kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
437563 commits 42 branches 80 tags 2.7 GiB
Commit graph

5077 commits

Author SHA1 Message Date
Jung-uk Kim
de9fdb4c90 Document the latest Flash Player vulnerability. 
https://helpx.adobe.com/security/products/flash-player/apsb18-03.html
 2018-02-06 21:39:10 +00:00
Craig Leres
7579dbe3da Mark mini_httpd < 1.28 and thttpd < 2.28 as vulnerable as per: 
http://acme.com/updates/archive/199.html

While we're here, fix whitespace in vuln.xml that "make validate"
flagged.

Reviewed by:	ler (mentor)
Approved by:	ler (mentor)
Security:	CVE-2017-17663
Differential Revision:	D14217
 2018-02-06 01:38:46 +00:00
Yuri Victorovich
575834304a Adding VuXML record for vulnerability CVE-2017-15924 in net/shadowsocks-libev. 
D14200 (part I).

The next commit will update net/shadowsocks-libev and fix this
vulnerability.

PR:		225442
Submitted by:	myself
Approved by:	adamw (mentor)
Differential Revision:	https://reviews.freebsd.org/D14200
 2018-02-05 05:07:24 +00:00
MANTANI Nobutaka
bf675d75e9 Add modification date for the entry of w3m vulnerabilities. 
Spotted by:	 dbaio
 2018-02-03 18:10:31 +00:00
MANTANI Nobutaka
3a0efcc56d Update entry of w3m vulnerabilities. 
PR:		225611
Submitted by:	D. Ebdrup <debdrup@gmail.com>
 2018-02-03 13:35:04 +00:00
Tobias Kortkamp
32281f8646 Document www/palemoon vulnerabilities 
PR:		225644
Security:	CVE-2018-5102
Security:	CVE-2018-5122
 2018-02-03 10:27:05 +00:00
Sunpoet Po-Chuan Hsieh
28b411b3f3 Document django vulnerability 2018-02-02 19:55:34 +00:00
Brad Davis
e9e955ccea Document vulns in www/w3m. 
PR:		225611
Submitted by:	D. Ebdrup <debdrup@gmail.com>
 2018-02-02 18:20:05 +00:00
Niclas Zeising
c73bb7b95f Update range for dovecot vulnerability. 2018-02-01 13:26:01 +00:00
Jan Beich
1ffe89b539 security/vuxml: mark waterfox < 56.0.3.65 as vulnerable 2018-01-31 21:38:08 +00:00
Niclas Zeising
15cd370d0a Add modified date, forgotten in r460325 2018-01-30 17:20:13 +00:00
Jan Beich
fe935e6c40 security/vuxml: mark firefox < 58.0.1 as vulnerable 2018-01-30 00:53:51 +00:00
Jan Beich
dc36925832 security/vuxml: bump min waterfox version with FF58 fixes 2018-01-30 00:53:32 +00:00
Tijl Coosemans
de1786f179 Update range for linux-*-nss. 
PR:		225541
Submitted by:	dbn
Security:	https://access.redhat.com/errata/RHSA-2017:2832
 2018-01-29 21:17:39 +00:00
Niclas Zeising
11049b769a FIx range for dovecot 
2.2.33.2_2 is vulnerable.
 2018-01-29 19:17:49 +00:00
Koop Mast
0729de262d Document gcab stack overflow. 
Security:	CVE-2018-5345
 2018-01-27 09:10:40 +00:00
Steve Wills
47d8ff45e3 Document dovecot issue 
Submitted by:	Roger Marquis <marquis@roble.com>
 2018-01-26 14:37:23 +00:00
Steve Wills
f610844383 Document curl issue 
Submitted by:	Roger Marquis <marquis@roble.com>
 2018-01-26 14:28:07 +00:00
Christoph Moench-Tegeder
f4725969a9 document recent clamav vulnerabilities 
See: http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html
 2018-01-26 13:23:59 +00:00
Dmitry Marakasov
c44ed68243 Fix wordpress entries in vuxml 
- Fix incorrect package names
- Fix epoch in older entry which makes it incorrectly report fresh ports as vulnerable

With hat:	ports-secteam
 2018-01-26 09:00:48 +00:00
Jan Beich
4c499f8fac security/vuxml: seamonkey 2.49.2 will use firefox-esr 52.6 engine 2018-01-23 23:07:10 +00:00
Jan Beich
7baa08e356 security/vuxml: mark firefox < 58 as vulnerable 2018-01-23 18:43:33 +00:00
Kirill Ponomarev
85cbe6f098 Fix typo. 2018-01-23 11:33:32 +00:00
Kirill Ponomarev
47292a7ddb Document new vulnerability in dns/powerdns-recursor < 4.1.1 
Obtained from:	https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-01.html
Security:	CVE-2018-1000003
 2018-01-23 11:23:41 +00:00
Carlos J. Puga Medina
d96fdd0c24 Document new vulnerabilities in www/chromium < 63.0.3239.108 
Obtained from:	https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop_14.html
Security:	CVE-2017-15429
 2018-01-23 02:05:40 +00:00
Carlos J. Puga Medina
cf34e36d51 Document new vulnerabilities in www/chromium < 63.0.3239.84 
Obtained from:	https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html
 2018-01-23 01:53:49 +00:00
Carlos J. Puga Medina
9a949d9d27 Document new vulnerability in www/chromium < 62.0.3202.94 
Obtained from:	https://chromereleases.googleblog.com/2017/11/stable-channel-update-for-desktop_13.html
Security:	CVE-2017-15428
 2018-01-23 00:39:12 +00:00
Carlos J. Puga Medina
b6ad8bebc8 Add missing entry for www/chromium 
Security:	CVE-2017-15406
 2018-01-22 23:47:21 +00:00
Palle Girgensohn
15cd466ef8 Add more information about the recents security notice for shibboleth2-sp 2018-01-19 16:43:35 +00:00
Danilo G. Baio
7b133373d0 security/vuxml: Document vulnerability in dns/unbound 
Security:	CVE-2017-15105

PR:		225313
Reported by:	jaap@NLnetLabs.nl
 2018-01-19 15:12:47 +00:00
Jochen Neumeister
5ecacaa721 Document phpbb3 issues 
Approved by:	tz (mentor)
Differential Revision:	https://reviews.freebsd.org/D13983
 2018-01-19 13:01:22 +00:00
Bernard Spil
1cca52d81d security/vuxml: Fix tabs and spaces settings 2018-01-19 12:45:26 +00:00
Bernard Spil
739a99e963 security/vuxml: Document 2018Q1 Oracle MySQL vulns 2018-01-19 12:44:12 +00:00
Jochen Neumeister
88ada844d2 Document wordpress issues 
Approved by:	tcberner (mentor)
Differential Revision:	https://reviews.freebsd.org/D13954
 2018-01-19 06:15:16 +00:00
Steve Wills
1e4acf7f24 Document GitLab issue 2018-01-17 20:50:17 +00:00
Ben Woods
3c069bcbb8 Document DNS rebinding vulnerabilities in net-p2p/transmission-daemon 
PR:		225150
Security:	https://www.vuxml.org/freebsd/3e5b8bd3-0c32-452f-a60e-beab7b762351.html
 2018-01-14 02:19:47 +00:00
Palle Girgensohn
80b6c8e6ec Document vulnerability of devel/xmltooling 
security/shibboleth2-sp depends on the xmltooling port

Security:	CVE-2018-0486
 2018-01-12 17:23:33 +00:00
Adam Weinberger
408baf5221 Add vim-console instead of replacing vim-list. 
Reported by:	ohauer
 2018-01-11 21:18:15 +00:00
Adam Weinberger
e29f1402a5 Chase the vim-lite -> vim-console rename 2018-01-11 20:36:16 +00:00
Jung-uk Kim
ddbb074f9a Document the latest Flash Player vulnerability. 
https://helpx.adobe.com/security/products/flash-player/apsb18-01.html
 2018-01-09 21:25:14 +00:00
Danilo G. Baio
625cafb5d0 security/vuxml: Document vulnerability in www/awstats 
Security:	CVE-2017-1000501

PR:		225007
Reported by:	Vidar Karlsen <vidar@karlsen.tech>
 2018-01-08 23:03:54 +00:00
Danilo G. Baio
062af1d130 security/vuxml: Document multiple vulnerabilities in irc/irssi 
Security:	CVE-2018-5205
Security:	CVE-2018-5206
Security:	CVE-2018-5207
Security:	CVE-2018-5208

PR:		224954
Reported by:	tj@mrsk.me (email)
Reported by:	David O'Rourke <dor.bsd@xm0.uk>
 2018-01-06 20:43:51 +00:00
Jan Beich
cfa075c4fa security/vuxml: mark firefox < 57.0.4 as vulnerable 2018-01-05 17:17:09 +00:00
Richard Gallamore
5a330cba29 * Add modified date to for libevhtp vulnerable 
Thank you dbaio for catching this.
 2018-01-05 00:40:20 +00:00
Richard Gallamore
5235b5b994 * Add libevhtp to list of vulnerable ports. 
Libevhtp prior to 1.2.14 uses oniguruma 5.9.2 and is
vulnerable if using the REGEX option, which is the
default.
 2018-01-04 19:08:49 +00:00
Danilo G. Baio
e074dce170 security/vuxml: Fix FreeBSD PR bugs references 2017-12-31 14:48:36 +00:00
Danilo G. Baio
1a41c9b05f security/vuxml: Document vulnerabilities in www/otrs 
Security:	CVE-2017-16664
Security:	CVE-2017-16854
Security:	CVE-2017-16921

PR:		224729
Reported by:	Vidar Karlsen <vidar@karlsen.tech>
 2017-12-30 16:41:19 +00:00
Eugene Grosbein
6e4023b93b Fix cut-n-paste error in the previous addition for bouncycastle15 
(6a131fbf-ec76-11e7-aa65-001b216d295b).
 2017-12-29 09:28:51 +00:00
Eugene Grosbein
04536f1959 Document security defect in the Bouncy Castle Crypto APIs: CVE-2017-13098 ("ROBOT") 
Obtained from:  https://www.bouncycastle.org/releasenotes.html
Security:       https://vuxml.FreeBSD.org/freebsd/6a131fbf-ec76-11e7-aa65-001b216d295b
 2017-12-29 09:23:27 +00:00
Jan Beich
773beabfe8 security/vuxml: mark thunderbird < 52.5.2 as vulnerable 2017-12-25 11:31:19 +00:00