| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
1.1_4
09 Mar 2020 21:54:54
   |
bhughes  |
security/vuxml: document recent Node.js vulnerabilities
https://nodejs.org/en/blog/vulnerability/february-2020-security-releases/
While here, fix errors from `make validate` for the preceeding gitea
vulnerabilities.
Sponsored by: Miles AS |
1.1_4
07 Mar 2020 20:25:52
|
adamw |
Fix closing tag
Reported by: joneum |
1.1_4
07 Mar 2020 18:31:08
|
adamw |
Add entry for www/gitea
PR: 244025
Submitted by: maintainer |
1.1_4
07 Mar 2020 00:41:13
|
woodsb02 |
Document vulnerability in sysutils/py-salt
PR: 243908
Reported by: Christer Edwards <christer.edwards@gmail.com>
Security: CVE-2019-17361 |
1.1_4
06 Mar 2020 07:25:43
|
mfechner |
Documment gitlab vulnerabilities. |
1.1_4
04 Mar 2020 15:23:15
|
cy |
Document the latest nwtime.org ntp security advisory found at:
http://support.ntp.org/bin/view/Main/SecurityNotice#\
March_2020_ntp_4_2_8p14_NTP_Rele
No CVEs have been documented yet.
Security: http://support.ntp.org/bin/view/Main/NtpBug3610
http://support.ntp.org/bin/view/Main/NtpBug3596
http://support.ntp.org/bin/view/Main/NtpBug3592 |
1.1_4
02 Mar 2020 18:32:07
|
kwm |
Document librsvg2 vulnabilities.
Security: CVE-2019-20446 |
1.1_4
02 Mar 2020 08:56:46
|
0mp |
Document some audio/timidity++* vulnerabilities
PR: 244429
Reported by: pi
Security: CVE-2017-11546
Security: CVE-2017-11547
Security: CVE-2017-11549 |
1.1_4
29 Feb 2020 09:59:14
|
mfechner |
Document apache-solr vulnerabilities. |
1.1_4
27 Feb 2020 10:23:33
|
fluffy |
security/vuxml: fix vuxml entries for OpenSMTPd, remove duplicates with wrong
version and missed description
Approved by: ports-secteam (miwi) |
1.1_4
25 Feb 2020 03:07:17
|
fluffy |
Document OpenSMTPd vulnerability
LPE and RCE in OpenSMTPD's default install
Security: CVE-2020-8793, CVE-2020-8794 |
1.1_4
24 Feb 2020 21:15:43
|
cs |
CVE-2020-8794
Security: CVE-2020-8794 |
1.1_4
24 Feb 2020 21:11:35
|
cs |
CVE-2020-8793
Security: CVE-2020-8793 |
1.1_4
24 Feb 2020 17:21:37
|
tijl |
Document Mbed TLS vulnerabilities 2019-12 and 2020-02.
Security: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-12
Security: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-02 |
1.1_4
23 Feb 2020 08:58:20
|
tcberner |
vuxml: correct range for avidemux2
- avidemux2 version 2.6.12 switched to ffmpeg 2.7.6 |
1.1_4
23 Feb 2020 05:02:29
|
cy |
Post 93v ksh is only affected by the code injection vulnerability. |
1.1_4
21 Feb 2020 18:46:23
|
brnrd |
security/vuxml: Document latest WeeChat vulns |
1.1_4
19 Feb 2020 18:06:45
|
kwm |
Document webkit2-gtk3 vulnabilities |
1.1_4
14 Feb 2020 01:16:13
|
philip |
security/vuxml: Add January FreeBSD SAs
SA-20:01.libfetch
SA-20:02.ipsec
SA-20:03.thrmisc
PR: 243702
Submitted by: Miroslav Lachman <000.fbsd@quip.cz> |
1.1_4
13 Feb 2020 21:41:47
|
mfechner |
Document gitlab vulnerability. |
1.1_4
13 Feb 2020 00:18:20
|
ler |
security/vuxml: dovecot vulnerabilities |
1.1_4
12 Feb 2020 16:18:46
|
cem |
security/vuxml: Document sysutils/grub2-bhyve escalations
Mitigated in r525916.
admbugs: 948
Reported by: Reno Robert <renorobert AT gmail.com>
Approved by: bapt
MFH: 2020Q1 (bapt) |
1.1_4
12 Feb 2020 00:19:38
|
dbaio |
security/vuxml: Document graphics/libexif issue
PR: 244060
Reported by: tj@mrsk.me (email)
Security: CVE-2019-9278 |
1.1_4
11 Feb 2020 15:13:47
|
jkim |
Document the latest Flash Player vulnerability.
https://helpx.adobe.com/security/products/flash-player/apsb20-06.html |
1.1_4
11 Feb 2020 08:53:51
|
joneum |
Fix entry for NGINX
Sponsored by: Netzkommune GmbH |
1.1_4
10 Feb 2020 17:42:47
|
joneum |
Fix NGINX entry
Sponsored by: Netzkommune GmbH |
1.1_4
09 Feb 2020 11:10:36
|
joneum |
Add entry for nginx
PR: 243952
Sponsored by: Netzkommune GmbH |
1.1_4
07 Feb 2020 19:38:45
|
cy |
Document ksh93 CVE-2019-14868: certain environment variables interpreted
as arithmetic expressions on startup, leading to code injection.
Reported by: Siteshwar Vashisht <svashisht@redhat.com>
MFH: 2020Q1
Security: CVE-2019-14868
https://bugzilla.redhat.com/show_bug.cgi?id=1757324
https://access.redhat.com/security/cve/CVE-2019-14868 |
1.1_4
06 Feb 2020 21:02:19
|
pi |
security/vuxml: Document Denial-of-Service vulnerability in ClamAV
- CVE-2020-3123
PR: 243913
Submitted by: Yasuhiro KIMURA <yasu@utahime.org> |
1.1_4
04 Feb 2020 18:17:29
|
sunpoet |
Document Django vulnerability |
1.1_4
02 Feb 2020 20:14:40
|
brnrd |
security/vuxml: Properly document MariaDB vuln
PR: 243660
Reported by: <ari ish com au> |
1.1_4
02 Feb 2020 07:20:49
|
woodsb02 |
Fix typo in SpamAssassin vuxml entry from 2020-01-31 |
1.1_4
02 Feb 2020 07:15:44
|
woodsb02 |
vuxml: Add entry for libssh CVE-2019-14889
Security: CVE-2019-14889 |
1.1_4
31 Jan 2020 20:22:22
|
cy |
Remove my older entry for CVE-2020-1931. The subequent entry by
zeising@ is better.
Whitespace adjustment. |
1.1_4
31 Jan 2020 16:02:45
|
zeising |
vuxml: Add entries for spamassasin vulnerabilities. |
1.1_4
31 Jan 2020 14:00:22
|
cy |
Document sudo CVE-2019-18634:
Buffer overflow when pwfeedback is set in sudoers.
Security: CVE-2019-18634 |
1.1_4
31 Jan 2020 10:09:57
|
mfechner |
Document gitlab vulnerabilities. |
1.1_4
30 Jan 2020 13:51:14
|
cy |
Document:
[CVE-2020-1931] Apache SpamAssassin Nefarious rule configuration
(.cf) files can be configured to run system commands with warnings
Security: CVE-2020-1931
Security: https://svn.apache.org/repos/asf/spamassassin/branches/3.4/\
build/announcements/3.4.4.txt
Security: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-1931 |
1.1_4
30 Jan 2020 06:25:48
|
fluffy |
Document mail/opensmtpd LPE and RCE vulnerabilities
PR: 243686
Security: CVE-2020-7247 |
1.1_4
29 Jan 2020 15:29:30
|
lwhsu |
Document Jenkins Security Advisory 2020-01-29
Sponsored by: The FreeBSD Foundation |
1.1_4
29 Jan 2020 13:23:59
|
bapt |
Document libfetch vulnerability which affects pkg. |
1.1_4
27 Jan 2020 01:38:10
|
timur |
Add an entry about CVE-2019-14902, CVE-2019-14907, CVE-2019-19344
vulnerabilities in the Samba 4.1[01] versions.
Security: CVE-2019-14902
CVE-2019-14907
CVE-2019-19344 |
1.1_4
26 Jan 2020 17:51:44
|
kwm |
Document webkit-gtk3 vulnabilities. |
1.1_4
24 Jan 2020 22:20:00
|
kai |
security/vuxml: Document graphics/py-pillow issues
PR: 243336
Security: CVE-2019-19911
CVE-2020-5310
CVE-2020-5311
CVE-2020-5312
CVE-2020-5313 |
1.1_4
20 Jan 2020 11:07:29
|
joneum |
Add entry for www/gitea
PR: 243437
Reported by: stb@lassitu.de
Sponsored by: Netzkommune GmbH |
1.1_4
15 Jan 2020 20:23:39
|
brnrd |
security/vuxml: Document 2020Q1 Oracle MySQL Vulns |
1.1_4
15 Jan 2020 13:54:43
|
zeising |
vuxml: Document recent intel GPU vulnerability |
1.1_4
14 Jan 2020 13:57:11
|
adamw |
VuXML: Add entry for p5-Template-Toolkit directory traversal bug |
1.1_4
14 Jan 2020 07:28:53
|
mfechner |
Document gitlab vulnerability. |
1.1_4
11 Jan 2020 18:32:15
|
mandree |
mark e2fsprogs vulnerable, CVE-2019-5188
Security: 8b61308b-322a-11ea-b34b-1de6fb24355d
Security: CVE-2019-5188 |
1.1_4
11 Jan 2020 08:19:40
|
mfechner |
Document phpMyAdmin vulnerability. |
1.1_4
06 Jan 2020 17:27:47
|
kai |
security/vuxml: Document net-mgmt/cacti issues
PR: 242834
Submitted by: Michael Muenz <m.muenz@gmail.com> (based on)
Security: CVE-2019-17357
CVE-2019-17358 |
1.1_4
03 Jan 2020 09:18:21
|
mfechner |
Document gitlab vulnerabilities. |
1.1_4
29 Dec 2019 12:58:29
|
sunpoet |
Document rubygem-rack vulnerability |
1.1_4
29 Dec 2019 12:11:09
|
mandree |
Document graphics/ilmbase graphics/openexr vulnerabilities.
Security: e4d9dffb-2a32-11ea-9693-e1b3f6feec79
Security: CVE-2018-18443
Security: CVE-2018-18444 |
1.1_4
26 Dec 2019 10:03:18
|
joneum |
Add entry for wordpress
Sponsored by: Netzkommune GmbH |
1.1_4
25 Dec 2019 12:25:56
|
joneum |
Add entry for typo3
PR: 242707 242708
Sponsored by: Netzkommune GmbH |
1.1_4
21 Dec 2019 11:04:12
|
mandree |
Add vulnerability of e2fsprogs quota code < 1.45.4
Security: ad3451b9-23e0-11ea-8b36-f1925a339a82
Security: CVE-2019-5094 |
1.1_4
21 Dec 2019 02:36:58
|
acm |
- Re-add py-matrix-synapse entry |
1.1_4
21 Dec 2019 02:28:27
|
acm |
- Add drupal[78] entry |
1.1_4
20 Dec 2019 21:05:44
|
decke |
Document py-matrix-synapse vulnerabilities
PR: 242702
Submitted by: Sascha Biberhofer <ports@skyforge.at> |
1.1_4
20 Dec 2019 15:04:42
|
brnrd |
security/vuxml: Document OpenSSL 1.0.2 vuln |
1.1_4
13 Dec 2019 20:34:37
|
swills |
Fix typo
PR: 242627
Submitted by: lightside <lightside@gmx.com> |
1.1_4
13 Dec 2019 20:03:39
|
cy |
Document two new spamassassin 3.4.2 vulnerabilities.
CVE-2019-12420 for Multipart Denial of Service Vulnerability
CVE-2018-11805 for nefarious CF files can be configured to run system
commands without any output or errors. |
1.1_4
13 Dec 2019 16:11:07
|
timur |
Add entry for Samba4 CVE-2019-14861 and CVE-2019-14870
Security: CVE-2019-14861
CVE-2019-14870 |
1.1_4
13 Dec 2019 14:40:53
|
ler |
security/vuxml: dovecot vulnerability |
1.1_4
10 Dec 2019 21:06:04
|
mfechner |
Document gitlab vulnerabilities. |
1.1_4
10 Dec 2019 17:16:26
|
sunpoet |
Update libidn2 vulnerability
Reported by: Stephen Wall <stephen.wall@redcom.com>, jkim |
1.1_4
09 Dec 2019 20:54:17
|
tijl |
Document Ghostscript vulnerabilities.
Security: CVE-2019-14811, CVE-2019-14812, CVE-2019-14813, CVE-2019-14817 |
1.1_4
06 Dec 2019 20:22:53
|
joneum |
Add entry for phpmyadmin
Sponsored by: Netzkommune GmbH |
1.1_4
04 Dec 2019 20:32:39
|
zeising |
vuxml: Add drm-fbsd11.2-kmod to drm vulnerability
Add drm-fbsd11.2-kmod to the list of packages vulnerable to the
drm graphics drivers -- Local privilege escalation and denial of serivce
entry. |
1.1_4
03 Dec 2019 03:04:35
|
wen |
- Document Django multiple vulnerabilities |
1.1_4
28 Nov 2019 15:44:53
|
decke |
Document net-im/py-matrix-synapse vulnerabilities
PR: 241574
Submitted by: Sascha Biberhofer <ports@skyforge.at> |
1.1_4
28 Nov 2019 07:02:12
|
mfechner |
Document gitlab-ce vulnerability. |
1.1_4
27 Nov 2019 19:04:25
|
mfechner |
Document www/gitlab-ce vulnerabilities. |
1.1_4
27 Nov 2019 16:32:49
|
kwm |
Document webkit2-gtk3 vulnabilities |
1.1_4
26 Nov 2019 11:51:30
|
kai |
security/vuxml: Document net/py-urllib3 issues
PR: 229322
Security: CVE-2018-20060
CVE-2019-11236
CVE-2019-11324 |
1.1_4
25 Nov 2019 21:45:06
|
dch |
security/vuxml: add FreeBSD kernel entries for recent Intel CVEs
PR: 241931
Submitted by: Miroslav Lachman <000.fbsd@quip.cz>
Reviewed by: dch
Approved by: joneum (ports-secteam)
Security: CVE-2019-11135
Security: CVE-2019-11139
Security: CVE-2018-12126
Security: CVE-2018-12127
Security: CVE-2018-12130
Security: CVE-2018-11091
Security: CVE-2017-5715
Security: CVE-2018-12207
Sponsored by: SkunkWerks, GmbH |
1.1_4
25 Nov 2019 09:18:43
|
joneum |
Add entry for security/clamav
PR: 242118
Sponsored by: Netzkommune GmbH |
1.1_4
23 Nov 2019 12:50:59
|
joneum |
Add entry for dns/unbound
PR: 242075
Sponsored by: Netzkommune GmbH |
1.1_4
22 Nov 2019 11:15:10
|
kai |
security/vuxml: Document www/gitea issues
PR: 241981
Submitted by: Nils Johannsen <nilsjohannsen@gmx.de> (based on)
Approved by: stb@lassitu.de (maintainer) |
1.1_4
22 Nov 2019 09:03:50
|
madpilot |
Document asterisk vulnerabilities. |
1.1_4
22 Nov 2019 09:01:54
|
madpilot |
Remove extra whitespace. |
1.1_4
20 Nov 2019 10:57:40
|
zeising |
Document intel drm driver vulnerabilities
Document intel drm driver vulnerabilities related to Intel 2019.2 IPU [1].
[1]
https://blogs.intel.com/technology/2019/11/ipas-november-2019-intel-platform-update-ipu |
1.1_4
19 Nov 2019 08:25:04
|
joneum |
Add entry for www/squid
PR: 241976
Sponsored by: Netzkommune GmbH |
1.1_4
18 Nov 2019 18:13:57
|
sunpoet |
Document libidn2 vulnerability |
1.1_4
15 Nov 2019 22:46:16
|
naddy |
Document vulnerabilities in GNU cpio < 2.13. |
1.1_4
13 Nov 2019 23:45:36
|
sunpoet |
Document libmad vulnerability |
1.1_4
12 Nov 2019 21:38:20
|
gjb |
Fix build.
Sponsored by: Rubicon Communications, LLC (netgate.com) |
1.1_4
12 Nov 2019 21:01:03
|
rene |
Document new vulnerability in www/chromium < 78.0.3904.97 |
1.1_4
12 Nov 2019 08:16:35
|
joneum |
fix typo
Sponsored by: Netzkommune GmbH |
1.1_4
12 Nov 2019 07:42:06
|
joneum |
Add entry for wordpress
Sponsored by: Netzkommune GmbH |
1.1_4
07 Nov 2019 12:09:25
|
dmgk |
security/vuxml: Document nexus2-oss vulnerabilities
PR: 241308
Approved by: tz (mentor, implicit) |
1.1_4
07 Nov 2019 11:55:10
|
danfe |
Adjust affected GNU patch package version after r516964. |
1.1_4
06 Nov 2019 21:48:53
|
tz |
security/vuxml: Document PHP RCE issues |
1.1_4
03 Nov 2019 03:11:07
|
wen |
- Document mediawiki's multiple vulnerabilities |
1.1_4
02 Nov 2019 14:33:45
|
brnrd |
security/vuxml: Document MySQL quarterly vulns |
1.1_4
02 Nov 2019 12:26:06
|
rakuco |
Adjust entry 381deebb-f5c9-11e9-9c4f-74d435e60b7c for sysutils/file.
Upstream version 5.37 is vulnerable, but the update to 5.37 in the ports tree
was landed with a fix for the CVE entry.
PR: 241424 |
1.1_4
02 Nov 2019 12:19:34
|
rakuco |
Add entry for heap buffer overflow in sysutils/file.
PR: 241424
Submitted by: Nathan Owens <ndowens04@gmail.com>
Approved by: jharris@widomaker.com (maintainer) |
1.1_4
31 Oct 2019 20:43:57
|
kwm |
Document webkit-gtk3 vulnerabilities. |
As an Amazon Associate I earn from qualifying purchases.
