freebsd-ports

Author	SHA1	Message	Date
Olli Hauer	3bcd3fdd25	- document www/yahoo-ui security issue and mark port forbidden [1] pet portlint (maintainer is already notified) - adjust CVE entries for bugzilla (CVE-2012-5475 was rejected) [2] Feature safe: yes Security: CVE-2012-5881 [1][2] CVE-2012-5882 [1][2] CVE-2012-5883 [2] Approved by: glarkin (implicit) [1]	2012-11-27 20:09:34 +00:00
Rene Ladan	11e9990c10	Describe new vulnerabilities in www/chromium < 23.0.1271.91 Obtained from: http://googlechromereleases.blogspot.nl/search/label/Stable%20updates Feature safe: yes	2012-11-27 10:02:25 +00:00
TAKATSU Tomonari	91f95126fd	- Update to 0.6.0 - Convert to new Makefile header - Trim WWW: line in pkg-descr Feature safe: yes	2012-11-26 22:57:07 +00:00
Jase Thew	70dc19873f	- Update to 1.2.3 - Assume maintainership Changes: https://raw.github.com/polarssl/polarssl/fb1ba781b398d39f4444515381babcc9e5a8dcd2/ChangeLog Feature safe: yes	2012-11-26 19:49:22 +00:00
Anton Berezin	1623ed7497	Update to 5.74. Changes: http://cpansearch.perl.org/src/MSHELOR/Digest-SHA-5.74/Changes Feature safe: yes	2012-11-26 12:31:17 +00:00
Alex Dupre	0b6035194b	Update to 1.5.3 release. Feature safe: yes	2012-11-26 10:59:28 +00:00
Florian Smeets	abbf32d4b2	- Update backports patch to 20121114 - Bump PORTREVISION Changes: - CVE-2006-7243 PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists function Secuity 3761df02-0f9c-11e0-becc-0022156e8794 fixed by check in fopen functions for strlen(filename) != filename_len - CVE-2012-4388 The sapi_header_op function in main/SAPI.c does not properly determine a pointer during checks for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, this vulnerability exists because of an incorrect fix for CVE-2011-1398. - Timezone database updated to version 2012.9 (2012i) PR: ports/173685 Submitted by: Svyatoslav Lempert <svyatoslav.lempert@gmail.com> Approved by: maintainer Feature safe: yes	2012-11-25 15:42:22 +00:00
Wesley Shields	5fb60dc50f	Add entries for the following advisories: FreeBSD-SA-12:08.linux FreeBSD-SA-12:07.hostapd FreeBSD-SA-12:06.bind Feature safe: yes	2012-11-25 04:02:28 +00:00
Steve Wills	ebdf97f80b	- Update to 0.8.7.1 - Fix installation so it doesn't overwrite your config files every time you upgrade the port - Fix some space/tab issues to make portlint happy - Use dirrmtry in a few places because some people have their own custom filters, actions, etc. PR: ports/171708 Submitted by: Mark Felder <feld@feld.me> Approved by: Christoph Theis <theis@gmx.at> (maintainer) Feature safe: yes	2012-11-24 03:08:36 +00:00
Jase Thew	8c849a82df	- Remove hardcoded dependency on security/gpg. Instead, add OPTIONS to allow choice of GnuPG version. PR: ports/172323 Approved by: jadawin (perl@) Feature safe: yes	2012-11-23 15:55:30 +00:00
Dirk Meyer	96e5bf3440	- opera -- execution of arbitrary code Feature safe: yes	2012-11-22 20:27:45 +00:00
Brendan Fabeny	a6d283edd6	update to 0.2.4.6-alpha Feature safe: yes	2012-11-22 11:30:22 +00:00
David Thiel	0a7059d585	Update to 3.0.8, unbreak with utmpx. Feature safe: Yes	2012-11-21 20:36:28 +00:00
Martin Matuska	1d8470b15e	Document new vulnerability in www/lighttpd 1.4.31 Feature safe: yes	2012-11-21 14:35:31 +00:00
Florian Smeets	9aafe503d0	- Update firefox and thunderbird to 17.0 - Update seamonkey to 2.14 - Update ESR ports and libxul to 10.0.11 - support more h264 codecs when using GSTREAMER with YouTube - Unbreak firefox-esr, thunderbird-esr and libxul on head >= 1000024 [1] - Buildsystem is not python 3 aware, use python up to 2.7 [2] PR: ports/173679 [1] Submitted by: swills [1], demon [2] In collaboration with: Jan Beich <jbeich@tormail.org> Security: d23119df-335d-11e2-b64c-c8600054b392 Approved by: portmgr (beat) Feature safe: yes	2012-11-20 23:01:15 +00:00
Brendan Fabeny	12311574e9	update to 0.2.3.25 Feature safe: yes	2012-11-20 15:08:34 +00:00
Renato Botelho	70953c6d15	Update to 20121120 Feature safe: yes	2012-11-20 14:17:04 +00:00
Frederic Culot	f51195062a	- Update to 0.14 - Add LICENSE (Artistic 1 & GPL 1) Changes: http://search.cpan.org/dist/Crypt-OpenSSL-DSA/Changes Feature safe: yes	2012-11-19 10:34:45 +00:00
Frederic Culot	e40b0f02b3	- Update to 2.31 Changes: http://search.cpan.org/dist/Crypt-CBC/Changes Feature safe: yes	2012-11-19 09:57:33 +00:00
Frederic Culot	f9d48ff0a9	- Update to 0.22 Changes: http://search.cpan.org/dist/RadiusPerl/Changes Feature safe: yes	2012-11-19 09:47:49 +00:00
Martin Matuska	41df8feeb2	horde4 update: archivers/pear-Horde_Compress 1.0.7 -> 1.0.8 databases/pear-Horde_Db 1.2.1 -> 1.2.2 deskutils/horde4-groupware 4.0.8 -> 4.0.9 deskutils/horde4-kronolith 3.0.17 -> 3.0.18 deskutils/horde4-mnemo 3.0.6 -> 3.0.7 deskutils/horde4-nag 3.0.8 -> 3.0.9 devel/pear-Horde_Alarm 1.0.7 -> 1.0.8 devel/pear-Horde_Cache 1.0.5 -> 1.0.6 devel/pear-Horde_Core 1.9.2 -> 1.9.3 devel/pear-Horde_Date 1.0.11 -> 1.0.12 devel/pear-Horde_Nls 1.1.6 -> 1.1.7 mail/horde4-imp 5.0.23 -> 5.0.24 mail/horde4-ingo 2.0.9 -> 2.0.10 mail/horde4-turba 3.0.15 -> 3.0.16 mail/horde4-webmail 4.0.8 -> 4.0.9 mail/pear-Horde_Imap_Client 1.5.5 -> 1.5.11 mail/pear-Horde_Mime 1.6.1 -> 1.6.2 mail/pear-Horde_Mime_Viewer 1.0.8 -> 1.0.9 security/pear-Horde_Auth 1.4.9 -> 1.4.10 security/pear-Horde_Secret 1.0.2 -> 1.0.4 textproc/pear-Horde_Text_Filter 1.1.5 -> 1.1.6 www/horde4-ansel 2.0.1 -> 2.0.2 www/horde4-base 4.0.15 -> 4.0.16 www/horde4-wicked 1.0.1 -> 1.0.2 www/pear-Horde_Browser 1.0.8 -> 1.0.9 www/pear-Horde_Service_Weather 1.1.2 -> 1.1.3 www/pear-Horde_SessionHandler 1.0.5 -> 1.0.6 Feature safe: yes	2012-11-19 08:02:01 +00:00
Jase Thew	04822a6d48	- Fix copy and paste error in latest weechat entry (81826d12-317a-11e2-9186-406186f3d89d) Feature safe: yes	2012-11-18 12:51:26 +00:00
Jase Thew	7d1870cfd5	- Document new vulnerability in irc/weechat and irc/weechat-devel Feature safe: yes	2012-11-18 12:46:39 +00:00
Ryan Steinmetz	9e979e7feb	- Update to 1.3.4 Feature safe: yes	2012-11-18 05:52:07 +00:00
Philippe Audeoud	bbabd4e43e	- Update to 1.77 - Changelog: http://cpansearch.perl.org/src/SULLR/IO-Socket-SSL-1.77/Changes Feature safe: yes	2012-11-16 10:20:21 +00:00
Tom Judge	1f97bf62dc	* Fix build against libcli 0.9.6 * Make dependance on ActiveMQ off by default. Feature safe: yes Approved by: eadler (mentor)	2012-11-16 03:44:09 +00:00
Matthias Andree	43c5928d90	Add CONFLICTS. Suggested by: ketas's ports conflicts checker Feature safe: yes	2012-11-15 23:33:59 +00:00
Sofian Brabez	c2e8e5f1d6	- Update to 1.9.0 Feature safe: yes	2012-11-15 20:57:00 +00:00
Olli Hauer	bb7daf8882	- bugzilla security updates to version(s) 3.6.11, 4.0.8, 4.2.4 Summary ======= The following security issues have been discovered in Bugzilla: * Confidential product and component names can be disclosed to unauthorized users if they are used to control the visibility of a custom field. * When calling the 'User.get' WebService method with a 'groups' argument, it is possible to check if the given group names exist or not. * Due to incorrectly filtered field values in tabular reports, it is possible to inject code which can lead to XSS. * When trying to mark an attachment in a bug you cannot see as obsolete, the description of the attachment is disclosed in the error message. * A vulnerability in swfstore.swf from YUI2 can lead to XSS. Feature safe: yes Security: CVE-2012-4199 https://bugzilla.mozilla.org/show_bug.cgi?id=731178 CVE-2012-4198 https://bugzilla.mozilla.org/show_bug.cgi?id=781850 CVE-2012-4189 https://bugzilla.mozilla.org/show_bug.cgi?id=790296 CVE-2012-4197 https://bugzilla.mozilla.org/show_bug.cgi?id=802204 CVE-2012-5475 https://bugzilla.mozilla.org/show_bug.cgi?id=808845 http://yuilibrary.com/support/20121030-vulnerability/	2012-11-14 19:29:42 +00:00
Pawel Pekala	8c5957c966	- Update to version 2.1.5 - Add LICENSE - Convert to optionsNG - Don't overwrite user modified config PR: ports/172058 Submitted by: KATO Tsuguru <tkato432@yahoo.com> Feature safe: yes	2012-11-13 18:54:15 +00:00
Jase Thew	fe3e63dcfc	- Update recent weechat entry (e02c572f-2af0-11e2-bb44-003067b2972c) - Document assigned CVE Identifier - Document workaround for vulnerable versions Feature safe: yes	2012-11-13 18:17:13 +00:00
Rene Ladan	616eda309b	Document vulnerabilities in two typo3 components. Obtained from: http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-005/ Feature safe: yes	2012-11-12 21:47:27 +00:00
Pawel Pekala	2b97404cf4	Update pkg-descr to current project state PR: ports/173445 Submitted by: Jr Aquino <tanawts@gmail.com> (maintainer) Feature safe: yes	2012-11-12 21:06:19 +00:00
Emanuel Haupt	bd73cda3a7	Mark IGNORE on ${OSVERSION} >= 1000024 where the script got added to the base system. Feature safe: yes	2012-11-12 14:44:24 +00:00
Guido Falsi	edee9b21b3	Fix typo. Feature safe: yes	2012-11-12 13:07:30 +00:00
Guido Falsi	864702607f	- Update to 2.7.1 - Convert to new options framework - Document US-CERT VU#268267 - Trim Makefile headers PR: ports/173226 Submitted by: Hirohisa Yamaguchi <umq@ueo.co.jp> (maintainer) Feature safe: yes	2012-11-12 13:04:37 +00:00
Pawel Pekala	b7bec7d93b	- Update MASTER_SITES and WWW: line - Support CFLAGS properly - Add MAKE_JOBS_SAFE - Don't install license file twice PR: ports/172064 Submitted by: KATO Tsuguru <tkato432@yahoo.com> Feature safe: yes	2012-11-10 18:16:38 +00:00
Pawel Pekala	d01f1f8167	- Add LICENSE - Add MAKE_JOBS_SAFE - Support PORTEXAMPLES - Replace patch with REINPLACE_CMD PR: ports/172063 Submitted by: KATO Tsuguru <tkato432@yahoo.com> Feature safe: yes	2012-11-10 17:38:33 +00:00
Pawel Pekala	a6d974d908	- Add LICENSE - Switch to PLIST_FILES, PORTDOCS - Remove bunch of patches, replaced by REINPLACE_CMD PR: ports/172062 Submitted by: KATO Tsuguru <tkato432@yahoo.com> Feature safe: yes	2012-11-10 17:07:42 +00:00
Pawel Pekala	ada2e37f3b	- Add LICENSE - Switch to PLIST_FILES PR: ports/172061 Submitted by: KATO Tsuguru <tkato432@yahoo.com> Feature safe: yes	2012-11-10 16:52:43 +00:00
Steve Wills	80df39460a	- Improve latest ruby entry slightly Feature safe: yes	2012-11-10 15:17:31 +00:00
Jase Thew	b5f3820240	- Modify recent e02c572f-2af0-11e2-bb44-003067b2972c entry - Add constraints to vulnerable versions - Add additional references - Improve topic - Correct description Feature safe: yes	2012-11-10 14:45:55 +00:00
Eitan Adler	236f5555af	Apply an upstream patch that fixes a security hole when receiving a special colored message. The maintainer was contacted but due to the nature of the issue apply the patch ASAP. Approved by: secteam-ports (swills) Security: e02c572f-2af0-11e2-bb44-003067b2972c Feature safe: yes	2012-11-10 04:55:47 +00:00
Steve Wills	dd14410e21	- Update lang/ruby19 to 1.9.3p327 - Document security issue in earlier versions Security: 5e647ca3-2aea-11e2-b745-001fd0af1a4c Feature safe: yes	2012-11-10 04:00:41 +00:00
Jason Helfman	90461f79f5	- clarification that ASF reported issue for: - 152e4c7e-2a2e-11e2-99c7-00a0d181e71d - 4ca26574-2a2c-11e2-99c7-00a0d181e71d Feature safe: yes	2012-11-09 23:02:15 +00:00
Jason Helfman	c5d5f48eb2	- document tomcat vulnerabilities Feature safe: yes	2012-11-09 19:09:32 +00:00
Bryan Drewery	8e52ee3253	- Update to 0.4.3 - Trim header Feature safe: yes	2012-11-09 16:18:33 +00:00
Eitan Adler	528c35064c	Update latest version and document security issues PR: ports/173487 Submitted by: Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp> Security: 4b8b748e-2a24-11e2-bb44-003067b2972c Feature safe: yes	2012-11-09 04:31:13 +00:00
Pietro Cerutti	8d1275d48a	- fix MASTER_SITES Reported by: PH (via beat@) Approved by: portmgr@ (implicit) Feature safe: yes	2012-11-08 11:16:48 +00:00
Jason E. Hale	4f7ec695a7	- Update to 1.2.0 While here: - Trim Makefile header - Fix capitalization and spacing in COMMENT and pkg-descr PR: ports/173466 Submitted by: John Chen <johnpupu@gmail.com> Approved by: makc, avilla (mentors, implicit) Feature safe: yes	2012-11-08 10:50:29 +00:00

1 2 3 4 5 ...

16728 commits