freebsd-ports

Author	SHA1	Message	Date
Rene Ladan	395fee5cdd	Document new vulnerabilities in www/chromium < 33.0.1750.117 Obtained from: http://googlechromereleases.blogspot.nl/ MFH: 2014Q1	2014-02-24 13:13:55 +00:00
Palle Girgensohn	083cb42200	The PostgreSQL Global Development Group has released an important update to all supported versions of the PostgreSQL database system, which includes minor versions 9.3.3, 9.2.7, 9.1.12, 9.0.16, and 8.4.20. This update contains fixes for multiple security issues, as well as several fixes for replication and data integrity issues. All users are urged to update their installations at the earliest opportunity, especially those using binary replication or running a high-security application. This update fixes CVE-2014-0060, in which PostgreSQL did not properly enforce the WITH ADMIN OPTION permission for ROLE management. Before this fix, any member of a ROLE was able to grant others access to the same ROLE regardless if the member was given the WITH ADMIN OPTION permission. It also fixes multiple privilege escalation issues, including: CVE-2014-0061, CVE-2014-0062, CVE-2014-0063, CVE-2014-0064, CVE-2014-0065, and CVE-2014-0066. More information on these issues can be found on our security page and the security issue detail wiki page. Security: CVE-2014-0060,CVE-2014-0061,CVE-2014-0062,CVE-2014-0063 CVE-2014-0064,CVE-2014-0065,CVE-2014-0066,CVE-2014-0067	2014-02-20 18:11:25 +00:00
Li-Wen Hsu	b9028d9747	- Last whitespace change - Sort CVE entries Notified by: remko	2014-02-15 17:05:12 +00:00
Matthew Seaman	828b9bd31b	Document the latest PMA security advisory: PMSA-2014-1 The version of PMA currently in ports (since 2014-02-09) is not affected.	2014-02-15 12:10:20 +00:00
Li-Wen Hsu	590a234fdb	Add CVE entry to references Notified by: remko	2014-02-15 09:09:57 +00:00
Li-Wen Hsu	cc7bdc55ab	whitespace Notified by: remko	2014-02-15 09:07:33 +00:00
Li-Wen Hsu	85078555a9	Document Jenkins Security Advisory 2014-02-14	2014-02-15 08:04:51 +00:00
Ryan Steinmetz	407bb25343	- Document recent vulnerabilities in www/lighttpd	2014-02-14 04:36:49 +00:00
Florian Smeets	2852c730f7	Document phpmyfaq vulnerabilities	2014-02-06 23:05:06 +00:00
Carlo Strub	422b50415a	Update VUXML entry on recent otrs vulnerabilities Suggested by: remko@	2014-02-06 20:39:30 +00:00
Eitan Adler	e864d745c6	Update the latest flash security advisory	2014-02-05 15:57:57 +00:00
Eitan Adler	dd9698813c	Report the latest flash security issue	2014-02-05 02:15:47 +00:00
Beat Gaetzi	0b4b153416	Document mozilla vulnerabilities Reviewed by: flo	2014-02-04 21:19:13 +00:00
Ryan Steinmetz	4498e6478a	- Add modified date to libyaml entry	2014-02-02 13:52:18 +00:00
Ryan Steinmetz	69d0952ada	- Add libyaml to the libyaml vulnerability entry	2014-02-02 03:51:39 +00:00
Bryan Drewery	6f575a4072	- Document libyaml vulnerability in pkg Security: CVE-2013-6393	2014-02-01 20:53:19 +00:00
Emanuel Haupt	5f3a57aa59	Use the same URL as in blockquote. Submitted by: remko	2014-01-29 08:42:34 +00:00
Martin Wilke	78248c90c1	- Fix format	2014-01-29 08:22:56 +00:00
Emanuel Haupt	00017260bd	Document socat vulnerability. Security: CVE-2014-0019	2014-01-29 07:53:48 +00:00
Carlo Strub	6ee542230d	2 new OTRS vulnerabilities Security: CVE-2014-1471	2014-01-28 22:29:12 +00:00
Matthew Seaman	0970b9204b	rt42-4.2.1_3, which appears only on the 2014Q1 branch, should also be counted as not vulnerable.	2014-01-27 23:10:10 +00:00
Rene Ladan	30a5132038	Document vulnerabilities in www/chromium < 32.0.1700.102 Obtained from: http://googlechromereleases.blogspot.nl/	2014-01-27 23:01:11 +00:00
Matthew Seaman	71c9c356da	Formatting fixes Submitted by: remko	2014-01-27 22:46:38 +00:00
Bernhard Froehlich	fc6750fe4f	- Fix style for strongswan entry Reported by: remko	2014-01-27 21:08:45 +00:00
Matthew Seaman	baf0ccf5c5	vuxml entry concerning the recent security advisory about www/rt42 from 4.2.0 to 4.2.2 inclusive. This is slightly unusual in the the fix is applied to a completely different port mail/p5-Email-Address-List which www/rt42 depends on.. Security: d1dfc4c7-8791-11e3-a371-6805ca0b3d42	2014-01-27 20:44:52 +00:00
Bernhard Froehlich	6d38c4ccc3	- Fix typo in last entry Reported by: bz	2014-01-27 13:52:17 +00:00
Bernhard Froehlich	df0fed0b8a	- Document multiple DoS vulnerabilities in strongswan Security: CVE-2013-5018 Security: CVE-2013-6075 Security: CVE-2013-6076	2014-01-27 13:31:45 +00:00
Kubilay Kocak	86d431b7f3	Document Varnish HTTP Cache < 3.0.5 DoS Vulnerability Reviewed by: remko	2014-01-25 09:24:38 +00:00
Eitan Adler	038bc3cf36	Update flash to 11.2r202.335 Report security issues PR: ports/185790 Reported by: Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>	2014-01-24 05:05:36 +00:00
Remko Lodder	988c8629b6	Cleanup the HTMLDOC entry, long lines and remove the ... entries because I think it's not needed. Also adjust the previous entry by indenting correctly. Hat: secteam Facilicated by: Snow B.V.	2014-01-23 10:03:33 +00:00
Matthias Andree	5ef4b9d0ad	Document HTMLDOC < 1.8.28 vulnerability.	2014-01-22 23:51:10 +00:00
Bernhard Froehlich	0fe2d256ec	Document virtualbox-ose vulnerabilities Security: CVE-2013-5892	2014-01-16 16:15:47 +00:00
Rene Ladan	8ecb19f477	Document new vulnerabilities in www/chromium < 32.0.1700.77 Obtained from: http://googlechromereleases.blogspot.nl/ MFH: 2014Q1	2014-01-15 21:41:15 +00:00
Erwin Lansing	8c356b8ce8	Sort references Submitted by: remko	2014-01-15 08:48:46 +00:00
Erwin Lansing	f718e701be	Document SA-13:07.bind	2014-01-15 08:36:23 +00:00
Remko Lodder	bcd0f52004	Fix the latest entry, it has many issues, make validate told us exactly what was wrong. I redid the entry and just took out the ul/li structure and replaced it with regular paragraphs. It might be worth investigating to use the FreeBSD SA that got released because of this as the main text, which is best suited imo. Hat: secteam	2014-01-14 21:15:10 +00:00
Cy Schubert	6c23bbf50a	Mark net/ntp forbidden. Security: CVE-2013-5211 / VU#348126	2014-01-14 20:54:57 +00:00
Mathieu Arnold	c2e1cd79f8	Document the latest nagios vulnerability.	2014-01-14 14:16:13 +00:00
Mathieu Arnold	c39c3d4a40	Security update to fix CVE-2014-0591 as reported at https://kb.isc.org/article/AA-01078/74/ 9.9.4 -> 9.9.4-P2 9.8.6 -> 9.8.6-P2 9.6-ESV-R10 -> 9.6-ESV-R10-P2 Security: CVE-2014-0591 Remote DOS	2014-01-13 17:38:28 +00:00
Niclas Zeising	b015a1fa41	Update libXfont to 1.4.7 This is a security fix and it is important to update, since it might lead to a privilege escalation if the X server is run as root (which is the default) Security: CVE-2013-6462	2014-01-08 10:42:04 +00:00
Xin LI	7252c45230	Document OpenSSL 1.0.1e multiple vulnerabilities.	2014-01-06 23:55:38 +00:00
Remko Lodder	71891e35fe	Correct ident for most recent entries. No functional changes. People, please be aware that we use the FreeBSD Documentation Primer and that there are style rules we have to follow. If you are in doubt please consult me and I am more then willing to help. Hat: secteam	2013-12-28 23:52:49 +00:00
Olli Hauer	9736101e02	- mark as FORBIDDEN (zero day SQL vuln) Security: CVE-2013-7149	2013-12-22 17:49:46 +00:00
Xin LI	bae0ef49b6	Cover gnupg1 ports/packages as well.	2013-12-19 07:45:41 +00:00
Xin LI	7f12df195a	Apply vendor fix for CVE-2013-6422, cURL libcurl cert name check ignore with GnuTLS. Document the vulnerability fix in vuxml while I'm here.	2013-12-18 23:04:24 +00:00
Jun Kuriyama	67024f3f29	Add about gnupg-1.4.16.	2013-12-18 15:22:59 +00:00
Florian Smeets	3c17028e1f	- document asterisk vulnerabilities - correctly order references [1] Reported by: remko [1]	2013-12-17 23:26:26 +00:00
Florian Smeets	2a861f63a5	- update to 2.8.4 - add stage support Security: 3b86583a-66a7-11e3-868f-0025905a4771	2013-12-16 23:37:23 +00:00
Xin LI	0ecbf31857	Document Zabbix agent remote command execution vulnerability.	2013-12-16 04:11:00 +00:00
Florian Smeets	6fbff9d8da	Update to 5.3.28 Security: 47b4e713-6513-11e3-868f-0025905a4771	2013-12-14 23:30:36 +00:00

1 2 3 4 5 ...

3290 commits