-11-18 23:07:15 +00:00
Rong-En Fan
18fc6a624e - Add a missing new line between entries 2008-11-18 15:34:10 +00:00
Rong-En Fan
f3cf253f4f - Add an entry for print/enscript and its slave ports 
PR:		ports/128958
Submitted by:	Eygene Ryabinkin <rea-fbsd at codelabs.ru> (based on)
Reviewed by:	stas@
 2008-11-18 15:33:33 +00:00
Wesley Shields
7d45ea9f2a Add CVE identifier for clamav off-by-one error. 
PR:		ports/128924
Submitted by:	Mark Foster <mark@foster.cc>
 2008-11-17 19:02:06 +00:00
Stanislav Sedov
f47931fa24 - Fix an indentation in the latest net-snmp entry. 2008-11-16 10:01:28 +00:00
Stanislav Sedov
4a689e2dfb - Document the recent chain validation vulnerability in gnutls. 
PR:		ports/128868
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru> (based on)
 2008-11-16 09:59:35 +00:00
Martin Wilke
408ae4ba05 - Fix formating 2008-11-15 17:04:28 +00:00
Jun Kuriyama
135e82be29 Add entry for net-snmp (fix will be followed). 
PR:		ports128772, ports/128837
Submitted by:	"Mark D. Foster" <mark@foster.cc>,
		Eygene Ryabinkin <rea-fbsd@codelabs.ru>
 2008-11-14 06:16:43 +00:00
Martin Wilke
f6e1886141 - Cleanup 
* Add some more references to the faad2 entry
  * Fix formating for the last emacs and trac entry
 2008-11-13 20:43:57 +00:00
Thomas Abthorpe
a8bfb89430 - Document mozilla -- multiple vulnerabilities 
Reviewed by:	simon
 2008-11-13 18:24:31 +00:00
Thomas Abthorpe
ff55b7f331 - Document faad2 -- heap overflow vulnerability 2008-11-12 17:06:56 +00:00
Martin Wilke
9bf178e200 - Fix multimedia/vlc entry 2008-11-11 22:22:14 +00:00
Boris Samorodov
a995a7306b Document vulnerability in Emacs python integration. 
PR:		127168
Submitted by:	keramida
 2008-11-10 22:50:28 +00:00
Renato Botelho
83b30cddaa - Document clamav get_unicode_name() off-by-one buffer overflow, 0.94.1 have 
fixed the problem [1]
- Since i'm here, document clamav-devel either

PR:		ports/128749 [1]
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru> [1]
 2008-11-10 11:53:00 +00:00
Xin LI
b9a0143b6a Document trac wiki markup DoS issue 2008-11-09 03:46:45 +00:00
Martin Wilke
f4ba11f844 - Document vlc -- cue processing stack overflow 2008-11-08 21:30:14 +00:00
Remko Lodder
b9d2e925c3 Document opera -- multiple vulnerabilities 
With hat:	secteam
Requested by:	simon
 2008-11-03 19:17:53 +00:00
Juergen Lock
f512263469 Document qemu -- Heap overflow in Cirrus emulation 2008-11-02 22:47:41 +00:00
Xin LI
e93a8a6c41 Fix BugTraq ID :( 
Pointy hat to:	delphij
 2008-11-01 00:21:34 +00:00
Xin LI
a95ad0c4d4 Add more reference with last commit 2008-10-31 23:58:01 +00:00
Xin LI
3d9c507cab Document phpmyadmin XSS issue 2008-10-31 23:52:28 +00:00
Jeremy Messenger
600b1b99f3 Add linux-opera with opera entries. Remove the YYYYMMDD in the version (ie: 
9.61.YYYYMMDD -> 9.61) as linux-opera does not do it anymore. It should not
affect anything on opera.
 2008-10-29 06:16:26 +00:00
Martin Wilke
1829ed7be9 - Fix formating 2008-10-28 21:04:29 +00:00
Thomas Abthorpe
e18a636604 - Document opera -- multiple vulnerabilities 
PR:		ports/128264
Submitted by:	Arjan van Leeuwen <freebsd-maintainer opera.com>
 2008-10-28 20:05:44 +00:00
Thomas Abthorpe
38c1620add - Document libspf2 -- Buffer overflow 2008-10-27 18:47:05 +00:00
Martin Wilke
78b7370a6a - Document openx -- sql injection vulnerability 2008-10-25 20:13:07 +00:00
Martin Wilke
1085424bf5 - Fix duplicate wording 2008-10-25 19:09:24 +00:00
Martin Wilke
f066f6dd2e - Document flyspray -- multiple vulnerabilities 
Submitted by:	Nick Hilliard (nick@foobar.org) (based on)
 2008-10-25 18:51:13 +00:00
Xin LI
509706c196 Document wordpress snoopy shell command execution vulnerability 2008-10-24 19:13:15 +00:00
Martin Wilke
7aa1b688c9 - Fix libxine entry 2008-10-24 16:56:30 +00:00
Stanislav Sedov
b5e3a4a0f6 - Whitespace fix in last entry. 2008-10-22 21:02:50 +00:00
Xin LI
9327df8509 Document drupal multiple vulnerabilities. 
Submitted by:	Nick Hilliard <nick foobar org>
 2008-10-22 20:55:59 +00:00
Xin LI
2b2619052e Newer version of wordpress-mu has resolved the security vulnerability, 
I have verified the code with respect to older release and to wordpress
changeset.

Reviewed by:	stas
 2008-10-22 20:02:12 +00:00
Jeremy Messenger
0fefcf6b39 The libxml2-2.6.32_1 now have two security fixed. If I edit it incorrect, 
please fix it for me.
 2008-10-20 16:19:08 +00:00
MANTANI Nobutaka
9d5b818851 Document libxine denial of service vulnerability. 2008-10-19 13:21:11 +00:00
Martin Wilke
7f8aada91b - Fix formating from previous entry 2008-10-18 12:52:11 +00:00
Thomas Abthorpe
58521b7292 - Fix previous commit 2008-10-18 02:15:23 +00:00
Thomas Abthorpe
c6f8bdd6f0 - Document linux-flashplugin -- multiple vulnerabilities 
Reviewed by:	stas
 2008-10-17 22:31:17 +00:00
Xin LI
48d90f8ac3 Document libxml2 vulnerabilities. 2008-10-15 09:19:59 +00:00
Martin Wilke
790a88b36a - Fix a small typo 2008-10-12 16:49:39 +00:00
Martin Wilke
5d6565d8ae - Document drupal -- multiple vulnerabilities 2008-10-12 16:37:10 +00:00
Xin LI
c08864ce38 Document cups multiple vulnerabilities. 2008-10-10 22:40:00 +00:00
Alex Dupre
445b1db5c9 Update mysql entries. 2008-10-10 18:58:32 +00:00
Martin Wilke
fc9e7e3d0b - Fix formating and remove whitespaces from previous commit. 2008-10-10 10:00:19 +00:00
Ion-Mihai Tetcu
5eae56f9fe Add two www/opera vulnarabilities which affect versions <9.60.20081004 
PR:		ports/127941
Submitted by:	Arjan van Leeuwen (opera maintainer)
 2008-10-10 09:41:09 +00:00
Stanislav Sedov
afd4019405 - Capitalize "Secunia" word in all entries. 
Reviewed by:	tabthorpe
 2008-10-02 22:37:26 +00:00
Stanislav Sedov
e865c296d5 - Mplayer vulnerability has been fixed in 0.99.11_7. 2008-10-01 21:31:33 +00:00
Stanislav Sedov
0eb7b70dde - Document mysql-client input validation vulnerability. 2008-09-30 20:46:02 +00:00
Stanislav Sedov
ed2e206938 - Document mplayer integer overflows. 2008-09-30 20:13:07 +00:00
Simon L. B. Nielsen
ed642c9ffb Bump copyright year. 2008-09-29 22:56:48 +00:00
Simon L. B. Nielsen
6e7cfa53d6 Really fix firefox 3 part of the latest mozilla entry. Now it doesn't 
match fixed firefox 2 versions.

Cluebat:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
Pointyhat:	simon (for too quick review of last update)
 2008-09-29 22:45:46 +00:00
Martin Wilke
c4a794660b - Fix bad firefox3 specification 
PR:		127712
Reported by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
Reviewed by:	simon
 2008-09-29 11:46:06 +00:00
Marcus Alves Grando
c570926974 lighttpd -- multiple vulnerabilities 2008-09-27 23:48:47 +00:00
Martin Wilke
6ca9866321 - Fix last thunderbird entrys 
- Bump modified date
 2008-09-26 23:07:17 +00:00
Martin Wilke
454998b922 - Cleanup previous entry. 2008-09-26 21:43:26 +00:00
Henrik Brix Andersen
da6154d9ef Add irc/bitlbee entry. 2008-09-26 21:38:30 +00:00
Simon L. B. Nielsen
ad300692f0 - Update samba entries so they don't match upcomming Samba 3.2 which 
doesn't have PORTEPOCH in the version number.
- Bump modified date for all updated entries.

Requested by:	timur
 2008-09-26 21:10:17 +00:00
Martin Wilke
1e4f98ac78 - Fix firefox version 
Reported by:	bsam@
 2008-09-24 14:59:54 +00:00
Martin Wilke
432b081364 - Fix a typo (s/reportss/reports) 
Submitted by:	tabthorpe/remko
 2008-09-24 12:39:42 +00:00
Martin Wilke
b6fbc3d224 - Document mozilla -- multiple vulnerabilities 2008-09-24 12:09:44 +00:00
Martin Wilke
9e80f6244f - Mark ftp/proftpd as safe 
- Add more references to the last phpMyAdmin entry
 2008-09-23 21:51:39 +00:00
Thomas Abthorpe
90f1ea84e3 - Document squirrelmail -- Session hijacking vulnerability 2008-09-23 19:13:11 +00:00
Martin Wilke
eeb21d012d - Fix discovery from my previous commit 2008-09-23 10:07:43 +00:00
Martin Wilke
aefe80fcaa - Document proftpd -- Long Command Processing Vulnerability 2008-09-23 10:06:00 +00:00
Martin Wilke
3774a178ca - Document phpmyadmin -- cross-site scripting vulnerability 2008-09-23 09:21:19 +00:00
Martin Wilke
1bccda18cf - Document gallery -- multiple vulnerabilities 
Approved by:	portmgr (secteam blanked)
 2008-09-19 20:44:07 +00:00
Martin Wilke
0a371162cd - Replace phpmyadmin with phpMyAdmin to fix portaudit 
Note:
	portaudit does not flag phpmyadmin as vulnerable,
	so we need to change it to the pkgname (phpMyAdmin).

Reported by:	glarkin@
Reviewed by:	simon
Discussion on:	ports-security@
Approved by:	portmgr (secteam blanked)
 2008-09-17 17:10:45 +00:00