freebsd-ports

Author	SHA1	Message	Date
Jason Unovitch	aebbbabec4	Document multiple vulnerabilities in CodeIgniter PR: 203401 Security: 5114cd11-6571-11e5-9909-002590263bf5 Security: 01bce4c6-6571-11e5-9909-002590263bf5 Security: c21f4e61-6570-11e5-9909-002590263bf5 Security: f838dcb4-656f-11e5-9909-002590263bf5 Security: b7d785ea-656d-11e5-9909-002590263bf5	2015-09-28 01:09:11 +00:00
Rene Ladan	9ca5987077	Document new vulnerabilities in www/chromium < 45.0.2454.101 Obtained from: http://googlechromereleases.blogspot.nl/2015/09/stable-channel-update_24.html	2015-09-27 08:38:32 +00:00
Jason Unovitch	32248a97f6	Revise Moodle multiple security vulnerabilities from r397210 to reflect recently published advisory Security: CVE-2015-5264 Security: CVE-2015-5272 Security: CVE-2015-5265 Security: CVE-2015-5266 Security: CVE-2015-5267 Security: CVE-2015-5268 Security: CVE-2015-5269 Security: c2fcbec2-5daa-11e5-9909-002590263bf5	2015-09-24 02:56:06 +00:00
Mark Felder	34bc934828	Fix older ruby vuxml entry If you follow official instructions to change your default ruby version it alters the ruby package name and vuxml will produce false positives. This change will solve these scenarios. PR: 203227	2015-09-23 20:24:28 +00:00
Mark Felder	e6f1cc75df	libssh2 version entry range was missing PORTEPOCH Security: 9770d6ac-614d-11e5-b379-14dae9d210b8	2015-09-22 17:26:45 +00:00
Mark Felder	f5c377a330	Document vulnerability in security/libssh2 Security: CVE-2015-1782	2015-09-22 17:20:01 +00:00
Jan Beich	88e9121919	Summary: Document recent Mozilla vulnerabilities	2015-09-22 16:46:17 +00:00
Jan Beich	9866d8a0ae	Mention ports with libzip copy	2015-09-20 09:23:01 +00:00
Jan Beich	6625bef6d8	Fix typo	2015-09-20 05:45:26 +00:00
Jan Beich	3747f78a0d	Next avidemux2 may have CVE-2015-3395 fix, adjust https://github.com/mean00/avidemux2/commit/cfb9760	2015-09-20 05:43:17 +00:00
Jan Beich	fa008c5d97	Document recent ffmpeg vulnerabilities libav 11.4 was released before the fixes were made while ffmpeg 2.3.x and lower are not maintained anymore. Bundle consumers are out of luck unless low impact there or the fixes are easy to cherry-pick.	2015-09-20 05:27:37 +00:00
Carlo Strub	72f361e2f5	Update dcraw entry in VUXML PR: 203034 Submitted by: yuri@rawbw.com (maintainer of lightzone) Security: 57325ecf-facc-11e4-968f-b888e347c638	2015-09-18 21:08:54 +00:00
Jason Unovitch	fe37f7e780	Document Moodle multiple security vulnerabilities Note upstream has not released CVE assignments or details of the issues at this time. Document the current verbiage from the release notes to help downstream users proactively update.	2015-09-18 02:23:56 +00:00
Jason Unovitch	8f2c38c402	Document squid TLS/SSL parser denial of service vulnerability No CVE assigned yet PR: 203186	2015-09-18 01:34:31 +00:00
Jason Unovitch	4a1e19c066	Document remind buffer overflow with malicious reminder file input PR: 202942 Security: CVE-2015-5957	2015-09-18 00:33:00 +00:00
Mark Felder	ea9763f900	Alter <topic> of some of my recent entries to be more consistently worded	2015-09-17 16:32:19 +00:00
Mark Felder	3ee9a6d736	Normalize "use after free" as "use-after-free" in <topic> I noticed when browsing vuxml.freebsd.org an even split between "use after free" and "use-after-free". It seemed to make sense to standardize on one style so future editors will have a common usage to guide them when new entries are created.	2015-09-17 16:28:35 +00:00
Mark Felder	14ddba5cf8	Document deskutils/shutter vulnerability Security: CVE-2015-0854	2015-09-17 16:16:12 +00:00
Mark Felder	4dcc9a0987	Document graphics/openjpeg vulnerability No CVE assigned yet	2015-09-17 15:50:13 +00:00
Mark Felder	8683d8eccb	Document vulnerability in older graphics/optipng No CVE assigned yet	2015-09-17 14:56:54 +00:00
Mark Felder	e8a4caa6b9	Document net/openslp vulnerability Security: CVE-2015-5155	2015-09-17 14:50:06 +00:00
Mark Felder	00d1f16d45	Document archivers/p7zip vulnerability Security: CVE-2015-1038	2015-09-16 20:21:09 +00:00
Mark Felder	14b0ff2552	Document www/h2o vulnerability PR: 203096 PR: 203147 Security: CVE-2015-5638	2015-09-16 16:32:39 +00:00
Xin LI	dd6d054387	Fix spelling of zh_CN for wordpress vulnerabilities.	2015-09-15 23:21:11 +00:00
Xin LI	8b7713c6f5	Document wordpress multiple vulnerabilities.	2015-09-15 18:15:35 +00:00
Olli Hauer	3ecb75d2ee	- document bugzilla CVE-2015-4499	2015-09-14 03:59:25 +00:00
Mark Felder	a178d1e1d7	net/openldap24-server Fix affected package name Submitted by: dvl Security: 4910d161-58a4-11e5-9ad8-14dae9d210b8	2015-09-13 19:41:01 +00:00
Mark Felder	250b7f148c	Document net/openldap24-server vulnerability Security: CVE-2015-6908	2015-09-12 13:26:12 +00:00
Christian Weisgerber	e033ba8a65	Expand a35f415d-572a-11e5-b0a4-f8b156b6dcc8: multiple vulnerabilities in audio/vorbis-tools and audio/opus-tools	2015-09-09 20:41:22 +00:00
Christian Weisgerber	666b842182	Document oggenc buffer overflow in audio/vorbis-tools. Security: CVE-2015-6749	2015-09-09 19:53:44 +00:00
Jason Unovitch	6e92784570	Document pgbouncer failed auth_query lookups falling back to auth_user Note the vulnerable version was not committed to ports, however document the issue in the interest of being thorough and catching any user who made this as a local change. PR: 202957 Security: CVE-2015-6817 Security: d76961da-56f6-11e5-934b-002590263bf5 Approved by: feld (mentor)	2015-09-09 14:18:40 +00:00
Matthew Seaman	ba08997b29	Document the latest phpMyAdmin vulnerability: reCaptcha bypass	2015-09-08 18:49:46 +00:00
Mark Felder	3565ecc98e	Correct some package names that were mistakenly labeled as php56 Security: 3d675519-5654-11e5-9ad8-14dae9d210b8	2015-09-08 18:44:47 +00:00
Mark Felder	ae6c3376e7	Add assigned CVEs to previous php vulnerability entry Security: 787ef75e-44da-11e5-93ad-002590263bf5 Security: CVE-2015-6831 Security: CVE-2015-6832 Security: CVE-2015-6833	2015-09-08 18:33:39 +00:00
Mark Felder	85ddd2c873	Document php vulnerabilities Security: CVE-2015-6834 Security: CVE-2015-6835 Security: CVE-2015-6836 Security: CVE-2015-6837 Security: CVE-2015-6838	2015-09-08 18:32:06 +00:00
Mark Felder	d58853af1b	Spelling frontent -> frontend Security: d68df01b-564e-11e5-9ad8-14dae9d210b8	2015-09-08 17:38:31 +00:00
Mark Felder	38d8c6b6c1	Document sysutils/ganglia-webfrontent vulnerability Security: CVE-2015-6816	2015-09-08 17:32:46 +00:00
Mark Felder	c7e11185ff	Add net/wireshark-qt5 as affected Security: 9bdd8eb5-564a-11e5-9ad8-14dae9d210b8	2015-09-08 17:14:27 +00:00
Mark Felder	cb64f55260	Document net/wireshark vulnerabilities Security: CVE-2015-6241 Security: CVE-2015-6242 Security: CVE-2015-6243 Security: CVE-2015-6244 Security: CVE-2015-6245 Security: CVE-2015-6246 Security: CVE-2015-6247 Security: CVE-2015-6248 Security: CVE-2015-6249	2015-09-08 17:10:08 +00:00
Mark Felder	3a6b5a0166	Document sysutils/screen vulnerability Security: CVE-2015-6806	2015-09-08 16:34:20 +00:00
Mark Felder	19d4c57f25	Document net/libvncserver vulnerability Old issue ignored in RH bugzilla; CVE recently requested	2015-09-08 16:18:16 +00:00
Koop Mast	8a42348c27	Document a number of integer overflows in gdk-pixbuf2.	2015-09-04 17:37:08 +00:00
Mark Felder	fc40944097	Minimum range adjustment for bind vulnerability Pointyhat: firmly seated on head Submitted by: mat Security: CVE-2015-5986 Security: 2c5e7e23-5248-11e5-9ad8-14dae9d210b8	2015-09-03 15:23:31 +00:00
Mark Felder	90157b4b33	Correct version range mistakes in bind vulnerabilities Submitted by: mat Security: 2c5e7e23-5248-11e5-9ad8-14dae9d210b8 Security: eaf3b255-5245-11e5-9ad8-14dae9d210b8	2015-09-03 15:15:35 +00:00
Mark Felder	3ab4919fff	Document bind vulnerabilities Security: CVE-2015-5986 Security: CVE-2015-5722	2015-09-03 14:34:57 +00:00
Rene Ladan	7f9e07309d	Document new vulnerabilities in www/chromium < 45.0.2454.85 Submitted by: Carlos Jacobo Puga Medina Obtained from: http://googlechromereleases.blogspot.nl/	2015-09-02 18:06:51 +00:00
Mark Felder	ca0dad6900	Document dns/powerdns vulnerability PR: 202738 Security: CVE-2015-5230	2015-09-02 16:37:20 +00:00
Jason Unovitch	77220c89cb	Revise Ghostscript entry date to match date of commit. Approved by: delphij (mentor)	2015-09-02 00:30:55 +00:00
Jason Unovitch	0aa28a7fe9	Document denial of service (crash) via crafted Postscript files for Ghostscript PR: 202781 Security: CVE-2015-3228 Security: fc1f6658-4f53-11e5-934b-002590263bf5 Approved by: feld (mentor)	2015-09-01 22:12:57 +00:00
Jan Beich	8fd50d9cdd	Document recent ffmpeg/libav vulnerabilities	2015-09-01 13:42:57 +00:00
Mark Felder	c493e70098	Document graphics/graphviz vulnerability No CVE assigned	2015-08-29 15:23:30 +00:00
Jan Beich	8a433f1800	Document recent mozilla vulnerabilities	2015-08-28 12:34:31 +00:00
Mark Felder	337aff11b3	graphics/libpgf was assigned a CVE Security: 9a71953a-474a-11e5-adde-14dae9d210b8 Security: CVE-2015-6673	2015-08-26 14:25:40 +00:00
Jason Unovitch	87fa70f950	Document multiple security advisories for go and go14 PR: 202633 Security: CVE-2015-5739 Security: CVE-2015-5740 Security: CVE-2015-5741 Security: 4464212e-4acd-11e5-934b-002590263bf5 Approved by: delphij (mentor)	2015-08-25 22:46:48 +00:00
Jan Beich	cdbffeb291	Fix MFSA quote link and add libtremor commits	2015-08-25 09:57:04 +00:00
Jan Beich	f8759e50aa	Document libtremor vulnerabilities in the ancient version we provide	2015-08-25 07:10:35 +00:00
Mark Felder	c861a52533	Document devel/pcre vulnerability Security: 6900e6f1-4a79-11e5-9ad8-14dae9d210b8	2015-08-24 16:10:57 +00:00
Xin LI	e1c27e1172	Document drupal multiple vulnerabilities.	2015-08-22 07:08:56 +00:00
Bryan Drewery	5f252a42eb	Remove excess space	2015-08-21 22:06:06 +00:00
Bryan Drewery	c87a3f4581	Document OpenSSH 7.0 PAM fixes. It is unclear from the announcement what the minimum version affected was.	2015-08-21 22:05:38 +00:00
Bryan Drewery	6d3e93c85f	Document OpenSSH 7.0 PermitRootLogin issue	2015-08-21 22:01:04 +00:00
Mark Felder	828dadf51d	Document sysutils/tarsnap security announcement	2015-08-21 14:23:17 +00:00
Xin LI	1acc6bf142	Document vlc arbitrary pointer dereference.	2015-08-20 17:30:32 +00:00
Mark Felder	8ff90bed6e	graphics/jasper new CVE added to entry Security: f1692469-45ce-11e5-adde-14dae9d210b8 Security: CVE-2015-5221	2015-08-20 15:12:18 +00:00
Mark Felder	a9c828b98c	Document vulnerability in graphics/libpgf No CVE assigned yet	2015-08-20 14:56:35 +00:00
Peter Wemm	b19a6d27d1	Look up a reference to a commit in 2005 that had been previously lost.	2015-08-20 00:54:34 +00:00
Peter Wemm	3a85ee852f	Update some legacy items that don't work or are using runtime remapping: - cvsweb -> svnweb - stray cgi query-pr -> xml pr references - remove redundant formatting that references obsolete cgi scripts. Should be cosmetic and reduce some http redirects.	2015-08-20 00:41:56 +00:00
Jason Unovitch	cb4b8c53ef	Extend recent QEMU related xen-tools CVEs to include the qemu-* ports PR: 202402 Security: CVE-2015-5154 Security: CVE-2015-5165 Security: CVE-2015-5166 Security: da451130-365d-11e5-a4a5-002590263bf5 Security: f06f20dc-4347-11e5-93ad-002590263bf5 Security: ee99899d-4347-11e5-93ad-002590263bf5 Approved by: feld (mentor)	2015-08-19 22:06:17 +00:00
Koop Mast	d385993841	Document CVE-2015-4491 in gdk-pixbuf2.	2015-08-19 10:39:52 +00:00
Mark Felder	395ea0c23f	irc/unreal fix <name> to be capitalized Security: 0ecc1f55-45d0-11e5-adde-14dae9d210b8	2015-08-18 18:44:12 +00:00
Mark Felder	5cdd85208f	Document django vulnerabilities Security: CVE-2015-5963 Security: CVE-2015-5964	2015-08-18 18:12:15 +00:00
Mark Felder	fb41e90eca	Document irc/unreal denial of service No CVE assigned yet	2015-08-18 17:45:45 +00:00
Mark Felder	34feb83747	Document graphics/jasper vulnerability Security: CVE-2015-5203	2015-08-18 17:37:02 +00:00
Mark Felder	f8b5e62157	Document freexl multiple vulnerabilities. One is still awaiting CVE assignment. Security: CVE-2015-2776	2015-08-18 17:27:44 +00:00
Mark Felder	07a6a96061	rt was assigned a CVE Security: 83b38a2c-413e-11e5-bfcf-6805ca0b3d42 Security: CVE-2015-6506	2015-08-18 17:12:14 +00:00
Mark Felder	aff74189b2	ansible was assigned a CVE Security: 72fccfdf-2061-11e5-a4a5-002590263bf5 Security: CVE-2015-6240	2015-08-18 17:10:24 +00:00
Mark Felder	56f2f50e35	gnutls was assigned a CVE Security: ec6a2a1e-429d-11e5-9daa-14dae9d210b8 Security: CVE-2015-6251	2015-08-18 17:08:14 +00:00
Mark Felder	9393684fe7	Document mod_jk vulnerability Security: CVE-2014-8111	2015-08-17 16:25:27 +00:00
Jason Unovitch	906f4181a0	Document two QEMU related xen-tools security advisories PR: 201931 Security: CVE-2015-5166 Security: ee99899d-4347-11e5-93ad-002590263bf5 Security: CVE-2015-5165 Security: f06f20dc-4347-11e5-93ad-002590263bf5 Approved by: feld (mentor)	2015-08-17 13:51:23 +00:00
Jason Unovitch	3ddecc8987	Document PHP security issues impacting the lang/php5* ports (Core/SPL) and 3 extensions (OpenSSL, Phar, SOAP) PR: 202386 Security: 787ef75e-44da-11e5-93ad-002590263bf5 Approved by: feld (mentor)	2015-08-17 13:44:55 +00:00
Jason Unovitch	84b6d07e0b	Document MediaWiki multiple security vulnerabilities PR: 202328 Security: 6241b5df-42a1-11e5-93ad-002590263bf5 Approved by: feld (mentor)	2015-08-14 17:09:29 +00:00
Jan Beich	6243f755e0	Sync libvpx check for CVE-2015-448[56] with r394231	2015-08-14 16:38:33 +00:00
Mark Felder	fa6690aaac	Document freeradius3 vulnerability	2015-08-14 16:34:30 +00:00
Mark Felder	3fe36cb69b	Document gnutls vulnerabilities No CVEs assigned yet	2015-08-14 16:08:58 +00:00
Jason Unovitch	abe03f7039	Document Froxlor database password information disclosure vulnerability PR: 202262 Security: CVE-2015-5959 Security: 9ee72858-4159-11e5-93ad-002590263bf5 Approved by: feld (mentor)	2015-08-13 02:07:33 +00:00
Matthew Seaman	1fea324cb0	Document two XSS vulnerabilities in rt40, rt42.	2015-08-12 22:16:52 +00:00
Mark Felder	6b20fc9e4b	Document py-foolscap vulnerability	2015-08-12 19:32:26 +00:00
Jan Beich	4e22ba8b0b	Make libvpx-1.3.0 vulnerable by moving MFSA 2014-77 into separate entry	2015-08-12 09:55:10 +00:00
Koop Mast	b38a24c915	Document newest flash vulnabilities. Also list the c6_64 flash port.	2015-08-12 07:31:35 +00:00
Jan Beich	23a5407e4f	Oops, mark bundled libvpx v1.4.0 in firefox as vulnerable again libvpx v1.3.0-4418-g587ff64 in firefox-esr 38.x shouldn't be affected given Mozilla hasn't backported the update there. MFSA 2015-89 says otherwise though. https://bugzilla.mozilla.org/show_bug.cgi?id=1178215	2015-08-11 19:48:29 +00:00
Jan Beich	22ff99085e	Move libvpx vulnerability into its own entry	2015-08-11 19:03:36 +00:00
Jan Beich	83f85a1d4f	Document recent mozilla vulnerabilities	2015-08-11 18:51:57 +00:00
Guido Falsi	846e224899	Document an already fixxed vulnerability in lighttpd 1.4.35 or older. PR: 202134 Submitted by: pkubaj at riseup.net vuxml entry submitted by: Jason Unovitch <jason.unovitch at gmail.com>	2015-08-10 13:25:32 +00:00
Jason Unovitch	39531e5b46	Document PCRE heap overflow vulnerability in '(?\|' situations PR: 202209 Security: ff0acfb4-3efa-11e5-93ad-002590263bf5 Approved by: feld (mentor)	2015-08-10 10:34:54 +00:00
Florian Smeets	90bc8dd3a1	Mention all CVEs that are fixed in 4.2.4. The release notes only mentioned one. Reported by: junovitch	2015-08-09 18:38:51 +00:00
Jan Beich	d16e69df1f	Document recent mozilla vulnerabilities	2015-08-07 06:51:05 +00:00
Florian Smeets	0045db9f56	Document wordpress vulnerabilities Security: CVE-2015-2213	2015-08-06 19:55:04 +00:00
Lev A. Serebryakov	576a556027	Add two security issues for subversion.	2015-08-06 15:45:40 +00:00
Jason Unovitch	1af58f4e7c	Document Elasticsearch directory traversal attack and remote code execution PR: 201834 Security: CVE-2015-5377 Security: fb3668df-32d7-11e5-a4a5-002590263bf5 Security: CVE-2015-5531 Security: ae8c09cb-32da-11e5-a4a5-002590263bf5 Approved by: feld (mentor)	2015-08-05 22:11:05 +00:00
Jason Unovitch	60d42be396	Document xen-tools QEMU heap overflow flaw with certain ATAPI commands PR: 201931 Security: CVE-2015-5154 Security: da451130-365d-11e5-a4a5-002590263bf5 Approved by: delphij (mentor)	2015-08-04 10:56:23 +00:00

1 2 3 4 5 ...

3940 commits