freebsd-ports

Author	SHA1	Message	Date
Martin Wilke	74e66cffb3	- Document imap-uw -- local buffer overflow vulnerabilities PR: 128923 Submitted by: Mark Foster <mark@foster.cc> Approved by: maintainer timeout	2009-01-11 14:29:50 +00:00
Martin Wilke	ca61f4353a	- Document libcdaudio -- remote buffer overflow and code execution	2009-01-11 13:15:53 +00:00
Thomas Abthorpe	47b4570f87	- Mark xterm 238 safe	2009-01-06 04:31:42 +00:00
Remko Lodder	4e34f82619	Import latest FreeBSD-SA's so that we are up to date again.	2009-01-05 10:09:57 +00:00
Stanislav Sedov	dc769dae8d	- Document xterm vulnerability.	2009-01-05 09:40:29 +00:00
Stanislav Sedov	d965e28c53	- Document PHP gd library vulnerability.	2009-01-05 09:06:12 +00:00
Martin Wilke	69689f20c0	- Update awstats entry (also affect www/awstats-devel)	2009-01-04 09:13:16 +00:00
Chin-San Huang	bd27d11ffa	- Fix the affected version of awstats	2009-01-04 08:01:22 +00:00
Chin-San Huang	915242e775	- Document awstats -- multiple XSS vulnerabilities PR: ports/129957 Submitted by: Eygene Ryabinkin <rea-fbsd _at\ codelabs.ru> Approved by: Alex Samorukov (maintainer) Security: http://secunia.com/advisories/31519	2009-01-04 06:21:42 +00:00
Martin Wilke	fb60b744cf	- Cleanup (fix whitespaces, typos)	2009-01-03 12:35:32 +00:00
Chin-San Huang	3d89865a95	- Completely fix CVE-2005-0448 PR: ports/129301 Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>	2009-01-03 12:06:45 +00:00
Erwin Lansing	5992cfefd4	Bump copyright year.	2009-01-02 09:56:29 +00:00
Thomas Abthorpe	4a47213bfb	- Document vim -- multiple vulnerabilities in the netrw module PR: ports/129137 Submitted by: Eygene Ryabinkin <rea-fbsd codelabs.ru>	2009-01-02 04:44:10 +00:00
Jeremy Messenger	f09fefbfe7	Add vinagre -- format string vulnerability entry. PR: ports/129959 Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>	2008-12-31 21:23:01 +00:00
Greg Larkin	6691f735ab	Document twiki - multiple vulnerabilities	2008-12-30 19:16:14 +00:00
Alex Dupre	ddfc4e0b77	Add entry for roundcube. Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>	2008-12-30 17:09:02 +00:00
Martin Wilke	9583e35bdb	- Document mysql -- MyISAM table privileges security bypass vulnerability for symlinked paths	2008-12-30 11:12:38 +00:00
Martin Wilke	6a99051daf	- Document mplayer -- twinvq processing buffer overflow vulnerability Reported by: Thomas Zander <riggs@rrr.de> (mplayer maintainer)	2008-12-30 09:29:17 +00:00
Philippe Audeoud	dfc1c6e15b	- ampache -- insecure temporary file usage	2008-12-26 09:22:47 +00:00
Martin Wilke	211f2c38f8	- Small cleanup for the last cups-base entry * CVE-2008-5184 was fixed in 1.3.8. * CVE-2008-1722 does not related to anything in this entry; * PNG buffer overflow is really CVE-2008-5286. Reported by: Eygene Ryabinkin <rea-fbsd@codelabs.ru> No Cookies for: miwi	2008-12-25 16:41:54 +00:00
Martin Wilke	c6066a2ee6	- Document opera -- multiple vulnerabilities	2008-12-19 21:07:06 +00:00
Martin Wilke	9027a5b6e8	- Document mediawiki -- multiple vulnerabilities	2008-12-19 20:59:59 +00:00
Martin Wilke	9581e681f0	- Fix make validate	2008-12-19 20:36:50 +00:00
Martin Wilke	be03f0c48e	- document drupal -- Multiple vulnerabilities	2008-12-19 20:29:46 +00:00
Martin Wilke	4e1254924f	- Document mozilla -- multiple vulnerabilities	2008-12-19 20:01:32 +00:00
Martin Wilke	6b609129fc	- Fix a small typo	2008-12-11 19:39:05 +00:00
Martin Wilke	7ea4bc00a7	- Document phpmyadmin -- cross-site request forgery vulnerability	2008-12-11 19:37:41 +00:00
Thomas Abthorpe	886ef222c2	- Document php5 -- potential magic_quotes_gpc vulnerability Reviewed by: miwi	2008-12-08 14:15:34 +00:00
Martin Wilke	7ae5ddd50e	- Fix a typo Reported by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>	2008-12-07 19:13:45 +00:00
Martin Wilke	167bc49559	- Document wireshark -- SMTP Processing Denial of Service Vulnerability	2008-12-07 18:11:30 +00:00
Martin Wilke	e9d6eff634	- Document php -- multiple vulnerabilities	2008-12-07 12:13:14 +00:00
Martin Wilke	e01f75dd7d	- Document mgetty+sendfax -- symlink attack via insecure temporary files PR: based on 129471 Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>	2008-12-07 11:41:30 +00:00
Martin Wilke	0d89877671	- Document dovecot-managesieve -- Script Name Directory Traversal Vulnerability PR: based on 129303 Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>	2008-12-07 11:32:07 +00:00
Martin Wilke	3e9cd5b4d5	Document habari -- Cross-Site Scripting Vulnerability PR: 129475 Submitted by: Ayumi M <ayu@dahlia.commun.jp>	2008-12-07 11:20:17 +00:00
Martin Wilke	146eb4c81b	- Add 32545 to the latest vlc entry.	2008-12-07 09:09:22 +00:00
Martin Wilke	89008f1e7d	- Document vlc -- arbitrary code execution in the RealMedia processor	2008-12-06 23:47:27 +00:00
Martin Wilke	d01626c5c2	- S/secunia/Secunia	2008-12-06 23:18:46 +00:00
Martin Wilke	cf6e091a74	- Document mantis - PHP Code Execution Vulnerability PR: based on 129438 Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>	2008-12-06 22:00:53 +00:00
Martin Wilke	a06b63d720	Document mantis -- multiple vulnerabilities PR: based on 129438	2008-12-06 21:55:49 +00:00
Martin Wilke	eb1f04011d	- Fix previous entry	2008-12-04 20:10:06 +00:00
Thomas Abthorpe	e7f45de9af	- Document squirrelmail -- Cross site scripting vulnerability	2008-12-04 19:37:34 +00:00
Martin Wilke	7296ff0c79	- Fix discovery from previous entry	2008-11-29 16:24:41 +00:00
Martin Wilke	21f546011e	- Document openoffice -- arbitrary code execution vulnerabilities PR: based on 129192 Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>	2008-11-29 16:16:01 +00:00
Martin Wilke	d0a46d18ec	- Document wordpress -- Header RSS Feed Script Insertion Vulnerability	2008-11-29 15:15:33 +00:00
Martin Wilke	1c54bc3bc1	- Document samba -- potential leakage of arbitrary memory contents - Fix my previous entry	2008-11-29 14:31:33 +00:00
Martin Wilke	8c548377ad	- Document hplip -- hpssd Denial of Service PR: based on 129097 Submitted by: Eygene Ryabinkin	2008-11-29 13:48:43 +00:00
Martin Wilke	be1edfb785	- Document cups -- multiple vulnerabilities	2008-11-29 13:04:54 +00:00
Stanislav Sedov	79d7cbd775	- Document a buffer overflow vulnerability in imlib2. PR: ports/129037 Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>	2008-11-24 17:47:52 +00:00
Martin Wilke	5ac5f7cf8b	- Fix latest mozilla entry Note: mail/thunderbird and mail/linux-thunderbird versions are wrong. All problems are fixed in 2.0.0.18 and not in 2.0.0.17. Pointy hat to: tabthorpe	2008-11-23 16:04:35 +00:00
Martin Wilke	ed6a0fdedb	- Document streamripper -- multiple buffer overflows PR: based on 128999	2008-11-23 08:38:54 +00:00
Martin Wilke	e1baec3e5a	- Dokument -- Mantis: Session hijacking vulnerability	2008-11-22 22:01:10 +00:00
Martin Wilke	547c1dffa6	- Cleanup - Fix a lot whitespaces	2008-11-22 21:46:04 +00:00
Xin LI	301edfdf6c	Document two ACL bypassing vulnerabilities of dovecot. Submitted by: Eygene Ryabinkin <rea-fbsd codelabs.ru> (with changes) PR: ports/129000	2008-11-19 22:37:18 +00:00
Thomas Abthorpe	592e12bfdd	- Document libxml2 -- multiple vulnerabilities	2008-11-19 21:07:47 +00:00
Thomas Abthorpe	6a1535676c	- Document openfire -- multiple vulnerabilities	2008-11-19 15:24:44 +00:00
Wesley Shields	f83ede5241	Document syslog-ng2 chroot vulnerability. PR: ports/128960 Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru> Reviewed by: tabthorpe	2008-11-18 23:07:15 +00:00
Rong-En Fan	18fc6a624e	- Add a missing new line between entries	2008-11-18 15:34:10 +00:00
Rong-En Fan	f3cf253f4f	- Add an entry for print/enscript and its slave ports PR: ports/128958 Submitted by: Eygene Ryabinkin <rea-fbsd at codelabs.ru> (based on) Reviewed by: stas@	2008-11-18 15:33:33 +00:00
Wesley Shields	7d45ea9f2a	Add CVE identifier for clamav off-by-one error. PR: ports/128924 Submitted by: Mark Foster <mark@foster.cc>	2008-11-17 19:02:06 +00:00
Stanislav Sedov	f47931fa24	- Fix an indentation in the latest net-snmp entry.	2008-11-16 10:01:28 +00:00
Stanislav Sedov	4a689e2dfb	- Document the recent chain validation vulnerability in gnutls. PR: ports/128868 Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru> (based on)	2008-11-16 09:59:35 +00:00
Martin Wilke	408ae4ba05	- Fix formating	2008-11-15 17:04:28 +00:00
Jun Kuriyama	135e82be29	Add entry for net-snmp (fix will be followed). PR: ports128772, ports/128837 Submitted by: "Mark D. Foster" <mark@foster.cc>, Eygene Ryabinkin <rea-fbsd@codelabs.ru>	2008-11-14 06:16:43 +00:00
Martin Wilke	f6e1886141	- Cleanup * Add some more references to the faad2 entry * Fix formating for the last emacs and trac entry	2008-11-13 20:43:57 +00:00
Thomas Abthorpe	a8bfb89430	- Document mozilla -- multiple vulnerabilities Reviewed by: simon	2008-11-13 18:24:31 +00:00
Thomas Abthorpe	ff55b7f331	- Document faad2 -- heap overflow vulnerability	2008-11-12 17:06:56 +00:00
Martin Wilke	9bf178e200	- Fix multimedia/vlc entry	2008-11-11 22:22:14 +00:00
Boris Samorodov	a995a7306b	Document vulnerability in Emacs python integration. PR: 127168 Submitted by: keramida	2008-11-10 22:50:28 +00:00
Renato Botelho	83b30cddaa	- Document clamav get_unicode_name() off-by-one buffer overflow, 0.94.1 have fixed the problem [1] - Since i'm here, document clamav-devel either PR: ports/128749 [1] Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru> [1]	2008-11-10 11:53:00 +00:00
Xin LI	b9a0143b6a	Document trac wiki markup DoS issue	2008-11-09 03:46:45 +00:00
Martin Wilke	f4ba11f844	- Document vlc -- cue processing stack overflow	2008-11-08 21:30:14 +00:00
Remko Lodder	b9d2e925c3	Document opera -- multiple vulnerabilities With hat: secteam Requested by: simon	2008-11-03 19:17:53 +00:00
Juergen Lock	f512263469	Document qemu -- Heap overflow in Cirrus emulation	2008-11-02 22:47:41 +00:00
Xin LI	e93a8a6c41	Fix BugTraq ID :( Pointy hat to: delphij	2008-11-01 00:21:34 +00:00
Xin LI	a95ad0c4d4	Add more reference with last commit	2008-10-31 23:58:01 +00:00
Xin LI	3d9c507cab	Document phpmyadmin XSS issue	2008-10-31 23:52:28 +00:00
Jeremy Messenger	600b1b99f3	Add linux-opera with opera entries. Remove the YYYYMMDD in the version (ie: 9.61.YYYYMMDD -> 9.61) as linux-opera does not do it anymore. It should not affect anything on opera.	2008-10-29 06:16:26 +00:00
Martin Wilke	1829ed7be9	- Fix formating	2008-10-28 21:04:29 +00:00
Thomas Abthorpe	e18a636604	- Document opera -- multiple vulnerabilities PR: ports/128264 Submitted by: Arjan van Leeuwen <freebsd-maintainer opera.com>	2008-10-28 20:05:44 +00:00
Thomas Abthorpe	38c1620add	- Document libspf2 -- Buffer overflow	2008-10-27 18:47:05 +00:00
Martin Wilke	78b7370a6a	- Document openx -- sql injection vulnerability	2008-10-25 20:13:07 +00:00
Martin Wilke	1085424bf5	- Fix duplicate wording	2008-10-25 19:09:24 +00:00
Martin Wilke	f066f6dd2e	- Document flyspray -- multiple vulnerabilities Submitted by: Nick Hilliard (nick@foobar.org) (based on)	2008-10-25 18:51:13 +00:00
Xin LI	509706c196	Document wordpress snoopy shell command execution vulnerability	2008-10-24 19:13:15 +00:00
Martin Wilke	7aa1b688c9	- Fix libxine entry	2008-10-24 16:56:30 +00:00
Stanislav Sedov	b5e3a4a0f6	- Whitespace fix in last entry.	2008-10-22 21:02:50 +00:00
Xin LI	9327df8509	Document drupal multiple vulnerabilities. Submitted by: Nick Hilliard <nick foobar org>	2008-10-22 20:55:59 +00:00
Xin LI	2b2619052e	Newer version of wordpress-mu has resolved the security vulnerability, I have verified the code with respect to older release and to wordpress changeset. Reviewed by: stas	2008-10-22 20:02:12 +00:00
Jeremy Messenger	0fefcf6b39	The libxml2-2.6.32_1 now have two security fixed. If I edit it incorrect, please fix it for me.	2008-10-20 16:19:08 +00:00
MANTANI Nobutaka	9d5b818851	Document libxine denial of service vulnerability.	2008-10-19 13:21:11 +00:00
Martin Wilke	7f8aada91b	- Fix formating from previous entry	2008-10-18 12:52:11 +00:00
Thomas Abthorpe	58521b7292	- Fix previous commit	2008-10-18 02:15:23 +00:00
Thomas Abthorpe	c6f8bdd6f0	- Document linux-flashplugin -- multiple vulnerabilities Reviewed by: stas	2008-10-17 22:31:17 +00:00
Xin LI	48d90f8ac3	Document libxml2 vulnerabilities.	2008-10-15 09:19:59 +00:00
Martin Wilke	790a88b36a	- Fix a small typo	2008-10-12 16:49:39 +00:00
Martin Wilke	5d6565d8ae	- Document drupal -- multiple vulnerabilities	2008-10-12 16:37:10 +00:00
Xin LI	c08864ce38	Document cups multiple vulnerabilities.	2008-10-10 22:40:00 +00:00
Alex Dupre	445b1db5c9	Update mysql entries.	2008-10-10 18:58:32 +00:00
Martin Wilke	fc9e7e3d0b	- Fix formating and remove whitespaces from previous commit.	2008-10-10 10:00:19 +00:00
Ion-Mihai Tetcu	5eae56f9fe	Add two www/opera vulnarabilities which affect versions <9.60.20081004 PR: ports/127941 Submitted by: Arjan van Leeuwen (opera maintainer)	2008-10-10 09:41:09 +00:00
Stanislav Sedov	afd4019405	- Capitalize "Secunia" word in all entries. Reviewed by: tabthorpe	2008-10-02 22:37:26 +00:00
Stanislav Sedov	e865c296d5	- Mplayer vulnerability has been fixed in 0.99.11_7.	2008-10-01 21:31:33 +00:00
Stanislav Sedov	0eb7b70dde	- Document mysql-client input validation vulnerability.	2008-09-30 20:46:02 +00:00
Stanislav Sedov	ed2e206938	- Document mplayer integer overflows.	2008-09-30 20:13:07 +00:00
Simon L. B. Nielsen	ed642c9ffb	Bump copyright year.	2008-09-29 22:56:48 +00:00
Simon L. B. Nielsen	6e7cfa53d6	Really fix firefox 3 part of the latest mozilla entry. Now it doesn't match fixed firefox 2 versions. Cluebat: Eygene Ryabinkin <rea-fbsd@codelabs.ru> Pointyhat: simon (for too quick review of last update)	2008-09-29 22:45:46 +00:00
Martin Wilke	c4a794660b	- Fix bad firefox3 specification PR: 127712 Reported by: Eygene Ryabinkin <rea-fbsd@codelabs.ru> Reviewed by: simon	2008-09-29 11:46:06 +00:00
Marcus Alves Grando	c570926974	lighttpd -- multiple vulnerabilities	2008-09-27 23:48:47 +00:00
Martin Wilke	6ca9866321	- Fix last thunderbird entrys - Bump modified date	2008-09-26 23:07:17 +00:00
Martin Wilke	454998b922	- Cleanup previous entry.	2008-09-26 21:43:26 +00:00
Henrik Brix Andersen	da6154d9ef	Add irc/bitlbee entry.	2008-09-26 21:38:30 +00:00
Simon L. B. Nielsen	ad300692f0	- Update samba entries so they don't match upcomming Samba 3.2 which doesn't have PORTEPOCH in the version number. - Bump modified date for all updated entries. Requested by: timur	2008-09-26 21:10:17 +00:00
Martin Wilke	1e4f98ac78	- Fix firefox version Reported by: bsam@	2008-09-24 14:59:54 +00:00
Martin Wilke	432b081364	- Fix a typo (s/reportss/reports) Submitted by: tabthorpe/remko	2008-09-24 12:39:42 +00:00
Martin Wilke	b6fbc3d224	- Document mozilla -- multiple vulnerabilities	2008-09-24 12:09:44 +00:00
Martin Wilke	9e80f6244f	- Mark ftp/proftpd as safe - Add more references to the last phpMyAdmin entry	2008-09-23 21:51:39 +00:00
Thomas Abthorpe	90f1ea84e3	- Document squirrelmail -- Session hijacking vulnerability	2008-09-23 19:13:11 +00:00
Martin Wilke	eeb21d012d	- Fix discovery from my previous commit	2008-09-23 10:07:43 +00:00
Martin Wilke	aefe80fcaa	- Document proftpd -- Long Command Processing Vulnerability	2008-09-23 10:06:00 +00:00
Martin Wilke	3774a178ca	- Document phpmyadmin -- cross-site scripting vulnerability	2008-09-23 09:21:19 +00:00
Martin Wilke	1bccda18cf	- Document gallery -- multiple vulnerabilities Approved by: portmgr (secteam blanked)	2008-09-19 20:44:07 +00:00
Martin Wilke	0a371162cd	- Replace phpmyadmin with phpMyAdmin to fix portaudit Note: portaudit does not flag phpmyadmin as vulnerable, so we need to change it to the pkgname (phpMyAdmin). Reported by: glarkin@ Reviewed by: simon Discussion on: ports-security@ Approved by: portmgr (secteam blanked)	2008-09-17 17:10:45 +00:00
Martin Wilke	73b5662391	- Document phpmyadmin -- Code execution vulnerability Approved by: portmgr (secteam blanked)	2008-09-17 08:41:26 +00:00
Martin Wilke	79f27418cc	- Fix previous commit Approved by: portmgr (secteam blanked)	2008-09-15 09:07:31 +00:00
Greg Larkin	903bc40e2f	- Mark www/twiki FORBIDDEN due to security exploit Approved by: beech (mentor, implicit) Approved by: portmgr (pav) Security: http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2008-3195	2008-09-15 02:03:17 +00:00
Martin Wilke	af55c84b56	- corrects the bid number from me previous commit Approved by: portmgr (secteam blanked)	2008-09-12 09:41:15 +00:00
Martin Wilke	6e39f69a6f	- Document neon -- NULL pointer dereference in Digest domain support Approved by: portmgr (secteam blanked)	2008-09-12 09:12:18 +00:00
Xin LI	80b5f0be4e	Document clamav CHM parser DoS issue. Approved by: portmgr (vuxml blanket)	2008-09-12 04:31:17 +00:00
Martin Wilke	6fe8f381c0	- Document horde -- multiple vulnerabilities Approved by: portmgr (secteam blanked)	2008-09-11 11:45:37 +00:00
Martin Wilke	f3cdc317d3	- Document python -- multiple vulnerabilities Reviewed by: remko/tabthorpe Approved by: portmgr (secteam blanked)	2008-09-11 07:52:32 +00:00
Martin Wilke	5f948e478e	- Mark www/wordpress and german/wordpress as safe Approved by: portmgr (secteam approved: remko, blanket vuxml)	2008-09-10 12:09:26 +00:00
Stanislav Sedov	2ddefc97cd	- Document wordpress, rails and mysql vulnerabilties. Reviewed by: remko Approved by: portmgr (secteam approved: remko, blanket vuxml)	2008-09-10 10:53:02 +00:00
Brad Davis	7a1bb458a8	Extend the Nagios entry to cover Nagios 3.x < 3.0.2. This covers the edge case of `portupgrade -o net-mgmt/nagios-devel nagios'. Approved by: portmgr (simon@ using secteam blanket)	2008-09-08 22:33:54 +00:00
Remko Lodder	57b2a4922e	Add FreeBSD-SA-08:09.icmp6	2008-09-05 16:44:26 +00:00
Remko Lodder	18f3496772	Add FreeBSD-SA-08:08.nmount	2008-09-05 16:39:02 +00:00
Remko Lodder	1098a74bda	Add FreeBSD-SA-08:07.amd64. Hat: secteam	2008-09-05 16:34:12 +00:00
Alex Dupre	a0d9ed6a84	Update for php5 safe_mode fix.	2008-09-04 14:00:12 +00:00
Simon L. B. Nielsen	df60069c82	Fix XML in openvpn-devel entry: – was used but as vuln.xml does not import HTML named entities this is not allowed - use – instead which produces the same end result.	2008-08-26 19:34:35 +00:00
Martin Wilke	4e4e174b8d	- Document opera -- multiple vulnerabilities	2008-08-25 22:12:33 +00:00
Marcus Alves Grando	4ddf4a9977	gnutls -- "gnutls_handshake()" Denial of Service	2008-08-21 02:32:38 +00:00
Xin LI	a2d52247bf	Use joomla15 as name for the vulnerability	2008-08-20 23:37:41 +00:00
Xin LI	58a535e7f9	Document joomla flaw in the reset token validation	2008-08-20 23:33:51 +00:00
Thierry Thomas	eebb128e5d	Register a Buffer Overflow Vulnerability in CDF 3.2.	2008-08-19 21:40:02 +00:00
Martin Wilke	d2c17f67f5	- Clean up whitespace a bit - Wrap long lines where appropriate - Fix previous commit	2008-08-18 22:57:28 +00:00
Martin Wilke	5798dcee89	- Fix drupal5 version	2008-08-18 22:38:23 +00:00
Martin Wilke	25ffb89ba7	- Document drupal - multiple vulnerabilities	2008-08-18 22:29:40 +00:00
Stanislav Sedov	a3a2994647	- Document recent ruby vulnerabilities.	2008-08-16 07:05:02 +00:00
Martin Wilke	308c310ee9	- fix make validate Pointy hat to: skv	2008-08-15 19:34:25 +00:00
Martin Wilke	76feecab0d	- Fix previous commit.	2008-08-15 19:31:02 +00:00
Sergey Skvortsov	e5d68d78ab	Document bugzilla directory traversal vulnerability.	2008-08-15 16:26:00 +00:00
Martin Wilke	3393ef0fec	- Document openvpn-devel -- arbitrary code execution PR: 126352 (based on) Submitted by: Matthias Andree <matthias.andree@gmx.de>	2008-08-10 21:30:29 +00:00
Martin Wilke	f5be21a894	- Fix kdewebdev conflict with upcommig kdewebdev4 Reviewed by: simon	2008-08-04 09:58:36 +00:00
Sergey Skvortsov	cf1d963f86	Fix vuxml-entries for 'devel/bugzilla*'.	2008-07-28 12:29:23 +00:00
Martin Wilke	90ab954772	- Fix portversion	2008-07-18 16:34:47 +00:00
Martin Wilke	97e568cf10	- Document phpmyadmin -- cross site request forgery vulnerabilites	2008-07-18 16:18:55 +00:00
Martin Wilke	9ebe00ef3f	- Document drupal - multiple vulnerabilities	2008-07-13 22:31:45 +00:00
Remko Lodder	5a92f290b8	Add the latest security advisory to vuxml. Hat: secteam	2008-07-13 20:47:44 +00:00
Christian Weisgerber	fe8aa0c0f3	Document poppler -- uninitialized pointer.	2008-07-09 16:44:33 +00:00
Thomas Abthorpe	6bbeedc174	- Document py-pylons -- Path traversal bug	2008-07-04 14:37:36 +00:00
Thomas Abthorpe	011fa5e5d4	- Document FreeType 2 -- Multiple Vulnerabilities PR: ports/124917 Submitted by: Nick Barkas <snb threerings.net>	2008-07-03 13:30:15 +00:00
Simon Barner	781cb19f44	Document revised patch for CVE-2008-2711.	2008-07-01 16:31:45 +00:00
Martin Wilke	ede2a8483b	- Document phpmyadmin - Cross Site Scripting Vulnerability PR: 124900	2008-06-28 23:39:48 +00:00
Xin LI	361a9e0ff2	Update squid SNMP DoS vulnerability to cover squid 3.0STABLE6 as well. Submitted by: Thomas-Martin Seck <tmseck web de>	2008-06-28 22:35:10 +00:00
Thomas Abthorpe	184b3631bd	- Document apache -- multiple vulnerabilities Reviewed by: delphij	2008-06-24 15:10:44 +00:00
Stanislav Sedov	c1187dd103	- Add missing <code></code> block around safe_mode. Pointy hat to: me	2008-06-22 21:08:08 +00:00
Stanislav Sedov	aafe20bfda	- Add a note to php-posix entry, that safe_mode is considred to be insecure by FreeBSD Security Team. - Add <code> blocks around function names. Suggested by: simon	2008-06-22 18:21:32 +00:00
Stanislav Sedov	8dba476dda	- Document php5-posix directory traversal vulnerability.	2008-06-22 09:17:51 +00:00
Jeremy Messenger	195f98320d	Fix the Firefox 3 part, it has no multiple vulnerabilities. Reviewed by: remko	2008-06-21 14:46:13 +00:00
Thomas Abthorpe	10c0f9c43d	- Document vim -- Vim Shell Command Injection Vulnerabilities Reviewed by: remko, miwi	2008-06-21 14:01:08 +00:00
Stanislav Sedov	9b9c2f302b	- Document recent ruby vulnerabilities.	2008-06-21 11:24:53 +00:00
Martin Wilke	76f29b272e	- Clean up whitespace a bit - Wrap long lines where appropriate Reviewed by: remko	2008-06-20 10:58:43 +00:00
Simon Barner	704c17a34c	Document potiential crash in fetchmail < 6.3.8_6 (in -v -v verbose mode).	2008-06-20 07:48:37 +00:00
Simon L. B. Nielsen	2a3351624f	Unbreak VuXML.org build: Use correct syntax for CVE name in latest moinmoin entry.	2008-06-15 21:05:45 +00:00
Florent Thoumie	51feb227dd	Document xorg -- multiple vulnerabilities.	2008-06-15 12:26:18 +00:00
Thomas Abthorpe	91ae8cd862	- Document moinmoin -- superuser privilege escalation Notified by: Janos Mohacsi	2008-06-14 05:30:17 +00:00
Oliver Lehmann	db76ce3a68	add an error about courier-authlib < 0.60.6	2008-06-13 04:10:02 +00:00
Hiroki Sato	daf487572d	Fix 2747fc39-915b-11dc-9239-001c2514716c. zh-xpdf, ja-xpdf, and ko-xpdf have nothing to do with "multiple remote Stream.CC vulnerabilities" because they are packages which just install additional data files.	2008-06-08 16:33:49 +00:00
Henrik Brix Andersen	a07b58883a	Add entry for www/ikiwiki. Approved by: erwin (mentor, implicit)	2008-06-01 21:04:34 +00:00
Henrik Brix Andersen	8a578933ef	Avoid confusion about backported www/ikiwiki security fix by not mentioning version 2.48 in the entry. Approved by: erwin (mentor, implicit)	2008-05-31 10:17:02 +00:00
Henrik Brix Andersen	a8dc197c39	Add www/ikiwiki entry. Approved by: erwin (mentor, implicit)	2008-05-31 09:54:50 +00:00
Thomas Abthorpe	160e81f5fc	- Fix range on previous commit Noticed by: miwi	2008-05-30 12:53:28 +00:00
Thomas Abthorpe	b7dc8557c1	- Document linux-flashplugin -- unspecified remote code execution vulnerability	2008-05-30 11:59:51 +00:00
Wesley Shields	58396abc28	Document XSS vulnerabilities in nagios and nagios-devel. PR: ports/123893 ports/123894 Submitted by: Jarrod Sayers <jarrod@netleader.com.au> (maintainer) Reviewed by: miwi Approved by: garga (mentor, implicit)	2008-05-28 22:26:47 +00:00
Wesley Shields	5a5da3c17b	Document spamdyke open relay vulnerability. PR: ports/124013 Reviewed by: miwi Approved by: garga (mentor), miwi	2008-05-27 23:50:22 +00:00
Philippe Audeoud	86d3a03abc	- Add net-p2p/peercast entry. Reviewed by: miwi Approved by: mentor (implicit)	2008-05-21 07:40:17 +00:00
Christian Weisgerber	52c3b2b850	Document libvorbis security issues.	2008-05-17 20:30:40 +00:00
Xin LI	ff4ed9a36a	Document django XSS vulnerability.	2008-05-14 08:51:43 +00:00
Christian Weisgerber	3e1e09dbcb	Document vorbis-tools Speex header processing vulnerability.	2008-05-11 19:35:33 +00:00
Juergen Lock	24a6e437cd	Document qemu -- "drive_init()" Disk Format Security Bypass	2008-05-08 20:36:00 +00:00
Martin Wilke	640ee660ee	- Sort previous commit	2008-05-08 08:22:39 +00:00
Henrik Brix Andersen	9f97971a8a	Add graphics/swfdec entry. Approved by: erwin (mentor)	2008-05-08 07:27:05 +00:00
Andrew Pantyukhin	929cd0b838	- Thunderbird 2.0.0.14 is safe	2008-05-03 09:06:41 +00:00
Martin Wilke	1434ec9333	- Document mt-daapd -- Integer overflow PR: 123285 (based on) Submitted by: Mark D. Foster <mark@foster.cc>	2008-05-02 20:22:09 +00:00
Martin Wilke	16fb04f443	- Document sdl_image - Buffer Overflow Vulnerabilities	2008-05-02 19:56:07 +00:00
Martin Wilke	103dfefe4e	- Mark PHP5 as safe	2008-05-02 09:11:35 +00:00
Martin Wilke	e4145f6730	- Mark graphics/png as safe.	2008-04-29 12:12:08 +00:00
Martin Wilke	fcc12cf0f1	- Fix last gnupg entry. PR: 123178 [1] Submitted by: Nick Barkas (via privat mail) bf <bf2006a@yahoo.com> [1]	2008-04-28 22:55:31 +00:00
Andrew Pantyukhin	999eafaca5	- Clean up whitespace a bit - Wrap long lines where appropriate - Add a vim-friendly modeline	2008-04-28 21:04:21 +00:00
Andrew Pantyukhin	fd3d40ffec	- A new Firefox vulnerability currently affects 10 of our ports, on average. A new VuXML entry usually forgets about 8 of them. Wiki: http://wiki.freebsd.org/VuXML	2008-04-28 17:14:17 +00:00
Martin Wilke	17e7e0c3c0	- Update last python entry python23 and python24 also affected PR: 123153 Submitted by: Nick Barkas <snb@threerings.net>	2008-04-28 07:34:38 +00:00
Martin Wilke	5ea72e5b65	- Mark gnupg and gnupg1 as secure	2008-04-26 23:53:52 +00:00
Martin Wilke	05a511170b	- Document gnupg -- memory corruption vulnerability	2008-04-26 22:43:53 +00:00
Xin LI	ee5de21040	Document extman password bypass vulnerability.	2008-04-25 19:03:04 +00:00
Martin Wilke	7287fa20cd	- Document mailman -- script insertion vulnerability. Submitted by: tabthorpe (one a month ago) Discussed/Reviewed by: tabthorpe	2008-04-25 13:10:37 +00:00
Martin Wilke	065b0ab837	- now really fix the CVE entry	2008-04-25 12:34:32 +00:00
Martin Wilke	d519991ade	- Fix CVE entry from the previous commit	2008-04-25 12:29:16 +00:00
Martin Wilke	30cf7f63e1	- Document mksh -- TTY Attachment Privilege Escalation.	2008-04-25 12:20:53 +00:00
Martin Wilke	0b1d186edf	- Document serendipity -- multiple cross site scripting vulnerabilities.	2008-04-25 12:05:13 +00:00
Martin Wilke	8aac63eb03	- Document firefox -- javascript harbage collector vulnerability.	2008-04-25 10:55:37 +00:00
Martin Wilke	e15cfd35f1	- Add missing - in the previous entry	2008-04-25 10:20:58 +00:00
Martin Wilke	a99b0385cd	- Remove whitespaces - Fix spelling	2008-04-25 10:12:13 +00:00
Martin Wilke	c7a13d2dbf	- Document png - unknown chunk processing uninitialized memory access	2008-04-25 10:06:12 +00:00
Martin Wilke	c1f21a2302	- Document openfire - unspecified denial of service PR: 122872 (based on)	2008-04-25 09:48:36 +00:00
Martin Wilke	16d70b28c7	- Document php -- Integer Overflow Vulnerability PR: based on 122872	2008-04-25 09:27:30 +00:00
Martin Wilke	0af08ff3dd	- Document python -- Integer Signedness Error in zlib Module	2008-04-25 08:10:05 +00:00
Martin Wilke	3b4446e69a	Document postgresql -- multiple vulnerabilities PR: 120133 (basic on) Submitted by: Nick Barkas <snb@threerings.net>	2008-04-24 23:12:03 +00:00
Martin Wilke	bba9a8c558	- Document phpMyAdmin - Shared Host Information Disclosure.	2008-04-24 21:52:21 +00:00
Martin Wilke	c31f8fec8a	- Document phpMyAdmin - Username/Password Session File Information Disclosure.	2008-04-24 21:29:48 +00:00
Thomas Abthorpe	e4b40c2d94	- Document libxine -- array index vulnerability Reviewed by: remko, miwi	2008-04-24 14:11:34 +00:00
Renato Botelho	735ee62dc6	Add an entry about clamav < 0.93 vulnerabilities Reviewed by: mnag	2008-04-16 15:28:37 +00:00
Marcus Alves Grando	e896cb4b89	lighttpd -- OpenSSL Error Queue Denial of Service Vulnerability	2008-04-13 03:52:31 +00:00
Henrik Brix Andersen	93305f716d	Add www/ikiwiki entry. Approved by: pav (co-mentor)	2008-04-12 22:15:02 +00:00
Andrew Pantyukhin	a8a1ac531c	- Enrich Firefox 2.0.0.13 entry	2008-04-08 06:22:55 +00:00
Rong-En Fan	47ee7d01be	- Use <mlist> as the references are mailing posts - Correct discovery date Noticed by: simon	2008-04-06 11:47:54 +00:00
Rong-En Fan	090dbb7b77	- Add entry for mail/postfix-policyd-weight PR: ports/122194 Reviewed by: ports-security (miwi)	2008-04-06 08:50:37 +00:00
Rong-En Fan	6ad268c407	- Add entries for www/suphp and dns/powerdns-recursor Reviewed by: ports-security (remko, simon)	2008-04-05 15:19:50 +00:00
Rong-En Fan	268d8b4d19	- Add entry for www/opera 9.26 PR: ports/122400 Reviewed by: remko, delphij	2008-04-05 06:42:09 +00:00
Xin LI	5301793045	Document mozilla multiple vulnerabilities. Reviewed by: miwi, remko (via IRC)	2008-03-30 09:18:33 +00:00
Wesley Shields	c5575d76a3	Document buffer overflow in silc-client and silc-server. Reviewed by: remko Approved by: garga (mentor)	2008-03-26 18:23:10 +00:00
Xin LI	0febd1bf2b	Document bzip2 crash with certain malformed archive files	2008-03-20 23:43:36 +00:00
Martin Wilke	0243c9b293	- Ups remove duplicate url	2008-03-11 23:50:48 +00:00
Martin Wilke	68f206fa24	- Fix previos commit * sort * more reference	2008-03-11 23:25:38 +00:00
Juergen Lock	f18aabea39	Document qemu -- unchecked block read/write vulnerability Reviewed by: stas	2008-03-11 23:09:30 +00:00
Martin Wilke	8d85c9e35a	- Fix previous commit * sort * more reference	2008-03-10 10:41:23 +00:00
Beech Rintoul	94eddc3d8d	- Add entry for dovecot	2008-03-10 02:09:01 +00:00
Martin Wilke	b1dc91d5e2	- Fix 2 typos form the previous commit Submitted by: simon/gahr	2008-03-06 23:17:21 +00:00
Martin Wilke	b45a3bfcd3	- Document mplayer - multiple vulnerabilities	2008-03-06 23:02:05 +00:00
Rong-En Fan	9dc96cd5b1	- Entry for ghostscrip-gpl 8.61 Reviewed by: ports-security@ (simon, remko)	2008-03-05 07:13:14 +00:00
Thomas Abthorpe	3a3f37927f	- Document phpmyadmin -- SQL injection vulnerability Reviewed by: simon	2008-03-05 01:01:17 +00:00
Thomas Abthorpe	91ac19ae64	- Document pcre -- buffer overflow vulnerability PR: ports/121224 Submitted by: Nick Barkas <snb threerings.net>	2008-03-01 04:08:11 +00:00
Thomas Abthorpe	24f4aab606	- Document libxine -- buffer overflow vulnerability Reviewed by: miwi	2008-02-28 01:41:13 +00:00
Martin Wilke	5127ab5e03	- Mark mail/up-imapproxy as safe Submitted by: Abdullah Ibn Hamad Al-Marri <wearabnet@yahoo.ca>	2008-02-27 09:33:42 +00:00
Thomas Abthorpe	837434d0bf	- Document coppermine -- multiple vulnerabilities. Reviewed by: miwi	2008-02-26 12:43:35 +00:00
Martin Wilke	5b7bdd92e0	- Fix previous commit (use now <bid>)	2008-02-26 12:34:28 +00:00
Thomas Abthorpe	f0bdaa181d	- Document moinmoin -- multiple vulnerabilities. Reviewed by: remko	2008-02-25 18:38:12 +00:00
Simon L. B. Nielsen	db4c5fd9f5	Document opera -- multiple vulnerabilities.	2008-02-22 00:56:27 +00:00
Simon L. B. Nielsen	712096e478	Document mozilla -- multiple vulnerabilities.	2008-02-22 00:43:24 +00:00
Xin LI	66724dfc9d	Document openldap modrdn DoS vulnerability	2008-02-22 00:26:30 +00:00
Remko Lodder	dcb64b6a2e	Document clamav -- ClamAV libclamav PE File Integer Overflow Vulnerability Submitted by: "Eygene Ryabinkin" <rea-fbsd at codelabs dot ru>	2008-02-15 10:23:57 +00:00
Martin Wilke	fb1b4928c5	- Fix previous commit Discussed with: remko	2008-02-13 17:20:03 +00:00

... 3 4 5 6 7 ...

2022 commits