| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
1.1_4
21 Jul 2019 03:55:06
   |
acm  |
- Add drupal8 vulnerability entry
- Modify 9b8a52fc-89c1-11e9-9ba0-4c72b94353b5 entry. Drupal8 was affected too |
1.1_4
20 Jul 2019 16:13:26
|
mandree |
Document PuTTY < 0.72 vulnerabilities. |
1.1_4
17 Jul 2019 14:54:53
|
lwhsu |
Document Jenkins Security Advisory 2019-07-17
Sponsored by: The FreeBSD Foundation |
1.1_4
16 Jul 2019 16:12:27
|
swills |
document libxslt issue
PR: 238049
Submitted by: egypcio |
1.1_4
12 Jul 2019 06:43:01
|
madpilot |
Document asterisk vulnerabilities. |
1.1_4
12 Jul 2019 00:36:27
|
wen |
- Document python37 multiple vulnerabilities |
1.1_4
10 Jul 2019 01:16:04
|
jbeich |
security/vuxml: mark firefox < 68 as vulnerable |
1.1_4
09 Jul 2019 15:55:00
|
adamw |
Add vuxml entry for gnupg < 2.2.17 |
1.1_4
08 Jul 2019 23:54:58
|
wen |
- Document python 3.6 multiple vulnerabilities
PR: 238952
Submitted by: wenheping2000@hotmail.com(myself)
Reviewed by: koobs@ |
1.1_4
07 Jul 2019 17:05:28
|
tijl |
Add Linux packages to the latest libssh2 entry. Also link to all CVEs. |
1.1_4
06 Jul 2019 06:05:46
|
tobik |
Document webkit2-gtk3 vulnerabilities
PR: 239003 |
1.1_4
05 Jul 2019 00:44:49
|
wen |
- Document mediawiki multiple vulnerabilities |
1.1_4
03 Jul 2019 18:52:14
|
sunpoet |
Document ettercap vulnerability |
1.1_4
03 Jul 2019 16:01:04
|
mfechner |
Documented several gitlab security vulnerabilities. |
1.1_4
03 Jul 2019 15:20:21
|
amdmi3 |
Document SDL2_image vulnerabilities |
1.1_4
01 Jul 2019 20:11:52
|
kai |
security/vuxml: Document irc/irssi issue
PR: 238892
Security: CVE-2019-13045 |
1.1_4
01 Jul 2019 14:39:36
|
wen |
- Document Django vulnerabilities.
PR: 238911, 238910
Submitted by: koobs@ |
1.1_4
30 Jun 2019 21:47:17
|
swills |
Document minor bzip2 issues
PR: 238854 |
1.1_4
30 Jun 2019 20:39:16
|
swills |
Document powerdns issue
PR: 239705
Submitted by: Ralf van der Enden <tremere@cainites.net> |
1.1_4
28 Jun 2019 21:17:39
|
sunpoet |
Document typo3 vulnerability
PR: 238862, 238863 |
1.1_4
27 Jun 2019 21:05:55
|
girgen |
Add vuxml entry for postgresql lt 10.9 and lt 11.4 |
1.1_4
22 Jun 2019 12:47:27
|
dbaio |
security/vuxml: Document irc/znc issue
Security: CVE-2019-12816 |
1.1_4
21 Jun 2019 11:30:19
|
cmt |
document recent Mozilla advisories
MFSA2019-17, MFSA2019-19, MFSA2019-20 |
1.1_4
20 Jun 2019 15:54:14
|
riggs |
Document two vulnerabilities in vlc < 3.0.7.1, potential remote exploit |
1.1_4
20 Jun 2019 09:11:48
|
jbeich |
security/vuxml: mark waterfox < 56.2.11 as vulnerable
https://github.com/MrAlex94/Waterfox/commit/27ce846f9d46 |
1.1_4
19 Jun 2019 05:32:28
|
jbeich |
security/vuxml: mark firefox < 67.0.3 as vulnerable |
1.1_4
17 Jun 2019 05:24:51
|
tobik |
Fix version range of recent ImageMagick6 entry
graphics/ImageMagick6 has PORTEPOCH=1 (ImageMagick7 does not) but
it is not included in vuln.xml. The recent vulnerabilities are
never raised by pkg audit as a result and users are left uninformed
about them. |
1.1_4
16 Jun 2019 17:07:14
|
marcus |
Add an entry for netatalk3.
Document the netatalk3 remote code execution vulnerability fixed in 3.1.12.
PR: 238573 |
1.1_4
16 Jun 2019 10:38:42
|
sunpoet |
Document GraphicsMagick vulnerability |
1.1_4
15 Jun 2019 14:06:58
|
rene |
security/vuxml: add entry for www/chromium < 75.0.3770.90 |
1.1_4
14 Jun 2019 06:48:52
|
matthew |
Document PMASA-2019-4; CSRF vulnerability in login form |
1.1_4
13 Jun 2019 18:41:56
|
adamw |
Add entry for Vim/NeoVim arbitrary code execution |
1.1_4
12 Jun 2019 17:17:02
|
joneum |
Add entry for www/mybb
Sponsored by: Netzkommune GmbH |
1.1_4
11 Jun 2019 21:11:17
|
jkim |
Document the latest Flash Player vulnerability.
https://helpx.adobe.com/security/products/flash-player/apsb19-30.html |
1.1_4
08 Jun 2019 18:52:51
|
joneum |
Set correct Port Name for last drupal7 entry
Sponsored by: Netzkommune GmbG |
1.1_4
08 Jun 2019 14:24:15
|
gjb |
Fix vuxml build.
Sponsored by: The FreeBSD Foundation |
1.1_4
08 Jun 2019 08:23:47
|
joneum |
Add entry for drupal7
- Set correct modified Date for 183d700e-ec70-487e-a9c4-632324afa934
Sponsored by: Netzkommune GmbH |
1.1_4
06 Jun 2019 12:26:54
|
vsevolod |
Document Exim RCE CVE-2019-10149 |
1.1_4
06 Jun 2019 02:30:55
|
wen |
- Document Django vulnerabilities. |
1.1_4
05 Jun 2019 15:08:32
|
kwm |
Fix modification date, the future isn't quite here yet.
Reported by: Daniel Ebdrup |
1.1_4
04 Jun 2019 04:51:09
|
kwm |
Fix Imagemagick 6 package name. |
1.1_4
03 Jun 2019 14:44:13
|
mfechner |
Document gitlab vulnerabilities. |
1.1_4
01 Jun 2019 13:48:59
|
koobs |
security/vuxml: Add buildbot -- OAuth Authentication Vulnerability |
1.1_4
31 May 2019 19:17:59
|
leres |
security/vuxml: Mark bro < 2.6.2 as vulnerable as per:
https://raw.githubusercontent.com/zeek/zeek/bb979702cf9a2fa67b8d1a1c7f88d0b56c6af104/NEWS
The issue is unsafe integer conversions that can cause unintentional
code paths to be executed.
Reviewed by: ler (mentor)
Approved by: ler (mentor)
Security: CVE-2019-12175
Differential Revision: https://reviews.freebsd.org/D20481 |
1.1_4
30 May 2019 10:58:17
|
kwm |
Document ImageMagick issues.
PR: 238199
Reported by: Tommy P <tommyhp2@gmail.com>
Security: CVE-2019-7175, CVE-2019-7395, CVE-2019-7396, CVE-2019-7397,
CVE-2019-7398, CVE-2019-9956, CVE-2019-10131, CVE-2019-10649,
CVE-2019-10650, CVE-2019-10714, CVE-2019-11470, CVE-2019-11472,
CVE-2019-11597, CVE-2019-11598 |
1.1_4
27 May 2019 16:20:16
|
ume |
fix package name of cyrus-imapd. |
1.1_4
27 May 2019 14:26:45
|
ume |
Document cyrus-imapd buffer overrun in httpd.
Security: CVE-2019-11356 |
1.1_4
26 May 2019 18:02:35
|
sunpoet |
Remove superfluous dot |
1.1_4
26 May 2019 14:52:11
|
cs |
Clarify CVE-2019-10691 |
1.1_4
26 May 2019 13:55:39
|
cs |
Serendipity -- XSS
Security: CVE-2019-11870 |
1.1_4
26 May 2019 13:45:33
|
cs |
Add missing quote link |
1.1_4
26 May 2019 13:43:18
|
cs |
SQLite use after free
Security: CVE-2019-5018 |
1.1_4
26 May 2019 13:21:55
|
cs |
Add proper cvename reference to recent OCaml entry |
1.1_4
26 May 2019 13:17:17
|
cs |
suricata vulnerability
Security: CVE-2019-10053 |
1.1_4
25 May 2019 22:05:13
|
sunpoet |
Document curl vulnerability |
1.1_4
23 May 2019 19:43:29
|
cs |
Multiple vulnerabilities in OCaml
PR: 223039
Submitted by: Phil Pennock <freebsd@phil.spodhuis.org>
Security: CVE-2015-8869 |
1.1_4
22 May 2019 11:00:52
|
jbeich |
security/vuxml: mark firefox < 67 as vulnerable |
1.1_4
18 May 2019 01:23:59
|
timur |
Add entry about Samba4* vulnerabilities.
Security: CVE-2018-16860
CVE-2019-3880 |
1.1_4
15 May 2019 03:08:32
|
tobik |
Add recent lang/rust security advisory |
1.1_4
14 May 2019 21:19:03
|
jkim |
Document the latest Flash Player vulnerability.
https://helpx.adobe.com/security/products/flash-player/apsb19-26.html |
1.1_4
11 May 2019 09:14:21
|
brnrd |
security/vuxml: Document PHP-exif vulnerabilities |
1.1_4
10 May 2019 12:41:16
|
girgen |
Add security issues from latest postgresql release |
1.1_4
06 May 2019 08:47:08
|
joneum |
Add entry for www/gitea
PR: 237734
Sponsored by: Netzkommune GmbH |
1.1_4
05 May 2019 02:34:31
|
koobs |
security/vuxml: Add comms/hylafax -- Malformed fax sender remote code execution
in JPEG support |
1.1_4
01 May 2019 07:16:46
|
mfechner |
Documented vulnerability for gitlab. |
1.1_4
30 Apr 2019 23:35:08
|
ler |
security/vuxml: correct dovecot entry.
Reported by: leres |
1.1_4
30 Apr 2019 21:02:33
|
ler |
security/vuxml: document dovecot vulnerabilities |
1.1_4
29 Apr 2019 20:33:08
|
mfechner |
Document gitlab vulnerabilities. |
1.1_4
26 Apr 2019 11:29:17
|
koobs |
security/vuxml: Add buildbot CRLF injection vulnerability |
1.1_4
25 Apr 2019 02:05:05
|
acm |
- Add drupal7 and drupal8 entries |
1.1_4
24 Apr 2019 16:55:13
|
swills |
add missed PORTEPOCH to libssh2 version |
1.1_4
24 Apr 2019 15:30:40
|
jpaetzel |
Document py-yaml vulnerability
PR: 237501
Submitted by: sergey@akhmatov.ru
Security: CVE-2017-18342 |
1.1_4
23 Apr 2019 03:03:45
|
cy |
Document wpa_supplicant/hostapd EAP-pwd message reassembly issue with
unexpected fragment.
Security: no CVE documented,
https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-\
with-unexpected-fragment.txt |
1.1_4
23 Apr 2019 03:03:40
|
cy |
Document wpa_supplicant/hostapd EAP-pwd missing commit validation.
CVE-2019-9497 (EAP-pwd server not checking for reflection attack)
CVE-2019-9498 (EAP-pwd server missing commit validation for
scalar/element)
CVE-2019-9499 (EAP-pwd peer missing commit validation for
scalar/element)
Security: CVE-2019-9497, CVE-2019-9498, CVE-2019-9499,
https://w1.fi/security/2019-4/eap-pwd-missing-commit-validation.txt |
1.1_4
23 Apr 2019 03:03:35
|
cy |
Document hostapd SAE confirm missing state validation.
CVE-2019-9496 (SAE confirm missing state validation in hostapd/AP)
Security: CVE-2019-9496,
https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt |
1.1_4
23 Apr 2019 03:03:30
|
cy |
Document wpa_supplicant/hostapd EAP-pwd side-channel attack.
CVE-2019-9495 (cache attack against EAP-pwd)
Security: CVE-2019-9495,
https://w1.fi/security/2019-2/eap-pwd-side-channel-attack.txt |
1.1_4
23 Apr 2019 03:03:25
|
cy |
Document wpa_supplicant/hostapd SAE side-channel attacks.
CVE-2019-9494 (cache attack against SAE)
Security: CVE-2019-9494, VU#871675,
https://w1.fi/security/2019-1/sae-side-channel-attacks.txt |
1.1_4
22 Apr 2019 20:30:19
|
danilo |
- Document istio vulnerabilities. |
1.1_4
21 Apr 2019 17:35:59
|
tijl |
Document Ghostscript CVE-2019-3835 and CVE-2019-3838.
PR: 237390
Security: CVE-2019-3835, CVE-2019-3838 |
1.1_4
19 Apr 2019 14:42:42
|
tijl |
Document GNUTLS-SA-2019-03-27.
Security: https://www.gnutls.org/security-new.html#GNUTLS-SA-2019-03-27 |
1.1_4
18 Apr 2019 15:21:04
|
ler |
security/vuxml: Document dovecot json encoder issue |
1.1_4
18 Apr 2019 10:36:50
|
swills |
Document libssh2 issue |
1.1_4
17 Apr 2019 06:35:18
|
joneum |
Add entry for gitea
PR: 237303
Sponsored by: Netzkommune GmbH |
1.1_4
13 Apr 2019 13:53:22
|
brnrd |
security/vuxml: Document vulnerabilities for MySQL
- Pre-notification by Oracle, final to be published in 3 days |
1.1_4
12 Apr 2019 08:43:30
|
vd |
Document ftp/wget's metadata in extended attributes vulnerability
Security: CVE-2018-20483 |
1.1_4
11 Apr 2019 05:47:33
|
mfechner |
Document gitlab vulnerability. |
1.1_4
10 Apr 2019 15:30:26
|
lwhsu |
Document Jenkins Security Advisory 2019-04-10
Sponsored by: The FreeBSD Foundation |
1.1_4
10 Apr 2019 07:52:51
|
jkim |
Document the latest Flash Player vulnerabilities.
https://helpx.adobe.com/security/products/flash-player/apsb19-19.html |
1.1_4
06 Apr 2019 14:46:00
|
sunpoet |
Update py-notebook status |
1.1_4
05 Apr 2019 06:22:10
|
mfechner |
Documented vulnerabilities for clamav. |
1.1_4
03 Apr 2019 17:22:25
|
romain |
Update sysutils/puppetserver5 entry
Puppetlabs released version 5.3.8 of Puppet Server which address the issue:
https://puppet.com/docs/puppetserver/5.3/release_notes.html#puppet-server-538
With hat: puppet |
1.1_4
02 Apr 2019 20:48:08
|
mfechner |
Documented gitlab vulnerability. |
1.1_4
02 Apr 2019 07:58:42
|
brnrd |
security/vuxml: Document Apache httpd vulnerabilities |
1.1_4
01 Apr 2019 19:29:47
|
danilo |
- Document sysutils/kubectl CVE-2019-1002101 |
1.1_4
31 Mar 2019 13:50:46
|
dbaio |
security/vuxml: Document irc/znc issue
Security: CVE-2019-9917 |
1.1_4
29 Mar 2019 16:36:03
|
sunpoet |
Document py-notebook vulnerability |
1.1_4
29 Mar 2019 14:17:12
|
sunpoet |
Update openjpeg status |
1.1_4
28 Mar 2019 12:21:37
|
ler |
vuxml: Document mail/dovecot buffer overflow. |
1.1_4
28 Mar 2019 08:26:50
|
joneum |
Add modified line for drupal after r496987
Sponsored by: Netzkommune GmbH |
1.1_4
27 Mar 2019 21:51:40
|
acm |
- Update 94d63fd7-508b-11e9-9ba0-4c72b94353b5 entry |
As an Amazon Associate I earn from qualifying purchases.
