Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
Commit | Credits | Log message |
1.1_6 07 Apr 2025 16:09:12
    |
Fernando Apesteguía (fernape)  |
security/vuxml: Add Mozilla vulnerabilities
* CVE-2025-3028
* CVE-2025-3029
* CVE-2025-3030
* CVE-2025-3031
* CVE-2025-3032
* CVE-2025-3033
* CVE-2025-3034 |
1.1_6 05 Apr 2025 13:57:37
    |
Robert Nagy (rnagy)  |
security/vuxml: add www/*chromium < 135.0.7049.52
Obtained
from: https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html |
1.1_6 04 Apr 2025 16:43:19
    |
Fernando Apesteguía (fernape)  |
security/vuxml: Mozilla vulnerabilities
* CVE-2025-0237
* CVE-2025-0238
* CVE-2025-0239
* CVE-2025-0240
* CVE-2025-0241
* CVE-2025-0242
* CVE-2025-0243
* CVE-2025-0245
* CVE-2025-0247 |
1.1_6 04 Apr 2025 10:01:22
    |
Fernando Apesteguía (fernape)  |
security/vuxml: Add librewolf to recent vulns
Fixes: 5cf86187 14b335cd |
1.1_6 03 Apr 2025 16:04:10
    |
Fernando Apesteguía (fernape)  |
security/vuxml: Mozilla multiple vulnerabilities
* CVE-2025-1931
* CVE-2025-1933
* CVE-2025-1934
* CVE-2025-1935
* CVE-2025-1937
* CVE-2025-1938
* CVE-2025-1943 |
1.1_6 03 Apr 2025 11:59:49
    |
Fernando Apesteguía (fernape)  |
security/vuxml: Add mongodb multiple vulnerabilities
* CVE-2022-3085
* CVE-2025-3083
* CVE-2025-3084 |
1.1_6 02 Apr 2025 19:22:24
    |
Matthias Andree (mandree)  |
security/vuxml: add openvpn<2.6.14 server DoS vuln
Security: 2cad4541-0f5b-11f0-89f8-411aefea0df9
Security: CVE-2025-2704 |
1.1_6 31 Mar 2025 16:40:30
    |
Fernando Apesteguía (fernape)  |
security/vuxml: Fix firefox{-esr} version numbers
Fixes: 5f6d70f7ea52fb12b29ca098afa148441aa93df3 |
1.1_6 31 Mar 2025 16:37:07
    |
Fernando Apesteguía (fernape)  |
security/vuxml: Add gitea vulnerabilities
* CVE-2025-30204
* CVE-2025-29923
* CVE-2025-22870
PR: 285727 |
1.1_6 30 Mar 2025 17:08:19
    |
Fernando Apesteguía (fernape)  |
security/vuxml: Add firefox derivative |
1.1_6 30 Mar 2025 16:51:16
    |
Fernando Apesteguía (fernape)  |
security/vuxml: Add Mozilla vulnerabilities
Affects firefox, fireforx-esr, thunderbird
* CVE-2025-1942
* CVE-2025-1941
* CVE-2025-1932
* CVE-2025-27424 |
1.1_6 30 Mar 2025 12:25:03
    |
Fernando Apesteguía (fernape)  |
security/vuxml: Add suricata multiple vulnerabilities
No details have been published yet.
* CVE-2025-29915: HIGH
* CVE-2025-29916: Moderate
* CVE-2025-29917: HIGH
* CVE-2025-29918: HIGH
PR: 285574 |
1.1_6 29 Mar 2025 07:35:22
    |
Jason E. Hale (jhale)  |
security/vuxml: security/vuxml: Add www/qt6-webengine < 6.8.3
Also add print/qt6-pdf, since PDFium is involved this time. |
1.1_6 28 Mar 2025 12:01:07
    |
Hiroki Tagato (tagattie)  |
security/vuxml: document electron{33,34} incorrect handle provided in
unspecified circumstances in Mojo
Obtained from: https://github.com/electron/electron/releases/tag/v33.4.8,
https://github.com/electron/electron/releases/tag/v34.4.1 |
1.1_6 26 Mar 2025 18:04:36
    |
Matthias Fechner (mfechner)  |
security/vuxml: document gitlab vulnerabilities |
1.1_6 25 Mar 2025 12:14:46
    |
Hiroki Tagato (tagattie)  |
security/vuxml: document electron{33,34} type confusion in V8
Obtained from: https://github.com/electron/electron/releases/tag/v33.4.6,
https://github.com/electron/electron/releases/tag/v34.3.4 |
1.1_6 23 Mar 2025 09:22:44
    |
Jason E. Hale (jhale)  |
security/vuxml: Add www/qt5-webengine < 5.15.18p7 |
1.1_6 22 Mar 2025 12:06:16
    |
Danilo G. Baio (dbaio)  |
security/vuxml: Add Varnish Cache vulnerability |
1.1_6 20 Mar 2025 07:50:33
    |
Robert Nagy (rnagy)  |
security/vuxml: add www/*chromium < 134.0.6998.117
Obtained
from: https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_19.html |
1.1_6 14 Mar 2025 07:55:44
    |
Muhammad Moinur Rahman (bofh)  Author: Christos Chatzaras |
security/vuxml: Document PHP vulnerabilities
PR: 285386 |
1.1_6 13 Mar 2025 23:41:04
    |
Palle Girgensohn (girgen)  |
security/vuxml: Add security information about opensaml/shibboleth-sp |
1.1_6 13 Mar 2025 06:42:34
    |
Matthias Fechner (mfechner)  |
security/vuxml: document gitlab vulnerabilities |
1.1_6 13 Mar 2025 05:02:24
    |
Li-Wen Hsu (lwhsu)  |
security/vuxml: Fix 9cf03c96-ffa5-11ef-bb15-002590af0794 entry
vuxml build:
```
Application exception:
bad CVE name for vid 9cf03c96-ffa5-11ef-bb15-002590af0794: GHSA-693p-m996-3rmf
@ho:215
```
Fixes: 90289c6eaa01 vuxml: Document vim vulnerability
Sponsored by: The FreeBSD Foundation |
1.1_6 13 Mar 2025 01:00:48
    |
Adam Weinberger (adamw)  |
vuxml: Document vim vulnerability |
1.1_6 11 Mar 2025 08:49:31
    |
Robert Nagy (rnagy)  |
security/vuxml: add www/*chromium < 134.0.6998.88
Obtained
from: https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html |
1.1_6 10 Mar 2025 18:23:10
    |
Fernando Apesteguía (fernape)  |
security/vuxml: libreoffice macro URL arbitrary script execution |
1.1_6 10 Mar 2025 17:54:58
    |
Fernando Apesteguía (fernape)  |
security/vuxml: Add vim* shell commands execution |
1.1_6 08 Mar 2025 18:16:12
    |
Bryan Drewery (bdrewery)  |
security/vuxml: Update recent OpenSSH entry to include port |
1.1_6 08 Mar 2025 14:30:45
    |
Hiroki Tagato (tagattie)  |
security/vuxml: document electron33 multiple vulnerabilities
Obtained from: https://github.com/electron/electron/releases/tag/v33.4.3 |
1.1_6 07 Mar 2025 19:44:34
    |
Hiroki Tagato (tagattie)  |
security/vuxml: document electron32 multiple vulnerabilities
Obtained from: https://github.com/electron/electron/releases/tag/v32.3.3 |
1.1_6 06 Mar 2025 09:44:04
    |
Nicola Vitale (nivit)  |
security/vuxml: add devel/py-Jinja2 <= 3.1.5 |
1.1_6 06 Mar 2025 08:24:22
    |
Emmanuel Vadot (manu)  |
security/vuxml: Document recent xorg-server and xwayland vulnerabilities
Sponsored by: Beckhoff Automation GmbH & Co. KG |
1.1_6 06 Mar 2025 05:30:10
    |
Jose Alonso Cardenas Marquez (acm)  |
security/vuxml: Add security/caldera and security/caldera4 vulnerabilities
Obtained from: https://github.com/mitre/caldera/pull/3129 |
1.1_6 05 Mar 2025 19:42:46
    |
Li-Wen Hsu (lwhsu)  |
security/vuxml: Document Jenkins Security Advisory 2025-03-05
Sponsored by: The FreeBSD Foundation |
1.1_6 05 Mar 2025 08:52:57
    |
Nicola Vitale (nivit)  |
security/vuxml: Add audio/py-spotify <= 2.24.0 |
1.1_6 05 Mar 2025 08:01:48
    |
Robert Nagy (rnagy)  |
security/vuxml: add www/*chromium < 134.0.6998.35
Obtained
from: https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html |
1.1_6 04 Mar 2025 09:47:40
    |
Hiroki Tagato (tagattie)  |
security/vuxml: document electron{32,33} multiple vulnerabilities
Obtained from: https://github.com/electron/electron/releases/tag/v32.3.2,
https://github.com/electron/electron/releases/tag/v33.4.2 |
1.1_6 03 Mar 2025 18:25:47
    |
Sergey A. Osokin (osa)  |
security/vuxml: document unit* vulnerabilities |
1.1_6 03 Mar 2025 12:49:53
    |
Fernando Apesteguía (fernape)  |
security/vuxml: Fix entry
Add missing </p> tag.
Reported by: dan@langille.org
Fixes: 003195a3c754204bc61aaa39fea85fd62004b014 |
1.1_6 03 Mar 2025 04:45:48
    |
Adam Weinberger (adamw)  |
vuxml: Document vim code execution |
1.1_6 28 Feb 2025 04:20:04
    |
Matthias Fechner (mfechner)  |
security/vuxml: document gitlab vulnerabilities |
1.1_6 27 Feb 2025 12:31:43
    |
Robert Nagy (rnagy)  |
security/vuxml: add www/*chromium < 133.0.6943.141
Obtained
from: https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_25.html |
1.1_6 25 Feb 2025 13:04:58
    |
Joseph Mingrone (jrm)  |
security/vuxml: Update affected versions for recent Emacs entry
For entry e60e538f-e795-4a00-b475-cc85a7546e00, even though
CVE-2025-1244 was created recently, the workaround was committed to the
upstream master branch much earlier.
https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=820f0793f0b46448928905552726c1f1b999062f
After confirming details with an upstream developer, update the affected
editors/emacs-devel package versions.
Sponsored by: The FreeBSD Foundation |
1.1_6 25 Feb 2025 03:02:46
    |
Jason E. Hale (jhale)  |
security/vuxml: Add <= 0.28.0 exiv2 < 0.28.4
Add Med 5.3 CVE-2025-26623 for graphics/exiv2
https://github.com/Exiv2/exiv2/security/advisories/GHSA-38h4-fx85-qcx7 |
1.1_6 24 Feb 2025 16:57:48
    |
Joseph Mingrone (jrm)  |
security/vuxml: Add entries for Emacs CVE-2024-53920 and CVE-2025-1244
Security: CVE-2024-53920
Security: CVE-2025-1244
Sponsored by: The FreeBSD Foundation |
1.1_6 24 Feb 2025 10:23:02
    |
Fernando Apesteguía (fernape)  |
security/vuxml: Add exim SQL injection vulnerability
CVE-2025-26794
* Base Score: 7.5 HIGH
* Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.1_6 24 Feb 2025 04:36:10
    |
Philip Paeps (philip)  |
security/vuxml: add FreeBSD SA issued on 2025-02-21
FreeBSD-SA-25:05.openssh affects all supported versions of FreeBSD |
1.1_6 20 Feb 2025 09:41:27
    |
Robert Nagy (rnagy)  |
security/vuxml: add www/*chromium < 133.0.6943.126
Obtained
from: https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop.html
Obtained
from: https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_12.html
Obtained
from: https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html |
1.1_6 13 Feb 2025 20:00:55
    |
Hiroki Tagato (tagattie)  |
security/vuxml: document vscode multiple vulnerabilities
Obtained from: https://github.com/microsoft/vscode/releases/tag/1.97.1 |
1.1_6 13 Feb 2025 16:26:43
    |
Ryan Steinmetz (zi)  |
security/vuxml: Document vulnerability in security/openvpn-auth-ldap |
1.1_6 13 Feb 2025 15:07:28
    |
Palle Girgensohn (girgen)  |
security/vuln: Add entry for PostgreSQL |
1.1_6 13 Feb 2025 06:01:06
    |
Matthias Fechner (mfechner)  |
security/vuxml: document gitlab vulnerabilities |
1.1_6 12 Feb 2025 16:21:32
    |
Joseph Mingrone (jrm)  |
security/vuxml: Document new Intel CPU vulnerabilities
Intel has disclosed new CPU vulnerabilities in the release notes for
microcode-20250211.
Reference: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250211
Security: CVE-2024-31068
Security: CVE-2024-36293
Security: CVE-2023-43758
Security: CVE-2024-39355
Security: CVE-2024-37020
Sponsored by: The FreeBSD Foundation |
1.1_6 11 Feb 2025 16:47:56
    |
Bernard Spil (brnrd)  |
security/vuxml: Document OpenSSL 3.2+ vuln |
1.1_6 07 Feb 2025 16:48:21
    |
Fernando Apesteguía (fernape)  |
security/vuxml: Entries for mozilla products
CVE-2025-10{09,10,11,12,13,14,15,16,17,18,19,20} |
1.1_6 07 Feb 2025 14:59:55
    |
Bernard Spil (brnrd)  |
security/vuxml: Document MariaDB InnoDB vuln |
1.1_6 07 Feb 2025 06:52:31
    |
Jason E. Hale (jhale)  |
security/vuxml: Add graphics/libcaca < 0.99.b20 |
1.1_6 06 Feb 2025 21:08:13
    |
Rodrigo Osorio (rodrigo)  |
security/vuxml: add entry for net-mgmt/cacti < 1.2.29 |
1.1_6 05 Feb 2025 17:21:25
    |
Sergey A. Osokin (osa)  |
security/vuxml: document www/nginx* vulnerability |
1.1_6 02 Feb 2025 08:32:18
    |
Jason E. Hale (jhale)  |
security/vuxml: Add www/qt6-webengine < 6.8.2 |
1.1_6 01 Feb 2025 08:23:08
    |
Yasuhiro Kimura (yasu)  |
security/vuxml: Update entries for redis and valkey
Add affected range for redis-devel package. |
1.1_6 31 Jan 2025 07:37:55
    |
Robert Nagy (rnagy)  |
security/vuxml: add www/*chromium < 132.0.6834.159
Obtained
from: https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_28.html |
1.1_6 30 Jan 2025 20:26:36
    |
Michael Reifenberger (mr)  |
security/vaultwarden: Security update to 1.33.0
Also added CVE IDs to security/vuxml vaulwarden entry.
PR: 284399
Reported by: foudfou |
1.1_6 30 Jan 2025 16:28:03
    |
Ashish SHUKLA (ashish)  |
security/vuxml: Document net-im/dendrite vulneraability |
1.1_6 30 Jan 2025 04:02:20
    |
Philip Paeps (philip)  |
security/vuxml: add FreeBSD SAs issued on 2025-01-29
FreeBSD-SA-25:01.openssh affects FreeBSD 14.1
FreeBSD-SA-25:02.fs affects all supported versions of FreeBSD
FreeBSD-SA-25:03.etcupdate affects all supported versions of FreeBSD
FreeBSD-SA-25:04.ktrace affects FreeBSD 14.2 |
1.1_6 30 Jan 2025 04:02:19
    |
Philip Paeps (philip)  |
security/vuxml: fix whitespace errors in recent oauth2-proxy entry
Turn some spaces into tabs to make `make validate` happy. The errors
were introduced in ab5f837462e075723c1be8573d178751b2ba2ede earlier
today.
Pointy hat to: rm |
1.1_6 29 Jan 2025 21:06:04
    |
Ruslan Makhmatkhanov (rm)  |
security/vuxml: add www/oauth2-proxy < 7.8.0 entry
PR: 284059
Reported by: Matthias Wolf <freebsd@rheinwolf.de> |
1.1_6 25 Jan 2025 14:23:09
    |
Bernard Spil (brnrd)  |
security/vaultwarden: Register <= 1.32.7 vulns |
1.1_6 25 Jan 2025 08:12:01
    |
Robert Nagy (rnagy)  |
security/vuxml: add www/*chromium < 132.0.6834.110
Obtained
from: https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_22.html
Obtained
from: https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html |
1.1_6 25 Jan 2025 05:46:22
    |
Hiroki Tagato (tagattie)  |
security/vuxml: document electron32 multiple vulnerabilities
Obtained from: https://github.com/electron/electron/releases/tag/v32.3.0 |
1.1_6 23 Jan 2025 14:26:04
    |
Hiroki Tagato (tagattie)  |
security/vuxml: document electron33 multiple vulnerabilities
Obtained from: https://github.com/electron/electron/releases/tag/v33.3.2 |
1.1_6 23 Jan 2025 07:34:49
    |
Matthias Fechner (mfechner)  |
security/vuxml: document gitlab vulnerabilities |
1.1_6 23 Jan 2025 03:40:39
    |
Yasuhiro Kimura (yasu)  |
security/vuxml: Document possbile denial-of-service vulnerability in clamav |
1.1_6 22 Jan 2025 13:22:18
    |
Hiroki Tagato (tagattie)  |
security/vuxml: document electron32 type confusion in v8 vulnerability
Obtained from: https://github.com/electron/electron/releases/tag/v32.2.8 |
1.1_6 21 Jan 2025 22:21:09
    |
Ashish SHUKLA (ashish)  |
security/vuxml: Document lang/go* vulnerabilities
PR: 284181 |
1.1_6 20 Jan 2025 13:39:38
    |
Hiroki Tagato (tagattie)  |
security/vuxml: document electron31 multiple vulnerabilities
Obtained from: https://github.com/electron/electron/releases/tag/v31.7.7 |
1.1_6 18 Jan 2025 08:05:02
    |
Xin LI (delphij)  |
security/vuxml: Document age arbitrary binary execution vulnerability. |
1.1_6 17 Jan 2025 01:40:05
    |
Matthias Andree (mandree)  |
security/vuxml: mention security/openvpn username/password length bugfix of
v2.6.13
I am not aware of a CVE number yet.
Security: 47bc292a-d472-11ef-aaab-7d43732cb6f5 |
1.1_6 15 Jan 2025 13:54:44
    |
Li-Wen Hsu (lwhsu)  |
security/vuxml: Fix entry 163edccf-d2ba-11ef-b10e-589cfc10a551
Fixes: e39886d24184 security/vuxml: add net/rsync vulnerabilities
Sponsored by: The FreeBSD Foundation |
1.1_6 14 Jan 2025 21:27:45
    |
Sergey A. Osokin (osa)  |
security/vuxml: add net/rsync vulnerabilities |
1.1_6 14 Jan 2025 21:07:45
    |
Joseph Mingrone (jrm)  |
security/vuxml: Update 2025-01-13 keycloak entry to fix `make validate`
Reported by: garga
Sponsored by: The FreeBSD Foundation |
1.1_6 14 Jan 2025 20:49:16
    |
Renato Botelho (garga)  |
security/vuxml: Add devel/git vulnerabilities
Sponsored by: Rubicon Communications, LLC ("Netgate") |
1.1_6 14 Jan 2025 16:11:09
    |
Vladimir Druzenko (vvd)  Author: Matthias Wolf |
security/vuxml: Add record for net/keycloak
CVE-2024-11736 Unrestricted admin use of system and environment variables
CVE-2024-11734 Denial of Service in Keycloak Server via Security Headers
Security: CVE-2024-11734
Security: CVE-2024-11736
PR: 284058 |
1.1_6 12 Jan 2025 19:04:57
    |
Fernando Apesteguía (fernape)  |
security/vuxml: add asterisk{18,20} vulns
CVE-2024-53566: Path traversal
* Base Score: 5.5 MEDIUM
* Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.1_6 10 Jan 2025 05:23:35
    |
Yasuhiro Kimura (yasu)  |
security/vuxml: Document two valnerabilities in redis and valkey
While here, update copyright year |
1.1_6 08 Jan 2025 19:07:47
    |
Matthias Fechner (mfechner)  |
security/vuxml: document gitlab vulnerabilities |
1.1_6 06 Jan 2025 16:54:50
    |
Fernando Apesteguía (fernape)  |
security/vuxml: Fix sqlite range
PR: 283830
Reported by: John Hein <jcfyecrayz@liamekaens.com> |
1.1_6 31 Dec 2024 16:41:37
    |
Cy Schubert (cy)  |
security/vuxml: Update open-motif entry to reflect fix in 2004
Release notes states:
2.2.4 October 2004
a. Fixed vulnerabilities in libXpm code [CVE numbers CAN-2004-0687
(integer overflows) and CAN-2004-0688 (stack overflows)]. |
1.1_6 31 Dec 2024 16:20:32
    |
Cy Schubert (cy)  |
security/vuxml: Note Xpm update in open-motif-devel
Upstream open-motif updated built-in Xpm to 3.5.12 in upstream commit
b100c321 making it no longer vulnerable. |
1.1_6 29 Dec 2024 13:22:03
    |
Fernando Apesteguía (fernape)  |
security/vuxml: TOCTOU Vulnerability in www/apache*
CVE-2024-56337 |
1.1_6 24 Dec 2024 11:25:23
    |
Fernando Apesteguía (fernape)  |
security/vuxml: www/kanboard vulnerability
Insufficient session validation. |
1.1_6 20 Dec 2024 14:14:19
    |
Bernard Spil (brnrd)  |
security/vuxml: Document Vaultwarden vulnerability |
1.1_6 19 Dec 2024 12:10:35
    |
Robert Nagy (rnagy)  |
security/vuxml: add www/*chromium < 131.0.6778.204
Obtained
from: https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_18.html |
1.1_6 18 Dec 2024 19:00:44
    |
Bernard Spil (brnrd)  |
security/vuxml: Document liboqs vulnerability |
1.1_6 18 Dec 2024 05:47:43
    |
Philip Paeps (philip)  |
security/vuxml: fix parse errors
Fix parse errors introduced in 96ddbb42b98fcb6022729ea28cd6725fcfdc4597. |
1.1_6 18 Dec 2024 00:04:58
    |
Vladimir Druzenko (vvd)  Author: Stefan Bethke |
security/vuxml: add records for www/gitea < 1.22.6
https://github.com/go-gitea/gitea/pull/32810
https://github.com/advisories/GHSA-v778-237x-gjrc
https://github.com/go-gitea/gitea/pull/32791
https://github.com/go-gitea/gitea/pull/32654
https://github.com/go-gitea/gitea/pull/32531
https://github.com/go-gitea/gitea/pull/32473
PR: 283389 |
1.1_6 17 Dec 2024 23:52:04
    |
Vladimir Druzenko (vvd)  Author: Stefan Bethke |
security/vuxml: add records for www/forgejo < 9.0.3 and www/forgejo7 < 7.0.12
https://codeberg.org/forgejo/forgejo/pulls/5974
https://codeberg.org/forgejo/forgejo/pulls/6248
https://codeberg.org/forgejo/forgejo/pulls/6249
PR: 283388 |
1.1_6 16 Dec 2024 22:13:39
    |
Ashish SHUKLA (ashish)  |
security/vuxml: Document net-im/py-matrix-synapse vulnerability
Signed-off-by: Sascha Biberhofer <sascha.biberhofer@skyforge.at>
PR: 283350
Reviewed by: ashish |
1.1_6 16 Dec 2024 19:20:40
    |
Fernando Apesteguía (fernape)  Author: John Hein |
security/vuxml: Fix range for thunderbird vulnerability
PR: 283357
Reported by: John Hein <jcfyecrayz@liamekaens.com> |
1.1_6 16 Dec 2024 19:15:22
    |
Craig Leres (leres)  |
security/vuxml: Mark zeek < 7.0.5 as vulnerable as per:
https://github.com/zeek/zeek/releases/tag/v7.0.5
This release fixes the following potential DoS vulnerability:
- Large QUIC packets can cause Zeek to overflow memory and potentially
crash. Due to the possibility of receiving these packets from
remote hosts, this is a DoS risk.
Reported by: Tim Wojtulewicz |