| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
1.1_3
24 Aug 2018 10:34:46
   |
tobik  |
Fix databases/mantis entry after r477954 |
1.1_3
23 Aug 2018 05:34:56
|
matthew |
Apparently you can have more than on <name></name> item inside a
<package></packge> group. Also, re-add plain 'phpMyAdmin' without a
flavour suffix as a possible package name -- it's only been a few
months since flavourization, and there may well be some older installs
still out there. (Although those should already be flagging for the
previous PMASA)
Reported by: mat |
1.1_3
22 Aug 2018 21:58:04
|
matthew |
Third time's the charm. Now capitalize the package names correctly. |
1.1_3
22 Aug 2018 21:40:11
|
matthew |
phpMyAdmin is flavoured now: use the correct package names. |
1.1_3
22 Aug 2018 21:28:45
|
feld |
Document FreeBSD-SA-18:11.hostapd |
1.1_3
22 Aug 2018 21:28:04
|
feld |
Document FreeBSD-SA-18:10.ip |
1.1_3
22 Aug 2018 21:27:36
|
feld |
Document FreeBSD-SA-18:09.l1tf |
1.1_3
22 Aug 2018 21:03:21
|
swills |
Document gogs open redirect issue
PR: 230800
Submitted by: Dmitri Goutnik <dg@syrec.org> |
1.1_3
22 Aug 2018 20:32:50
|
matthew |
Document the latest phpMyAdmin security advisory PMASA-2018-5 |
1.1_3
22 Aug 2018 19:28:01
|
zeising |
Document libX11 vulnerabilities.
CVE-2018-14598
CVE-2018-14599
CVE-2018-14600
https://lists.x.org/archives/xorg-announce/2018-August/002915.html |
1.1_3
21 Aug 2018 17:53:08
|
dch |
security/vuxml: add CVE-2018-11769 for databases/couchdb versions < 2.2.0
Reported by: Apache CouchDB PMC
Approved by: jrm
Security: CVE-2018-11769
Security: https://lists.apache.org/thread.html/1052ad7a1b32b9756df4f7860f5cb5a96b739f444117325a19a4bf75@%3Cdev.couchdb.apache.org%3E
Differential Revision: https://reviews.freebsd.org/D16820 |
1.1_3
17 Aug 2018 21:07:32
|
swills |
Document issue in security/botan2
PR: 230666 |
1.1_3
15 Aug 2018 21:01:23
|
lwhsu |
Document Jenkins Security Advisory 2018-08-15
Sponsored by: The FreeBSD Foundation |
1.1_3
14 Aug 2018 20:21:53
|
cy |
Document WPA unauthenticated encrypted EAPOL-Key data vunlerability.
Security: CVE-2018-14526 |
1.1_3
14 Aug 2018 19:08:38
|
jkim |
Document the latest Flash Player vulnerabilities.
https://helpx.adobe.com/security/products/flash-player/apsb18-25.html |
1.1_3
14 Aug 2018 13:37:35
|
timur |
Add an entry about multiple Samba vulnerabilities:
* CVE-2018-1139 (Weak authentication protocol allowed.)
* CVE-2018-1140 (Denial of Service Attack on DNS and LDAP server.)
* CVE-2018-10858 (Insufficient input validation on client directory
listing in libsmbclient.)
* CVE-2018-10918 (Denial of Service Attack on AD DC DRSUAPI server.)
* CVE-2018-10919 (Confidential attribute disclosure from the AD LDAP
server.)
Security: CVE-2018-1139
CVE-2018-1140
CVE-2018-10858
CVE-2018-10918
CVE-2018-10919
Sponsored by: iXsystems Inc. |
1.1_3
12 Aug 2018 17:35:08
|
sunpoet |
Document GraphicsMagick vulnerability |
1.1_3
12 Aug 2018 13:44:39
|
tobik |
Document lang/chicken vulerabilities |
1.1_3
12 Aug 2018 07:55:09
|
flo |
Document www/gitea vulnerability, with the scarce details provided by Gitea
PR: 230512 |
1.1_3
10 Aug 2018 14:35:45
|
tijl |
Document mbed TLS Security Advisory 2018-02.
Security: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-02 |
1.1_3
10 Aug 2018 08:56:53
|
girgen |
Add entry about postgresql vulnerabilites |
1.1_3
08 Aug 2018 19:07:31
|
brnrd |
security/vuxml: Document Oracle's Crititcal Patch Update |
1.1_3
07 Aug 2018 13:18:03
|
girgen |
Add vulnerability information about apache-xml-security-c |
1.1_3
06 Aug 2018 21:26:20
|
feld |
Document FreeBSD-SA-18:08.tcp |
1.1_3
06 Aug 2018 03:23:23
|
koobs |
security/py-cryptography: Add tag forgery vulnerability
PR: 226906 |
1.1_3
05 Aug 2018 11:56:49
|
riggs |
Document CVE-2018-14912 in devel/cgit before version 1.2.1
PR: 230360
Submitted by: yasu@utahime.org |
1.1_3
03 Aug 2018 16:09:52
|
mfechner |
Documented vulnerability of copied security/rubygem-doorkeeper43.
Approved by: mentors (implicit) |
1.1_3
01 Aug 2018 16:32:58
|
adamw |
Fix a common grammar error: "can not" means the opposite of "cannot."
"Can not" means "it is possible not to," and "cannot" means "it is impossible
to." |
1.1_3
31 Jul 2018 23:44:54
|
sunpoet |
Document rubygem-doorkeeper vulnerability |
1.1_3
31 Jul 2018 23:43:53
|
sunpoet |
Document rubygem-sinatra vulnerability |
1.1_3
31 Jul 2018 09:51:51
|
mandree |
Add new Mailman < 2.1.28 security issue.
https://bugs.launchpad.net/mailman/+bug/1780874
https://mail.python.org/pipermail/mailman-announce/2018-July/000241.html
Security: b4f0ad36-94a5-11e8-9007-080027ac955c
Security: CVE-2018-13796 |
1.1_3
29 Jul 2018 12:23:14
|
tota |
- Fix range for ja-mailman in CVE-2018-0618 |
1.1_3
29 Jul 2018 10:42:23
|
joneum |
document mantis issues
PR: 229880
Submitted by: Nathan <ndowens.fbsd@yandex.com> |
1.1_3
28 Jul 2018 11:43:51
|
sunpoet |
Fix version range of curl vulnerability |
1.1_3
27 Jul 2018 13:37:27
|
swills |
security/vuxml: document py-bleach issue
PR: 226851 |
1.1_3
27 Jul 2018 13:15:56
|
swills |
security/vuxml: document lshell issues
PR: 215988
Submitted by: Damien Fleuriot <dam@my.gd> |
1.1_3
27 Jul 2018 13:04:27
|
swills |
security/vuxml: document openjpeg issues
PR: 225805
Submitted by: VK <vlad-fbsd@acheronmedia.com> |
1.1_3
27 Jul 2018 13:00:45
|
swills |
security/vuxml: Document ffmpeg issues
PR: 223626
Submitted by: VK <vlad-fbsd@acheronmedia.com> |
1.1_3
27 Jul 2018 12:55:03
|
swills |
security/vuxml: document gimp issue
While here, fix entry date on curl entry
PR: 225636
Submitted by: D. Ebdrup <debdrup@gmail.com> |
1.1_3
27 Jul 2018 12:34:57
|
cpm |
Document new vulnerabilites in www/chromium < 68.0.3440.75
Obtained
from: https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html |
1.1_3
27 Jul 2018 12:24:57
|
swills |
security/vuxml: Document curl issue
PR: 229752
Submitted by: Yasuhiro KIMURA <yasu@utahime.org> |
1.1_3
27 Jul 2018 06:50:59
|
mfechner |
Documented vulnerabilities for gitlab-ce.
Approved by: mentors (implicit) |
1.1_3
26 Jul 2018 17:37:36
|
danilo |
- Document a graphics/vips buffer overflow.
https://github.com/jcupitt/libvips/releases/tag/v8.6.5 |
1.1_3
24 Jul 2018 18:08:47
|
fernape |
Document vulnerabilities for graphics/sixel 1.8.1
* CVE-2018-14072
* CVE-2018-14073
PR: 229975
Reported by: sue@iwmt.org (maintainer)
Approved by: tcberner (mentor) |
1.1_3
24 Jul 2018 06:33:50
|
miwi |
- Exclude LibreSSL 2.6.5 from CVE-2018-0732 entry
PR: 229037
Sponsored by: iXsystems Inc. |
1.1_3
21 Jul 2018 08:51:37
|
tijl |
Remove linux expat packages from latest expat entry. Red Hat has marked
these "will not fix" because of the low impact so there's no point in
nagging users about this.
https://access.redhat.com/security/cve/cve-2016-9063
https://access.redhat.com/security/cve/cve-2017-9233 |
1.1_3
21 Jul 2018 06:58:42
|
woodsb02 |
security/vuxml: Add CVE details for VLC vulnerability |
1.1_3
21 Jul 2018 06:50:36
|
woodsb02 |
security/vuxml: document VLC vulnerability |
1.1_3
19 Jul 2018 15:37:57
|
fernape |
security/vuxml: add mutt vulnerabilities
Include mutt vulnerabilities for mutt < 1.10.1
PR: 229810
Submitted by: dereks@lifeofadishwasher.com
Approved by: tcberner (mentor)
Differential Revision: https://reviews.freebsd.org/D16321 |
1.1_3
19 Jul 2018 12:39:21
|
gahr |
security/vuxml: fix typo |
1.1_3
19 Jul 2018 12:04:03
|
gahr |
security/vuxml: document NeoMutt and Mutt vulnerabilities |
1.1_3
19 Jul 2018 06:44:46
|
mfechner |
Document gitlab < 11.0.4 vulnerability.
Reviewed by: swills (mentor)
Approved by: swills (mentor)
Differential Revision: https://reviews.freebsd.org/D16317 |
1.1_3
18 Jul 2018 23:15:44
|
lwhsu |
Update CVE number of 20a1881e-8a9e-11e8-bddf-d017c2ca229d
Sponsored by: The FreeBSD Foundation |
1.1_3
18 Jul 2018 15:53:33
|
lwhsu |
Fix range of 20a1881e-8a9e-11e8-bddf-d017c2ca229d
Sponsored by: The FreeBSD Foundation |
1.1_3
18 Jul 2018 15:50:59
|
lwhsu |
Document Jenkins Security Advisory 2018-07-18
Sponsored by: The FreeBSD Foundation |
1.1_3
18 Jul 2018 14:14:45
|
dbaio |
security/vuxml: Document irc/znc vulnerabilities
Reported by: gordon
Security: CVE-2018-14055
Security: CVE-2018-14056 |
1.1_3
18 Jul 2018 13:39:24
|
brnrd |
security/vuxml: Document Apache httpd vulns |
1.1_3
17 Jul 2018 17:28:15
|
gjb |
Remove vendor-specific CVE numbers, following r474804. This tag
is reserved for Mitre CVE numbers, otherwise it does not pass
validation.
Sponsored by: The FreeBSD Foundation |
1.1_3
17 Jul 2018 17:19:29
|
novel |
security/vuxml: update version range for latest qutebrowser vuln
Update version for www/qutebrowser CVE-2018-10895 to reflect 2018Q3 fix. |
1.1_3
17 Jul 2018 15:38:01
|
gjb |
Comment a project-specific CVE reference in attempt to fix the build.
Sponsored by: The FreeBSD Foundation |
1.1_3
17 Jul 2018 15:29:24
|
joneum |
Document vulberability for typo3-7 and typo3-8 |
1.1_3
15 Jul 2018 15:17:45
|
fernape |
security/vuxml: add entry for devel/upp
Affected by CVE-2018-874
PR: 227414
Reported by: lightside@gmx.com
Approved by: tcberner (mentor)
Differential Revision: https://reviews.freebsd.org/D16017 |
1.1_3
15 Jul 2018 15:13:15
|
eugen |
Document several security defects in the Bouncy Castle Crypto APIs
before version 1.60
Obtained from: https://www.bouncycastle.org/latest_releases.html
Security: https://vuxml.FreeBSD.org/freebsd/fe93803c-883f-11e8-9f0c-001b216d295b |
1.1_3
15 Jul 2018 06:25:25
|
novel |
Document www/qutebrowser CSRF vulnerability
Reviewed by: miwi
Security: CVE-2018-10895 |
1.1_3
11 Jul 2018 17:24:27
|
jkim |
Fix typos.
Reported by: N.J. Mann (njm at njm dot me dot uk) |
1.1_3
11 Jul 2018 16:44:26
|
jkim |
Document the latest Flash Player vulnerabilities.
https://helpx.adobe.com/security/products/flash-player/apsb18-24.html |
1.1_3
11 Jul 2018 16:27:23
|
mfechner |
Document vulnerability for libgit2 < 0.27.3.
Reviewed by: swills (mentor)
Approved by: swills (mentor)
Differential Revision: https://reviews.freebsd.org/D16220 |
1.1_3
11 Jul 2018 13:50:00
|
gjb |
Fix build.
Sponsored by: The FreeBSD Foundation |
1.1_3
11 Jul 2018 13:09:47
|
dch |
security/vuxml: add CVE for Apache CouchDB 1.7.2 (databases/couchdb)
Approved by: jrm
Differential Revision: https://reviews.freebsd.org/D16212 |
1.1_3
09 Jul 2018 19:16:50
|
ler |
security/vuxml: document vulnerabilities in security/clamav. |
1.1_3
09 Jul 2018 08:19:46
|
miwi |
- Document devel/zziplib - multible vulnerabilities
PR: 226491
Sponsored by: iXsystems Inc. |
1.1_3
08 Jul 2018 14:45:34
|
joneum |
Document wordpress issues |
1.1_3
07 Jul 2018 14:25:02
|
jbeich |
security/vuxml: seamonkey-2.49.4 contains firefox-52.9.0 |
1.1_3
07 Jul 2018 11:08:40
|
joneum |
Document vulnerability in www/mybb |
1.1_3
05 Jul 2018 11:23:46
|
dbaio |
security/vuxml: Document expat vulnerabilities
libwww is also vulnerable because it has expat in its source tree.
Security: CVE-2016-9063
Security: CVE-2017-9233 |
1.1_3
03 Jul 2018 13:13:55
|
dch |
security/vuxml: add CVE-2018-0608 for www/h2o
PR: 228762
Approved by: jrm
Security: CVE-2018-0608
Differential Revision: https://reviews.freebsd.org/D16110 |
1.1_3
26 Jun 2018 16:27:38
|
jbeich |
security/vuxml: mark firefox < 61 as vulnerable |
1.1_3
26 Jun 2018 15:27:24
|
mfechner |
Vulnerability entry for www/gitlab.
Reviewed by: tz (mentor)
Approved by: tz (mentor)
Differential Revision: https://reviews.freebsd.org/D16010 |
1.1_3
25 Jun 2018 21:55:23
|
mandree |
Fixup |
1.1_3
25 Jun 2018 21:54:56
|
mandree |
Link release announcement to mail/mailman < 2.1.27 vuln/CVE 2018-0618 |
1.1_3
25 Jun 2018 21:45:41
|
mandree |
Add mailman vulnerabilities/hardening.
Obtained from: Mark Sapiro
Security: 739948e3-78bf-11e8-b23c-080027ac955c
Security: CVE-2018-0618
Security: JVN#00846677
Security: JPCERT#97432283 |
1.1_3
22 Jun 2018 23:16:01
|
matthew |
Docuement the latest phpMyAdmin vulnerabilities |
1.1_3
21 Jun 2018 22:49:54
|
feld |
Document SA-18:07.lazyfpu |
1.1_3
20 Jun 2018 19:38:13
|
sunpoet |
Document GraphicsMagick vulnerability
PR: 223629
Submitted by: Vladimir Krstulja <vlad-fbsd@acheronmedia.com> |
1.1_3
17 Jun 2018 18:14:02
|
mfechner |
Document vulnerability for libgit2 and py-pygit2.
Reviewed by: tz (mentor)
Approved by: tz (mentor)
Differential Revision: https://reviews.freebsd.org/D15668 |
1.1_3
16 Jun 2018 14:43:00
|
jrm |
security/vuxml: document Slurm vulnerability
https://lists.schedmd.com/pipermail/slurm-announce/2018/000008.html
While here, silence validation warnings caused by node.js 2018-06-15 entry. |
1.1_3
15 Jun 2018 05:09:51
|
bhughes |
security/vuxml: document Node.js vulnerabilities
https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/ |
1.1_3
14 Jun 2018 21:02:31
|
rene |
List GPG parsing vulnerabilities in sysutils/password-store < 1.7.2 |
1.1_3
14 Jun 2018 13:24:18
|
brnrd |
security/vuxml: Document LibreSSL vuln |
1.1_3
13 Jun 2018 18:51:55
|
cpm |
Document libgcrypt side-channel attack vulnerability
Security: CVE-2018-0495 |
1.1_3
12 Jun 2018 13:55:33
|
adamw |
Update gnupg entry now that gnupg1-1.4.23 has landed |
1.1_3
12 Jun 2018 13:44:06
|
brnrd |
security/vuxml: Bump PORTREV for openssl
- Chase missing svn add for openssl |
1.1_3
12 Jun 2018 13:01:11
|
brnrd |
security/vuxml: Document today's OpenSSL vuln (low) |
1.1_3
11 Jun 2018 22:57:11
|
madpilot |
Document new asterisk vulnerabilities. |
1.1_3
11 Jun 2018 22:50:00
|
madpilot |
Fix error in old asterisk entry. |
1.1_3
10 Jun 2018 08:47:07
|
cpm |
Document new vulnerability in www/chromium < 67.0.3396.79
Obtained
from: https://chromereleases.googleblog.com/2018/06/stable-channel-update-for-desktop.html |
1.1_3
08 Jun 2018 14:29:04
|
gjb |
Fix vuxml build.
Sponsored by: The FreeBSD Foundation |
1.1_3
08 Jun 2018 14:20:56
|
adamw |
Add entry for gnupg CVE |
1.1_3
08 Jun 2018 07:52:40
|
jbeich |
security/vuxml: mark firefox < 60.0.2 as vulnerable |
1.1_3
08 Jun 2018 00:25:32
|
jkim |
Document the latest Flash Player vulnerabilities.
https://helpx.adobe.com/security/products/flash-player/apsb18-19.html |
As an Amazon Associate I earn from qualifying purchases.
