kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
167535 commits 42 branches 80 tags 2.7 GiB
Commit graph

1273 commits

Author SHA1 Message Date
Simon L. B. Nielsen
eb234d6906 Unbreak file by using & in w3m entry. 
Pointy hat to:	nobutaka
Reported by:	Philipp Wuensche
 2007-01-03 17:21:43 +00:00
MANTANI Nobutaka
c74b009205 Document a format string vulnerability of w3m. 2007-01-02 14:12:36 +00:00
Gabor Kovesdan
715b3a3892 - Document www/plone vulnerability 
Reviewed by:	simon
Approved by:	erwin (mentor)
 2006-12-27 16:37:14 +00:00
Gabor Kovesdan
752d0d7e20 - Update the www/zope entry to indicate it is fixed now 
PR:		ports/106505
Submitted by:	HAYASHI Yasushi <yasi@yasi.to>
Reviewed by:	simon
Approved by:	erwin (mentor)
 2006-12-27 16:31:49 +00:00
Xin LI
19b7b6acd9 phpbb -- NULL byte injection vulnerability has been fixed in 
their 2.0.22, so mark it as safe.  Update to the port is pending.
 2006-12-24 13:57:28 +00:00
Xin LI
8e71f63b82 Add an entry for recently fixed proftpd remote code execution 
vulnerabilities.

Reviewed by:	remoko
 2006-12-21 06:52:08 +00:00
Remko Lodder
373768fc69 Document gzip -- multiple vulnerabilities, this is FreeBSD-SA06:21.gzip 2006-12-19 20:33:36 +00:00
Remko Lodder
40cb2123ed Document bind9 -- Denial of Service in named(8) which is also known 
as FreeBSD-SA-06:20.bind

Notice: The previous commit was FreeBSD-SA-06:19.openssl
 2006-12-19 20:16:39 +00:00
Remko Lodder
14e0b3487c Document openssl -- Incorrect PKCS#1 v1.5 padding validation in crypto(3) 2006-12-19 20:02:47 +00:00
Lars Thegler
bca80761c2 sql-ledger -- multiple vulnerabilities 
Reviewed by:	remko
 2006-12-19 14:46:14 +00:00
Remko Lodder
0348c27bd6 Update several entries, making them a bit clearer (Were possible), 
adjusting some package names, and collapsing some ruby entries that
can be combined. Also properly sort the <bid> and <cvename> tags.
b comes before c.
 2006-12-15 19:47:28 +00:00
Joe Marcus Clarke
8d65fd893b Document the recent D-BUS vulnerability as described by CVE-2006-6107. 
Submitted by:	mnag
 2006-12-14 20:35:49 +00:00
Marcus Alves Grando
95d8e88a08 - evince -- Buffer Overflow Vulnerability 2006-12-14 19:27:02 +00:00
Marcus Alves Grando
a49e6fe467 - Change spaces to tabs in <name> and <range> 
- Remove some empty lines
- Respect 2 spaces between <body> and <p>
- Respect empty line between <vuln vid=""> entry.
 2006-12-14 13:44:03 +00:00
Martin Wilke
f111794785 tDiary - Injection Vulnerability 2006-12-13 22:56:31 +00:00
Marcus Alves Grando
b886db4ca4 - wv -- Multiple Integer Overflow Vulnerabilities 2006-12-13 12:44:56 +00:00
Marcus Alves Grando
68ee2dd59c - wv2 -- Integer Overflow Vulnerability 2006-12-13 12:37:17 +00:00
Martin Wilke
5eb6ed944b - Fix tnftpd entry (made validate happy) 2006-12-13 07:04:45 +00:00
Martin Wilke
ca203d6193 tnftpd - remote root exploit 
Reviewed by:	simon
Approved by:	secteam
 2006-12-13 06:42:52 +00:00
Marcus Alves Grando
d4ace0bd8c - clamav -- Multipart Nestings Denial of Service 2006-12-12 20:51:24 +00:00
Remko Lodder
541ec22424 Rewrite the libxine entry: 
o Use the FDP style to fill in the entry.
o Remove the secunia references and use the libxine information.
o Properly sort the references section
o Add the modified tag (since I changed it).
 2006-12-09 09:36:27 +00:00
MANTANI Nobutaka
bc3d9e0555 Add an entry for libxine multiple buffer overflow vulnerabilities. 2006-12-07 17:50:38 +00:00
Marcus Alves Grando
008c85bd7c - Ok. gnupg-devel are not affected. 2006-12-07 12:37:00 +00:00
Marcus Alves Grando
9202712b3d - Add gnupg-devel package in last entry 
- Add secunia reference in las entry
 2006-12-07 12:24:17 +00:00
Vasil Dimov
594a33c75e * Fix typo in the latest GnuPG entry, inherited from the original message 
* Fix the URL in references, the former one gives 404 Not found.
  Kuriyama, where did you get it from?
 2006-12-07 08:54:53 +00:00
Jun Kuriyama
30e33d812c Add CVE-2006-6235 entry for GnuPG. 2006-12-07 00:35:32 +00:00
Stanislav Sedov
db15259e79 - Add a modified field for the entry, touched by the previous commit 2006-12-04 21:25:32 +00:00
Stanislav Sedov
08728070d8 - List all affected packages for the Novermber ruby cgi DOS vulnerability 
- This vulnerability was not fixed in ruby_static
 2006-12-04 21:16:19 +00:00
Stanislav Sedov
b282cfc206 - Documenet ruby cgi library vulnerability 2006-12-04 21:10:08 +00:00
Stanislav Sedov
3c2d316499 - Document buffer overflow vulnerabilities in the libmusicbrainz. 2006-12-03 07:59:38 +00:00
Simon L. B. Nielsen
ceb0e95ffc Fix markup in last entry so the file is valid XML again. 
Pointy hat to:	simon
 2006-12-02 16:06:27 +00:00
Martin Wilke
a1b2e1fd62 - Add a entry for www/tDiary, www/tDiary-devel 
Reviewed by:    simon
 2006-12-02 15:09:58 +00:00
Stanislav Sedov
8859ff651e - Document the SGI Image File heap overflow vulnerability in ImageMagick 2006-12-02 11:41:49 +00:00
Christian Weisgerber
8ba6afd880 Document "gtar -- GNUTYPE_NAMES directory traversal vulnerability". 2006-11-30 20:33:54 +00:00
Shaun Amott
87f1a258e0 Document 'kronolith -- arbitrary local file inclusion vulnerability' 2006-11-30 00:32:58 +00:00
Simon L. B. Nielsen
3b41816b26 In latest gnupg entry: 
- Use "Werner Koch reports" instead of "Author reports" to follow
  normal style in vuln.xml.
- Fix some indentation and markup in body.
 2006-11-28 13:45:13 +00:00
Jun Kuriyama
a8f2223ca7 Add recent gnupg one. 2006-11-28 05:57:34 +00:00
Shaun Amott
f603f189ce Add <modified> tag to previous proftpd entry. 
Requested by:	remko
 2006-11-21 00:27:26 +00:00
Shaun Amott
a590b077b0 Add proftpd-mysql to the previous entry. 2006-11-15 14:40:09 +00:00
Shaun Amott
ed13cdbb3e Document "proftpd -- Remote Code Execution Vulnerability". 2006-11-14 23:25:19 +00:00
Xin LI
dc6c502dcc The Command Injection Vulnerability was corrected by awstats 6.5_2,1. 
Submitted by:	Alex Samorukov
PR:		ports/105233
 2006-11-14 16:57:17 +00:00
Emanuel Haupt
05d6ef1808 Add archivers/unzoo Directory Traversal Vulnerability. 
Reviewed by:	simon
 2006-11-14 08:35:07 +00:00
Simon L. B. Nielsen
4907ff8ace Add bugzilla -- multiple vulnerabilities entry. 
Update earleir bugzilla entry with better topic, add ja-bugzilla as
also potentially vulnerable (thought the version currently in
ja-bugzilla isn't), and add more references.
 2006-11-11 15:56:04 +00:00
Remko Lodder
b9cd072fa2 Add cvs+ipv6 to the cvsbug to the vulnerability. 
PR:			ports/104638
Submitted by:		KIMURA Yasuhiro <yasu at utahime dot org>
 2006-11-08 19:32:32 +00:00
Stanislav Sedov
ed5d8425fb - Document recent vulerabilties in the imlib2. 2006-11-08 17:13:43 +00:00
Stanislav Sedov
d3c05bae82 - Document recent vulnerability in the ruby CGI library. 
Reviewed by:	simon
 2006-11-04 21:09:18 +00:00
Dirk Meyer
9e3d5c3229 - pgp < 3.0 and pgpin does not support OpenPGP format 
no user given symetric key encryption
Submitted by:	dinoex
 2006-11-03 05:27:01 +00:00
Simon L. B. Nielsen
7f62fb4e28 The latest couple of firefox vulnerabilities should be fixed in the 
2.0 release, so mark 2.0 as fixed.

Prodded by:	ahze
 2006-11-02 06:33:00 +00:00
Lev A. Serebryakov
ce9664cb9a ru-apache and ru-apacvhe+mod_ssl were fixed. 2006-11-01 13:15:16 +00:00
Vasil Dimov
4d81bd32df Add a <modified> tag with the current date to reflect my previous change. 
I knew I should ask someone before committing, however trivial was the change.

Spotted by:	remko
Approved by:	portmgr (implicit)
 2006-10-30 07:34:06 +00:00