kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
325327 commits 42 branches 80 tags 2.7 GiB
Commit graph

3251 commits

Author SHA1 Message Date
Ryan Steinmetz
407bb25343 - Document recent vulnerabilities in www/lighttpd 2014-02-14 04:36:49 +00:00
Florian Smeets
2852c730f7 Document phpmyfaq vulnerabilities 2014-02-06 23:05:06 +00:00
Carlo Strub
422b50415a Update VUXML entry on recent otrs vulnerabilities 
Suggested by:	remko@
 2014-02-06 20:39:30 +00:00
Eitan Adler
e864d745c6 Update the latest flash security advisory 2014-02-05 15:57:57 +00:00
Eitan Adler
dd9698813c Report the latest flash security issue 2014-02-05 02:15:47 +00:00
Beat Gaetzi
0b4b153416 Document mozilla vulnerabilities 
Reviewed by:	flo
 2014-02-04 21:19:13 +00:00
Ryan Steinmetz
4498e6478a - Add modified date to libyaml entry 2014-02-02 13:52:18 +00:00
Ryan Steinmetz
69d0952ada - Add libyaml to the libyaml vulnerability entry 2014-02-02 03:51:39 +00:00
Bryan Drewery
6f575a4072 - Document libyaml vulnerability in pkg 
Security:	CVE-2013-6393
 2014-02-01 20:53:19 +00:00
Emanuel Haupt
5f3a57aa59 Use the same URL as in blockquote. 
Submitted by:	remko
 2014-01-29 08:42:34 +00:00
Martin Wilke
78248c90c1 - Fix format 2014-01-29 08:22:56 +00:00
Emanuel Haupt
00017260bd Document socat vulnerability. 
Security:	CVE-2014-0019
 2014-01-29 07:53:48 +00:00
Carlo Strub
6ee542230d 2 new OTRS vulnerabilities 
Security:	CVE-2014-1471
 2014-01-28 22:29:12 +00:00
Matthew Seaman
0970b9204b rt42-4.2.1_3, which appears only on the 2014Q1 branch, should also be 
counted as not vulnerable.
 2014-01-27 23:10:10 +00:00
Rene Ladan
30a5132038 Document vulnerabilities in www/chromium < 32.0.1700.102 
Obtained from:	http://googlechromereleases.blogspot.nl/
 2014-01-27 23:01:11 +00:00
Matthew Seaman
71c9c356da Formatting fixes 
Submitted by:	remko
 2014-01-27 22:46:38 +00:00
Bernhard Froehlich
fc6750fe4f - Fix style for strongswan entry 
Reported by:	remko
 2014-01-27 21:08:45 +00:00
Matthew Seaman
baf0ccf5c5 vuxml entry concerning the recent security advisory about www/rt42 
from 4.2.0 to 4.2.2 inclusive.  This is slightly unusual in the the
fix is applied to a completely different port
mail/p5-Email-Address-List which www/rt42 depends on..

Security:	d1dfc4c7-8791-11e3-a371-6805ca0b3d42
 2014-01-27 20:44:52 +00:00
Bernhard Froehlich
6d38c4ccc3 - Fix typo in last entry 
Reported by:	bz
 2014-01-27 13:52:17 +00:00
Bernhard Froehlich
df0fed0b8a - Document multiple DoS vulnerabilities in strongswan 
Security:	CVE-2013-5018
Security:	CVE-2013-6075
Security:	CVE-2013-6076
 2014-01-27 13:31:45 +00:00
Kubilay Kocak
86d431b7f3 Document Varnish HTTP Cache < 3.0.5 DoS Vulnerability 
Reviewed by:	remko
 2014-01-25 09:24:38 +00:00
Eitan Adler
038bc3cf36 Update flash to 11.2r202.335 
Report security issues

PR:		ports/185790
Reported by:	Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>
 2014-01-24 05:05:36 +00:00
Remko Lodder
988c8629b6 Cleanup the HTMLDOC entry, long lines and remove the ... 
entries because I think it's not needed.  Also adjust
the previous entry by indenting correctly.

Hat:		secteam
Facilicated by:	Snow B.V.
 2014-01-23 10:03:33 +00:00
Matthias Andree
5ef4b9d0ad Document HTMLDOC < 1.8.28 vulnerability. 2014-01-22 23:51:10 +00:00
Bernhard Froehlich
0fe2d256ec Document virtualbox-ose vulnerabilities 
Security:	CVE-2013-5892
 2014-01-16 16:15:47 +00:00
Rene Ladan
8ecb19f477 Document new vulnerabilities in www/chromium < 32.0.1700.77 
Obtained from:	http://googlechromereleases.blogspot.nl/
MFH:		2014Q1
 2014-01-15 21:41:15 +00:00
Erwin Lansing
8c356b8ce8 Sort references 
Submitted by:	remko
 2014-01-15 08:48:46 +00:00
Erwin Lansing
f718e701be Document SA-13:07.bind 2014-01-15 08:36:23 +00:00
Remko Lodder
bcd0f52004 Fix the latest entry, it has many issues, make validate 
told us exactly what was wrong. I redid the entry and
just took out the ul/li structure and replaced it with
regular paragraphs. It might be worth investigating
to use the FreeBSD SA that got released because of this
as the main text, which is best suited imo.

Hat:	    secteam
 2014-01-14 21:15:10 +00:00
Cy Schubert
6c23bbf50a Mark net/ntp forbidden. 
Security:	CVE-2013-5211 / VU#348126
 2014-01-14 20:54:57 +00:00
Mathieu Arnold
c2e1cd79f8 Document the latest nagios vulnerability. 2014-01-14 14:16:13 +00:00
Mathieu Arnold
c39c3d4a40 Security update to fix CVE-2014-0591 as reported at 
https://kb.isc.org/article/AA-01078/74/

9.9.4 -> 9.9.4-P2
9.8.6 -> 9.8.6-P2
9.6-ESV-R10 -> 9.6-ESV-R10-P2

Security:	CVE-2014-0591 Remote DOS
 2014-01-13 17:38:28 +00:00
Niclas Zeising
b015a1fa41 Update libXfont to 1.4.7 
This is a security fix and it is important to update, since it might lead to
a privilege escalation if the X server is run as root (which is the default)

Security:	CVE-2013-6462
 2014-01-08 10:42:04 +00:00
Xin LI
7252c45230 Document OpenSSL 1.0.1e multiple vulnerabilities. 2014-01-06 23:55:38 +00:00
Remko Lodder
71891e35fe Correct ident for most recent entries. No functional changes. 
People, please be aware that we use the FreeBSD Documentation Primer
and that there are style rules we have to follow.  If you are in
doubt please consult me and I am more then willing to help.

Hat:	secteam
 2013-12-28 23:52:49 +00:00
Olli Hauer
9736101e02 - mark as FORBIDDEN (zero day SQL vuln) 
Security:	CVE-2013-7149
 2013-12-22 17:49:46 +00:00
Xin LI
bae0ef49b6 Cover gnupg1 ports/packages as well. 2013-12-19 07:45:41 +00:00
Xin LI
7f12df195a Apply vendor fix for CVE-2013-6422, cURL libcurl cert name check ignore 
with GnuTLS.  Document the vulnerability fix in vuxml while I'm here.
 2013-12-18 23:04:24 +00:00
Jun Kuriyama
67024f3f29 Add about gnupg-1.4.16. 2013-12-18 15:22:59 +00:00
Florian Smeets
3c17028e1f - document asterisk vulnerabilities 
- correctly order references [1]

Reported by:	remko [1]
 2013-12-17 23:26:26 +00:00
Florian Smeets
2a861f63a5 - update to 2.8.4 
- add stage support

Security:	3b86583a-66a7-11e3-868f-0025905a4771
 2013-12-16 23:37:23 +00:00
Xin LI
0ecbf31857 Document Zabbix agent remote command execution vulnerability. 2013-12-16 04:11:00 +00:00
Florian Smeets
6fbff9d8da Update to 5.3.28 
Security:	47b4e713-6513-11e3-868f-0025905a4771
 2013-12-14 23:30:36 +00:00
Florian Smeets
7efa77ad7c Update to nspr 4.10.2 
Update to nss 3.15.3.1
Update firefox-esr and thunderbird to 24.2.0
Update firefox to 26.0
Update seamonkey to 2.23

- catch up with directory renames since USES=webplugins was introduced;
  fixes plugins not being automatically enabled after install
- linux-firefox and linux-seamonkey can play HTML5 audio [2][3] and
  measure about:memory usage, again
- dom.ipc.plugins.enabled->true no longer crash linux-firefox which makes
  some flash sites work again; as there's no nspluginwrapper in-between
  the infamous "youtube issue" never occurs
- install DEBUG with symbols [3] and describe the option better [4]
- enable dumping about:memory upon kill -65, kill -66 and GC/CC log
  upon kill -67 to a file under /tmp directory; linux-firefox uses
  kill -34, kill -35 and kill -36 respectively

PR:		ports/183861 [1]
PR:		ports/184006 [2]
PR:		ports/169896 [3]
PR:		ports/184285 [3]
PR:		ports/184286 [4]
Security:	dd116b19-64b3-11e3-868f-0025905a4771
In collaboration with: Jan Beich <jbeich@tormail.org>
 2013-12-14 13:42:06 +00:00
Sunpoet Po-Chuan Hsieh
38ba327310 - Group affected packages 
- Sort CVE
- Fix indent

Notified by:	remko
 2013-12-10 19:45:12 +00:00
Timur I. Bakeyev
767e421d1a Add entry for net/samba* CVE-2012-6150 and CVE-2013-4408 2013-12-10 04:57:35 +00:00
Sunpoet Po-Chuan Hsieh
ce87faed91 - Document Rails vulnerability 2013-12-08 14:19:02 +00:00
Xin LI
03a36d917f Document drupal multiple vulnerabilities. 2013-12-06 00:38:50 +00:00
Rene Ladan
9d6e59c385 Document new vulnerabilities in www/chromium < 31.0.1650.63 
Obtained from:	http://googlechromereleases.blogspot.nl/
 2013-12-05 12:07:00 +00:00
Nicola Vitale
3604826cc9 - Document multiple XSS core vulnerabilities for Joomla! 
(2.5.0 <= version <= 2.5.14, 3.0.0 <= version <= 3.1.5)
 2013-12-05 00:00:11 +00:00