security/vuxml: Add grafana vulnerabilities

 * CVE-2025-2703 - DOM XSS vulnerability (Medium)
 * CVE-2025-3260 - Bypass Viewer and Editor permission (High)
 * CVE-2025-3454 - Authorization bypass in data source proxy API (Medium)

PR:		286323
Reported by:	Boris Korzun <drtr0jan@yandex.ru

security/vuxml: Document DoS vulnerability in redis and valkey

security/vuxml: document gitlab vulnerabilities

security/vuxml: add www/*chromium < 135.0.7049.114

Obtained
from:	https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_22.html

security/vuxml: Add multimedia/navidrome CVE-2025-27112

security/vuxml: Add lang/erlang* vulnerabilities

CVE-2025-32433

Reported by:	Stefan Grundmann <sg@ennead.xyz>

security/vuxml: Document ejabberd vulnerability

security/vuxml: add www/*chromium < 135.0.7049.95

Obtained
from:	https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_15.html

security/vuxml: Add perl vulnerability

 * CVE-2024-56406

security/vuxml: Complete suricata entries

Add details for suricata vulnerabilities that were not disclosed at the time of
adding the entry.

Fixes:	dedae0ab7185

security/vuxml: Fix spelling mistakes

security/vuxml: add www/*chromium < 135.0.7049.84

Obtained
from:	https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_8.html

security/vuxml: add gogs vulnerabilities

 * CVE-2024-39930
 * CVE-2024-39931
 * CVE-2024-39932
 * CVE-2024-39933
 * CVE-2024-44625

PR:	280241

security/vuxml: Document net-im/py-matrix-synapse vulnerability

PR:		285773

security/vuxml: Add Mozilla vulnerabilities

 * CVE-2024-11704
 * CVE-2024-11706

security/vuxml: Document Jenkins Security Advisory 2025-04-02

Sponsored by:	The FreeBSD Foundation

security/vuxml: document gitlab vulnerabilities

security/vuxml: document CVE-2024-8176 (expat)

The textproc/expat2 port was already updated by diizzy@ on 25 March.
See commit a627ba49b6691cb8baf545c0d9b841458fb00859.

security/vuxml: Add Mozilla vulnerabilities

 * CVE-2025-3028
 * CVE-2025-3029
 * CVE-2025-3030
 * CVE-2025-3031
 * CVE-2025-3032
 * CVE-2025-3033
 * CVE-2025-3034

security/vuxml: add www/*chromium < 135.0.7049.52

Obtained
from:	https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html

security/vuxml: Mozilla vulnerabilities

 * CVE-2025-0237
 * CVE-2025-0238
 * CVE-2025-0239
 * CVE-2025-0240
 * CVE-2025-0241
 * CVE-2025-0242
 * CVE-2025-0243
 * CVE-2025-0245
 * CVE-2025-0247

security/vuxml: Add librewolf to recent vulns

Fixes: 5cf86187 14b335cd

security/vuxml: Mozilla multiple vulnerabilities

 * CVE-2025-1931
 * CVE-2025-1933
 * CVE-2025-1934
 * CVE-2025-1935
 * CVE-2025-1937
 * CVE-2025-1938
 * CVE-2025-1943

security/vuxml: Add mongodb multiple vulnerabilities

 * CVE-2022-3085
 * CVE-2025-3083
 * CVE-2025-3084

security/vuxml: add openvpn<2.6.14 server DoS vuln

Security:       2cad4541-0f5b-11f0-89f8-411aefea0df9
Security:       CVE-2025-2704

security/vuxml: Fix firefox{-esr} version numbers

Fixes:	5f6d70f7ea52fb12b29ca098afa148441aa93df3

security/vuxml: Add gitea vulnerabilities

 * CVE-2025-30204
 * CVE-2025-29923
 * CVE-2025-22870

PR:	285727

security/vuxml: Add firefox derivative

security/vuxml: Add Mozilla vulnerabilities

Affects firefox, fireforx-esr, thunderbird

 * CVE-2025-1942
 * CVE-2025-1941
 * CVE-2025-1932
 * CVE-2025-27424

security/vuxml: Add suricata multiple vulnerabilities

No details have been published yet.

 * CVE-2025-29915: HIGH
 * CVE-2025-29916: Moderate
 * CVE-2025-29917: HIGH
 * CVE-2025-29918: HIGH

PR:	285574

security/vuxml: security/vuxml: Add www/qt6-webengine < 6.8.3

Also add print/qt6-pdf, since PDFium is involved this time.

security/vuxml: document electron{33,34} incorrect handle provided in
unspecified circumstances in Mojo

Obtained from:	https://github.com/electron/electron/releases/tag/v33.4.8,
		https://github.com/electron/electron/releases/tag/v34.4.1

security/vuxml: document gitlab vulnerabilities

security/vuxml: document electron{33,34} type confusion in V8

Obtained from:	https://github.com/electron/electron/releases/tag/v33.4.6,
		https://github.com/electron/electron/releases/tag/v34.3.4

security/vuxml: Add www/qt5-webengine < 5.15.18p7

security/vuxml: Add Varnish Cache vulnerability

security/vuxml: add www/*chromium < 134.0.6998.117

Obtained
from:	https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_19.html

security/vuxml: Document PHP vulnerabilities

PR:		285386

security/vuxml: Add security information about opensaml/shibboleth-sp

security/vuxml: document gitlab vulnerabilities

security/vuxml: Fix 9cf03c96-ffa5-11ef-bb15-002590af0794 entry

vuxml build:

```
Application exception:
bad CVE name for vid 9cf03c96-ffa5-11ef-bb15-002590af0794: GHSA-693p-m996-3rmf
@ho:215
```

Fixes:	90289c6eaa01 vuxml: Document vim vulnerability
Sponsored by:	The FreeBSD Foundation

vuxml: Document vim vulnerability

security/vuxml: add www/*chromium < 134.0.6998.88

Obtained
from:	https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html

security/vuxml: libreoffice macro URL arbitrary script execution

security/vuxml: Add vim* shell commands execution

security/vuxml: Update recent OpenSSH entry to include port

security/vuxml: document electron33 multiple vulnerabilities

Obtained from:	https://github.com/electron/electron/releases/tag/v33.4.3

security/vuxml: document electron32 multiple vulnerabilities

Obtained from:	https://github.com/electron/electron/releases/tag/v32.3.3

security/vuxml: add devel/py-Jinja2 <= 3.1.5

security/vuxml: Document recent xorg-server and xwayland vulnerabilities

Sponsored by:   Beckhoff Automation GmbH & Co. KG

security/vuxml: Add security/caldera and security/caldera4 vulnerabilities

Obtained from:	https://github.com/mitre/caldera/pull/3129

security/vuxml: Document Jenkins Security Advisory 2025-03-05

Sponsored by:	The FreeBSD Foundation

security/vuxml: Add audio/py-spotify <= 2.24.0

security/vuxml: add www/*chromium < 134.0.6998.35

Obtained
from:	https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html

security/vuxml: document electron{32,33} multiple vulnerabilities

Obtained from:	https://github.com/electron/electron/releases/tag/v32.3.2,
		https://github.com/electron/electron/releases/tag/v33.4.2

security/vuxml: document unit* vulnerabilities

security/vuxml: Fix entry

Add missing </p> tag.

Reported by:	dan@langille.org
Fixes:		003195a3c754204bc61aaa39fea85fd62004b014

vuxml: Document vim code execution

security/vuxml: document gitlab vulnerabilities

security/vuxml: add www/*chromium < 133.0.6943.141

Obtained
from:	https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_25.html

security/vuxml: Update affected versions for recent Emacs entry

For entry e60e538f-e795-4a00-b475-cc85a7546e00, even though
CVE-2025-1244 was created recently, the workaround was committed to the
upstream master branch much earlier.

https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=820f0793f0b46448928905552726c1f1b999062f

After confirming details with an upstream developer, update the affected
editors/emacs-devel package versions.

Sponsored by:	The FreeBSD Foundation

security/vuxml: Add <= 0.28.0 exiv2 < 0.28.4

Add Med 5.3 CVE-2025-26623 for graphics/exiv2
https://github.com/Exiv2/exiv2/security/advisories/GHSA-38h4-fx85-qcx7

security/vuxml: Add entries for Emacs CVE-2024-53920 and CVE-2025-1244

Security:	CVE-2024-53920
Security:	CVE-2025-1244
Sponsored by:	The FreeBSD Foundation

security/vuxml: Add exim SQL injection vulnerability

CVE-2025-26794

 * Base Score:	7.5 HIGH
 * Vector:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

security/vuxml: add FreeBSD SA issued on 2025-02-21

FreeBSD-SA-25:05.openssh affects all supported versions of FreeBSD

security/vuxml: add www/*chromium < 133.0.6943.126

Obtained
from:	https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop.html
Obtained
from:	https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_12.html
Obtained
from:	https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html

security/vuxml: document vscode multiple vulnerabilities

Obtained from:	https://github.com/microsoft/vscode/releases/tag/1.97.1

security/vuxml: Document vulnerability in security/openvpn-auth-ldap

security/vuln: Add entry for PostgreSQL

security/vuxml: document gitlab vulnerabilities

security/vuxml: Document new Intel CPU vulnerabilities

Intel has disclosed new CPU vulnerabilities in the release notes for
microcode-20250211.

Reference:	https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250211
Security:	CVE-2024-31068
Security:	CVE-2024-36293
Security:	CVE-2023-43758
Security:	CVE-2024-39355
Security:	CVE-2024-37020
Sponsored by:	The FreeBSD Foundation

security/vuxml: Document OpenSSL 3.2+ vuln

security/vuxml: Entries for mozilla products

CVE-2025-10{09,10,11,12,13,14,15,16,17,18,19,20}

security/vuxml: Document MariaDB InnoDB vuln

security/vuxml: Add graphics/libcaca < 0.99.b20

security/vuxml: add entry for net-mgmt/cacti < 1.2.29

security/vuxml: document www/nginx* vulnerability

security/vuxml: Add www/qt6-webengine < 6.8.2

security/vuxml: Update entries for redis and valkey

Add affected range for redis-devel package.

security/vuxml: add www/*chromium < 132.0.6834.159

Obtained
from:	https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_28.html

security/vaultwarden: Security update to 1.33.0

Also added CVE IDs to security/vuxml vaulwarden entry.

PR:		 284399
Reported by:	 foudfou

security/vuxml: Document net-im/dendrite vulneraability

security/vuxml: add FreeBSD SAs issued on 2025-01-29

FreeBSD-SA-25:01.openssh affects FreeBSD 14.1
FreeBSD-SA-25:02.fs affects all supported versions of FreeBSD
FreeBSD-SA-25:03.etcupdate affects all supported versions of FreeBSD
FreeBSD-SA-25:04.ktrace affects FreeBSD 14.2

security/vuxml: fix whitespace errors in recent oauth2-proxy entry

Turn some spaces into tabs to make `make validate` happy.  The errors
were introduced in ab5f837462e075723c1be8573d178751b2ba2ede earlier
today.

Pointy hat to:	rm

security/vuxml: add www/oauth2-proxy < 7.8.0 entry

PR:		284059
Reported by:	Matthias Wolf <freebsd@rheinwolf.de>

security/vaultwarden: Register <= 1.32.7 vulns

security/vuxml: add www/*chromium < 132.0.6834.110

Obtained
from:	https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_22.html
Obtained
from:	https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html

security/vuxml: document electron32 multiple vulnerabilities

Obtained from:	https://github.com/electron/electron/releases/tag/v32.3.0

security/vuxml: document electron33 multiple vulnerabilities

Obtained from:	https://github.com/electron/electron/releases/tag/v33.3.2

security/vuxml: document gitlab vulnerabilities

security/vuxml: Document possbile denial-of-service vulnerability in clamav

security/vuxml: document electron32 type confusion in v8 vulnerability

Obtained from:	https://github.com/electron/electron/releases/tag/v32.2.8

security/vuxml: Document lang/go* vulnerabilities

PR:		284181

security/vuxml: document electron31 multiple vulnerabilities

Obtained from:	https://github.com/electron/electron/releases/tag/v31.7.7

security/vuxml: Document age arbitrary binary execution vulnerability.

security/vuxml: mention security/openvpn username/password length bugfix of
v2.6.13

I am not aware of a CVE number yet.

Security:	47bc292a-d472-11ef-aaab-7d43732cb6f5

security/vuxml: Fix entry 163edccf-d2ba-11ef-b10e-589cfc10a551

Fixes:	e39886d24184 security/vuxml: add net/rsync vulnerabilities
Sponsored by:	The FreeBSD Foundation

security/vuxml: add net/rsync vulnerabilities

security/vuxml: Update 2025-01-13 keycloak entry to fix `make validate`

Reported by:	garga
Sponsored by:	The FreeBSD Foundation

security/vuxml: Add devel/git vulnerabilities

Sponsored by:	Rubicon Communications, LLC ("Netgate")