| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
1.1_3
06 Jun 2018 16:56:53
   |
leres  |
Mark bro < 2.5.4 as vulnerable as per:
https://www.bro.org/download/NEWS.bro.html
Reviewed by: ler (mentor)
Approved by: ler (mentor)
Differential Revision: https://reviews.freebsd.org/D15677 |
1.1_3
05 Jun 2018 20:23:03
|
jrm |
security/vuxml/vuln.xml: Fix indentation (silences make validate)
Reported by: mfechner |
1.1_3
04 Jun 2018 20:10:22
|
mfechner |
Document new vulnerabilities in www/gitlab < 10.8.2 or < 10.7.5 or < 10.6.6.
Reviewed by: tz (mentor)
Approved by: tz (mentor)
Differential Revision: https://reviews.freebsd.org/D15635 |
1.1_3
03 Jun 2018 00:37:06
|
jrm |
security/vuxml: Fix version ranges for latest Git vulnerabilities
Reported by: jbeich |
1.1_3
02 Jun 2018 20:51:49
|
jrm |
security/vuxml: Document devel/git CVEs (2018-11233 and 2018-11235) |
1.1_3
31 May 2018 12:42:04
|
krion |
Document security/strongswan multiple vulnerabilities
((CVE-2018-10811, CVE-2018-5388)
PR: 228631
Submitted by: strongswan@Nanoteq.com |
1.1_3
30 May 2018 21:47:40
|
cpm |
Document new vulnerabilities in www/chromium < 67.0.3396.62
Obtained
from: https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html |
1.1_3
21 May 2018 03:12:12
|
delphij |
Document BIND multiple vulnerabilities. |
1.1_3
20 May 2018 13:14:18
|
zeising |
Update VuXML entry for xorg-server issues
Update VuXML entry for xorg-server issues related to CVE-2017-10971 and
CVE-2017-10972. The version check was wrong missing the portepoch which
meant that the entry never matched anything. It was also only added for
xorg-server 1.19, while we have 1.18 in base.
Fix formatting and edit the overly long lines. |
1.1_3
16 May 2018 23:56:06
|
sunpoet |
Document curl vulnerability |
1.1_3
13 May 2018 07:21:27
|
riggs |
Document vulnerabilities in wavpack 5.1.0 and earlier
PR: 228146
Submitted by: yasu@utahime.org |
1.1_3
13 May 2018 06:16:49
|
riggs |
Bump maximum description length to 5000
Details:
Thanks to www/chromium, we now have a valid entry with 4933 characters.
Entries this long will probably remain exceptions, but there should
not be a warning for the currently valid entries. |
1.1_3
13 May 2018 06:01:45
|
riggs |
Bump copyright to 2018 |
1.1_3
13 May 2018 06:00:55
|
riggs |
Document vulnerabilities in chromium before 66.0.3359.170
Reported by: Tommi Pernila <tommi.pernila@iki.fi> via e-mail |
1.1_3
10 May 2018 14:47:46
|
swills |
Document jenkins security issues |
1.1_3
09 May 2018 20:32:25
|
jbeich |
security/vuxml: mark firefox < 60 as vulnerable
PR: 226476 |
1.1_3
09 May 2018 16:32:15
|
pi |
security/vuxml: document kamailio CVE-2018-8828
PR: 227677
Submitted by: Ben Hood <ben@relops.com> |
1.1_3
09 May 2018 16:15:24
|
vd |
Document ftp/wget's cookie injection vulnerability
Submitted by: Yasuhiro KIMURA <yasu@utahime.org>
MFH: 2018Q2
Security: CVE-2018-0494 |
1.1_3
09 May 2018 05:54:52
|
jkim |
Document the latest Flash Player vulnerability.
https://helpx.adobe.com/security/products/flash-player/apsb18-16.html |
1.1_3
08 May 2018 20:21:39
|
feld |
Document FreeBSD-SA-18:06.debugreg |
1.1_3
05 May 2018 17:22:42
|
sunpoet |
Document python vulnerability |
1.1_3
04 May 2018 14:28:58
|
adridg |
Security notice regarding kwallet-pam (KDE Plasma5).
https://www.kde.org/info/security/advisory-20180503-1.txt
The port is not built by default through the regular KDE packages,
and has been in the ports tree only a week; the impact is expected
to be low.
Approved by: tcberner (mentor, implicit) |
1.1_3
03 May 2018 18:45:49
|
joneum |
Document multiple vulnerabilities in www/drupal7 and www/drupal8 |
1.1_3
02 May 2018 10:39:24
|
mfechner |
Document vulnerabilities in gitlab for several versions.
Reviewed by: eugen_grosbein.net, tz (mentor)
Approved by: eugen_grosbein.net, tz (mentor)
Differential Revision: https://reviews.freebsd.org/D15248 |
1.1_3
30 Apr 2018 19:19:35
|
riggs |
Document free-after-use issue in chromium before 66.0.3359.139
Submitted by: Tommi Pernila <tommi.pernila@iki.fi> via e-mail
Security: CVE-2018-6118 |
1.1_3
26 Apr 2018 11:00:39
|
woodsb02 |
Document vulnerabilities in quassel before 0.12.5
Security: https://vuxml.freebsd.org/freebsd/499f6b41-58db-4f98-b8e7-da8c18985eda.html |
1.1_3
24 Apr 2018 18:07:21
|
riggs |
Document vulnerabilities in chromium before 66.0.3359.117
Submitted by: tommi.pernila@iki.fi (via mail to ports-secteam)
Reviewed by: riggs |
1.1_3
23 Apr 2018 19:17:27
|
tijl |
Document mbed TLS vulnerabilities
Security: https://tls.mbed.org/tech-updates/releases/mbedtls-2.8.0-2.7.2-and-2.1.11-released |
1.1_3
21 Apr 2018 09:07:08
|
brnrd |
security/vuxml: Document MySQL vulns from quarterly Oracle CPU |
1.1_3
20 Apr 2018 20:50:36
|
joneum |
Document wordpress issues |
1.1_3
19 Apr 2018 19:17:33
|
matthew |
Document the latest phpMyAdmin vulnerabilities |
1.1_3
19 Apr 2018 18:08:47
|
acm |
- Document drupal8 vulnerability |
1.1_3
16 Apr 2018 17:46:26
|
brnrd |
security/vuxml: Bump portrev for latest OpenSSL vuln |
1.1_3
16 Apr 2018 17:05:57
|
brnrd |
security/vuxml: Add OpenSSL vulnerability |
1.1_3
16 Apr 2018 07:32:49
|
joneum |
Add Blockquote
pointy hat to joneum |
1.1_3
16 Apr 2018 07:26:58
|
joneum |
Document multiple vulnerabilities in www/drupal7
Security: CVE-2018-7600 |
1.1_3
15 Apr 2018 20:04:09
|
sunpoet |
Document Perl vulnerability |
1.1_3
15 Apr 2018 19:12:25
|
sunpoet |
Update freeimage vulnerability |
1.1_3
14 Apr 2018 12:04:55
|
eugen |
ipsec-tools: document remotely exploitable computational-complexity attack.
PR: 225066
Security: CVE-2016-10396 |
1.1_3
13 Apr 2018 20:49:04
|
sunpoet |
Document nghttp2 vulnerability |
1.1_3
13 Apr 2018 07:18:56
|
ale |
Document roundcube IMAP command injection vulnerability. |
1.1_3
12 Apr 2018 17:54:28
|
swills |
Document Jenkins vulnerabilities |
1.1_3
10 Apr 2018 18:41:22
|
jkim |
Document the latest Flash Player vulnerability.
https://helpx.adobe.com/security/products/flash-player/apsb18-08.html |
1.1_3
09 Apr 2018 13:55:20
|
mfechner |
Fixed a wrong version definition for gitlab that report 10.4.6 as affected.
PR: 227293
Reported by: majo-bugs.freebsd.org@cerny.sk
Reviewed by: dbaio, swills (mentor)
Approved by: swills (mentor)
Differential Revision: https://reviews.freebsd.org/D14999 |
1.1_3
07 Apr 2018 09:17:53
|
mfechner |
Added information about security problems with port www/gitlab.
Reviewed by: swills (mentor)
Approved by: swills (mentor)
Differential Revision: https://reviews.freebsd.org/D14974 |
1.1_3
05 Apr 2018 14:15:35
|
feld |
Document FreeBSD-SA-18:05.ipsec |
1.1_3
05 Apr 2018 14:15:04
|
feld |
Document FreeBSD-SA-18:04.vt |
1.1_3
01 Apr 2018 00:06:15
|
jbeich |
security/vuxml: adjust thunderbird version for CVE-2018-5148 backport |
1.1_3
01 Apr 2018 00:00:24
|
jbeich |
security/vuxml: delist palemoon from CVE-2018-514[67]
Let upstream to decide if the browser is affected.
https://github.com/MoonchildProductions/Pale-Moon/commits/master/media/libvorbis/lib/vorbis_codebook.c
https://github.com/MoonchildProductions/Pale-Moon/commits/master/media/libtremor/lib/tremor_codebook.c |
1.1_3
31 Mar 2018 23:59:41
|
jbeich |
security/vuxml: libxul didn't share release branch with thunderbird |
1.1_3
31 Mar 2018 08:17:58
|
wen |
- Document Moodle vulnerability |
1.1_3
29 Mar 2018 20:16:18
|
sunpoet |
Fix space/tab to pet "make validate" |
1.1_3
29 Mar 2018 20:12:42
|
sunpoet |
Document Ruby vulnerability |
1.1_3
29 Mar 2018 19:47:48
|
bhughes |
security/vuxml: Document Node.js vulnerabilities
https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/ |
1.1_3
28 Mar 2018 13:05:54
|
mfechner |
Document gitlab vulnerability.
Reviewed by: tz (mentor)
Approved by: tz (mentor)
Differential Revision: https://reviews.freebsd.org/D14870 |
1.1_3
28 Mar 2018 11:33:47
|
tobik |
Fix typos |
1.1_3
28 Mar 2018 11:22:51
|
tobik |
Document www/webkit2-gtk3 vulnerabilities |
1.1_3
27 Mar 2018 17:33:22
|
cpm |
Document new vulnerability in www/chromium < 65.0.3325.181
Obtained
from: https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop_20.html |
1.1_3
27 Mar 2018 14:50:47
|
brnrd |
security/vuxml: Document OpenSSL vulnerabilities |
1.1_3
27 Mar 2018 13:27:34
|
gjb |
Attempt to fix vuxml build.
Sponsored by: The FreeBSD Foundation |
1.1_3
27 Mar 2018 12:57:14
|
brnrd |
security/vuxml: Mark Apache 2.2 vulnerable
- Upstream has removed all patches for 2.2.34
With hat: apache |
1.1_3
27 Mar 2018 03:30:49
|
gjb |
Fix build after r465658.
Sponsored by: The FreeBSD Foundation |
1.1_3
27 Mar 2018 01:13:11
|
jbeich |
security/vuxml: mark firefox < 59.0.2 as vulnerable |
1.1_3
26 Mar 2018 09:13:40
|
cmt |
thunderbird: fix affected versions for CVE-2018-5146
according to https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/ ,
CVE-2018-5146 has been fixed in thunderbird 52.7.0 (and CVE-2018-5147
affects Android platforms as per it's description).
Add link to the thunderbird security advisory MFSA 2018-09, as this has
the info for thunderbird. |
1.1_3
25 Mar 2018 17:20:11
|
jhale |
Fix mythtv ranges. Forgot to factor in PORTEPOCH. |
1.1_3
25 Mar 2018 14:13:51
|
jhale |
Update entries for mythtv and mythtv-frontend
PR: 225652 |
1.1_3
24 Mar 2018 21:12:02
|
sunpoet |
Document rubygem-rails-html-sanitizer vulnerability |
1.1_3
24 Mar 2018 14:39:24
|
brnrd |
security/vuxml: Document recent Apache httpd vulnerabilities |
1.1_3
24 Mar 2018 08:46:25
|
joneum |
Document vulnerability in www/mybb |
1.1_3
23 Mar 2018 05:02:39
|
yuri |
VulnXML record: CVE-2018-8740: SQLite -- Corrupt DB can cause a NULL pointer
dereference
Patched in r465275. |
1.1_3
21 Mar 2018 19:04:13
|
sunpoet |
Document rubygem-sanitize vulnerability |
1.1_3
20 Mar 2018 22:36:05
|
sunpoet |
Document rubygem-loofah vulnerability |
1.1_3
19 Mar 2018 15:14:29
|
sunpoet |
Document py-notebook vulnerability |
1.1_3
19 Mar 2018 07:34:58
|
riggs |
Document zero-day remote vulnerability in mail/squirrelmail
Reported by: Roger Marquis <marquis@roble.com> via e-mail
Security: CVE-2018-8741 |
1.1_3
17 Mar 2018 17:51:52
|
jrm |
security/vuxml: mark slurm-wlm < 17.02.10 as vulnerable
Security: CVE-2018-7033 |
1.1_3
16 Mar 2018 21:07:22
|
jbeich |
security/vuxml: mark libvorbis < 1.3.6 as vulnerable |
1.1_3
16 Mar 2018 13:12:45
|
jbeich |
security/vuxml: bump waterfox version after r464679 |
1.1_3
14 Mar 2018 23:38:36
|
mandree |
Mark e2fsprogs < 1.44.0 vulnerable. |
1.1_3
14 Mar 2018 14:54:54
|
feld |
Initial entry for the speculative execution vulnerability
(FreeBSD-SA-18:03.speculative_execution) |
1.1_3
14 Mar 2018 14:53:22
|
feld |
Update NTP entry to add the FreeBSD SA information (FreeBSD-SA-18:02.ntp) |
1.1_3
14 Mar 2018 14:49:55
|
feld |
Document FreeBSD-SA-18:01.ipsec |
1.1_3
13 Mar 2018 17:25:25
|
jkim |
Document the latest Flash Player vulnerability.
https://helpx.adobe.com/security/products/flash-player/apsb18-05.html |
1.1_3
13 Mar 2018 17:08:05
|
jbeich |
security/vuxml: mark firefox < 59 as vulnerable |
1.1_3
13 Mar 2018 10:51:03
|
timur |
Add an entry for Samba vulnerabilities CVE-2018-1050 and CVE-2018-1057
Security: CVE-2018-1050
CVE-2018-1057 |
1.1_3
10 Mar 2018 19:08:08
|
tijl |
Document mbed TLS Security Advisory 2018-01.
Security: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-01
Security: CVE-2018-0487
Security: CVE-2018-0488 |
1.1_3
08 Mar 2018 19:28:06
|
riggs |
Document vulnerabilities in www/chromium before 65.0.3325.146
Submitted by: Tommi Pernila <tommi.pernila@iki.fi> (via e-mail) |
1.1_3
04 Mar 2018 22:40:44
|
cmt |
document vulnerabilities for net/wireshark{,-lite,qt5} and net/tshark{,-lite}
PR: 226355
Obtained from: https://www.wireshark.org/security/ |
1.1_3
02 Mar 2018 17:01:15
|
zi |
- Document vulnerabilities (CVE-2018-5732, CVE-2018-5733) in isc-dhcp ports |
1.1_3
01 Mar 2018 23:52:56
|
jhale |
Document additional vulnerabilities in audio/libsndfile |
1.1_3
01 Mar 2018 15:58:44
|
girgen |
Document PostgreSQL vulnerability
Security: CVE-2018-1058 |
1.1_3
01 Mar 2018 13:48:59
|
garga |
Document strongswan vulnerability
PR: 226043
Submitted by: strongswan@Nanoteq.com
Security: CVE-2018-6459
Sponsored by: Rubicon Communications, LLC (Netgate) |
1.1_3
01 Mar 2018 06:49:19
|
jhale |
Document vulnerability in audio/libsndfile and audio/linux-c[6|7]-libsndfile |
1.1_3
28 Feb 2018 07:35:27
|
delphij |
Document multiple NTP vulnerabilities. |
1.1_3
27 Feb 2018 20:22:56
|
riggs |
Document CVE-2018-6056 in chromium 64.0.3282.167
Reported by: Tommi Pernila <tommi.pernila@iki.fi> (via e-mail) |
1.1_3
27 Feb 2018 20:15:40
|
riggs |
Document multiple vulnerabilities in chromium 64.0.3282.119
Reported by: Tommi Pernila <tommi.pernila@iki.fi> (via e-mail) |
1.1_3
27 Feb 2018 20:03:57
|
riggs |
Document CVE-2018-1304 and CVE-2018-1305 in Apache Tomcat
Submitted by: Roger Marquis <marquis@roble.com> via e-mail |
1.1_3
27 Feb 2018 15:22:33
|
girgen |
Document security problems with shibboleth-sp
Security: CVE-2018-0489 |
1.1_3
25 Feb 2018 19:39:06
|
joneum |
Document multiple vulnerabilities in www/drupal7 and www/drupal8
Security: CVE-2017-6927
Security: CVE-2017-6928
Security: CVE-2017-6929
Security: CVE-2017-6930
Security: CVE-2017-6931
Security: CVE-2017-6932 |
1.1_3
25 Feb 2018 10:44:31
|
tota |
- Fix range for ja-mailman in CVE-2018-5950 |
1.1_3
24 Feb 2018 09:14:43
|
riggs |
Document ssh injection vulnerability in devel/cvs
PR: 226088
Reported by: fk@fabiankeil.de
Security: CVE-2017-12836 |
As an Amazon Associate I earn from qualifying purchases.
