Josh Paetzel
|
63813e06f2
|
Fix security advsory with patches from Ubuntu project.
http://vuxml.FreeBSD.org/c444c8b7-7169-11de-9ab7-000c29a67389.html
PR: ports/136891
Submitted by: wxs@
Reviewed by: simon@
Approved by: itetcu@ (mentor)
|
2009-07-22 00:11:48 +00:00 |
|
Martin Wilke
|
f734ecf8f7
|
- Fix a typo
|
2009-07-17 10:18:29 +00:00 |
|
Martin Wilke
|
33a8225a03
|
- Document firefox35 -- corrupt JIT state after deep return from native function
|
2009-07-17 07:58:05 +00:00 |
|
Wesley Shields
|
cbf1427e69
|
- Document isc-dhcp*-client stack overflow.
|
2009-07-15 18:34:19 +00:00 |
|
Wesley Shields
|
c06a91a738
|
- Tweak nagios version information a bit for the command injection
vulnerability. Patches for net-mgmt/nagios and net-mgmt/nagios2 coming
shortly.
|
2009-07-14 03:17:16 +00:00 |
|
Martin Wilke
|
9df985b5c9
|
- Document drupal -- multiple vulnerabilities
Submitted by: Nick Hilliard (based on)
|
2009-07-13 19:01:16 +00:00 |
|
Beat Gaetzi
|
533fe41217
|
- Mark linux-firefox 3.0.11 and higher as safe
Approved by: secteam (miwi)
|
2009-07-12 13:51:05 +00:00 |
|
Wesley Shields
|
8356984ff1
|
- Document remote command execution in net-mgmt/nfsen
PR: ports/136070
Submitted by: Bjoern Engels <engels@openit.de>
|
2009-07-03 01:35:18 +00:00 |
|
Wesley Shields
|
fac77905ea
|
- Add syslog-ng package to the list of vulnerable versions for the chroot
vulnerability.
|
2009-07-02 20:38:11 +00:00 |
|
Wesley Shields
|
a8865f66e7
|
- Add newly created CVE for nagios command injection vulnerability.
- Add the other two nagios packages to the list.
- Add modified entry accordingly.
|
2009-07-01 13:01:54 +00:00 |
|
Xin LI
|
e9af760f31
|
Document phpMyAdmin XSS vulnerability
|
2009-06-30 19:10:50 +00:00 |
|
Wesley Shields
|
3067ed90db
|
- Document nagios command injection vulnerability.
|
2009-06-30 14:13:03 +00:00 |
|
Wesley Shields
|
b6b9a5d686
|
- s/secunia reports/Secnuia reports/
- Fix whitespace
Approved by: secteam (miwi)
|
2009-06-24 16:54:17 +00:00 |
|
Wesley Shields
|
e7283ad40f
|
- Document tor-devel DNS resolution issue.
PR: ports/135925
Submitted by: bf <bf1783@gmail.com>
|
2009-06-23 13:03:52 +00:00 |
|
Martin Wilke
|
92126df09b
|
- Document cscope -- multiple buffer overflows
PR: 135097
Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
|
2009-06-16 20:59:01 +00:00 |
|
Martin Wilke
|
f68da5472d
|
- Document cscope -- buffer overflow
PR: based on 135097
Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
|
2009-06-16 20:52:44 +00:00 |
|
Martin Wilke
|
68392d80b3
|
- Fix a typo from previous commit
|
2009-06-16 20:45:46 +00:00 |
|
Steven Kreuzer
|
39085497d6
|
Document joomla -- multiple vulnerabilities
Approved by: wxs (mentor)
|
2009-06-16 20:10:43 +00:00 |
|
Martin Wilke
|
4be3fc9402
|
- Document pidgin -- multiple vulnerabilities
PR: 135239 (based on)
Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
|
2009-06-16 20:04:12 +00:00 |
|
Wesley Shields
|
c3bcf48e3c
|
- Document git-daemon DoS.
|
2009-06-15 13:57:18 +00:00 |
|
Stanislav Sedov
|
8b9c58bfeb
|
- Fix the latest ruby entry: 1.9 branch is not vulnerable.
|
2009-06-12 22:46:49 +00:00 |
|
Stanislav Sedov
|
e1015ae668
|
- Document ruby denial of sevice vulnerability in BigDecimal.
|
2009-06-12 22:07:41 +00:00 |
|
Beat Gaetzi
|
eddbffdde0
|
- Fix firefox3 version in da185955-5738-11de-b857-000f20797ede
Approved by: miwi (secteam)
|
2009-06-12 15:40:32 +00:00 |
|
Beat Gaetzi
|
2f56593a56
|
- Document mozilla -- multiple vulnerabilities
Approved by: miwi (secteam)
|
2009-06-12 14:55:51 +00:00 |
|
Martin Wilke
|
3f3a90192e
|
- Add some more cve to the previous entry
|
2009-06-08 06:19:48 +00:00 |
|
Martin Wilke
|
0dfef0dc96
|
- Fix previous entry
|
2009-06-08 06:17:53 +00:00 |
|
Philip M. Gollucci
|
f2cbf700f5
|
Document DOS in apr-util xml(expat) processing
Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
|
2009-06-08 02:21:52 +00:00 |
|
Xin LI
|
ae85238100
|
Document dokuwiki local File Inclusion with register_globals on vulnerability.
|
2009-06-04 21:52:25 +00:00 |
|
Martin Wilke
|
d96e81e99d
|
- Document openssl -- denial of service in DTLS implementation
PR: based on 134653
Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
|
2009-05-30 20:53:22 +00:00 |
|
Martin Wilke
|
a44c7621be
|
- Document eggdrop -- denial of service vulnerability
|
2009-05-30 20:39:39 +00:00 |
|
Martin Wilke
|
814f13077d
|
- Document wireshark -- Denial of Service in the PCNFSD dissector
PR: 135061 (based on)
Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
|
2009-05-30 20:07:42 +00:00 |
|
Martin Wilke
|
5c8cac806f
|
- Add more infos for libsndfile entry
|
2009-05-30 19:23:40 +00:00 |
|
Martin Wilke
|
41dc7a6077
|
- Document libsndfile -- multiple vulnerabilities
|
2009-05-30 19:16:34 +00:00 |
|
Martin Wilke
|
308ba07507
|
- Document slim -- local disclosure of X authority magic cookie
|
2009-05-30 19:07:01 +00:00 |
|
Martin Wilke
|
f329d18870
|
- Cleanup previous entry
|
2009-05-23 10:50:53 +00:00 |
|
Simon L. B. Nielsen
|
5e1557a319
|
Unbreak file by removing double <vuxml> tag.
|
2009-05-23 09:15:36 +00:00 |
|
Cy Schubert
|
bd920c0ac1
|
Add CVE information for NTP stack overflow.
PR: 134755
Submitted by: Mark Foster <mark@foster.cc>
Security: CVE-2009-0159 and CVE-2009-1252
|
2009-05-23 04:37:10 +00:00 |
|
Martin Wilke
|
c2608ac5f0
|
- Fix 5ed2f96b-33b7-4863-8c6b-540d22344424
* Remove duplicte url
* Fix safe version
* Bump modified date
|
2009-05-22 16:34:03 +00:00 |
|
Martin Wilke
|
f467ce55e3
|
- Bump modified date for previous commit.
|
2009-05-22 16:08:21 +00:00 |
|
Wesley Shields
|
5e68f8ae80
|
- Add CVE information for nsd overflow.
- s/over flow/overflow/ for the same entry.
Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru> (private mail)
|
2009-05-22 13:15:21 +00:00 |
|
Pav Lucistnik
|
9899774e29
|
- Document imap-uw -- University of Washington IMAP c-client Remote Format
String Vulnerability (submitted back in Feb 2009)
PR: ports/131939
Submitted by: Mark Foster <mark@foster.cc>
|
2009-05-21 15:30:42 +00:00 |
|
Wesley Shields
|
220669d25e
|
- Document dns/nsd and dns/nsd2 one-byte overflow (both are already fixed
in ports). Still need a CVE entry but there is not one assigned yet.
|
2009-05-19 17:20:20 +00:00 |
|
MANTANI Nobutaka
|
d493a6f1ed
|
Add entries of libxine vulnerabilities fixed in version 1.1.16.2 and 1.1.16.3.
PR: ports/132593
Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
|
2009-05-17 15:05:19 +00:00 |
|
Martin Wilke
|
097bafc1e7
|
- Document php -- ini database truncation inside dba_replace() function
PR: 129459 (based on)
Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
|
2009-05-16 20:36:16 +00:00 |
|
Martin Wilke
|
01f42e27a8
|
- Document libwmf -- embedded GD library Use-After-Free vulnerability
PR: based on 134246
|
2009-05-16 20:09:00 +00:00 |
|
Martin Wilke
|
f6dd9cbc9b
|
- Document libwmf -- Integer Overflow Vulnerability
PR: based on 134246
|
2009-05-16 19:59:44 +00:00 |
|
Martin Wilke
|
acebb5d2e2
|
- Document moinmoin -- cross-site scripting vulnerabilities
|
2009-05-16 13:01:25 +00:00 |
|
Martin Wilke
|
c4be440ddc
|
- Rework previus entry
|
2009-05-16 12:51:24 +00:00 |
|
Philip M. Gollucci
|
0106bcc5ac
|
- Document mod_perl -- cross site scripting in Apache::Status
|
2009-05-16 01:32:36 +00:00 |
|
Martin Wilke
|
3a14205924
|
- Small cleanup
* fix spelling
* fix tabs/whitespaces
* add more references to the latest drual entry
|
2009-05-16 00:44:25 +00:00 |
|