| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
1.1_3
02 Nov 2016 10:49:45
   |
mat  |
Fix up bind9-devel's range for CVE-2016-8864.
Sponsored by: Absolight |
1.1_3
02 Nov 2016 08:11:16
|
brnrd |
security/vuxml: Document 2016-11-02 cURL vulnerabilities |
1.1_3
02 Nov 2016 08:01:42
|
delphij |
Document BIND remote DoS vulnerability. |
1.1_3
02 Nov 2016 05:26:39
|
swills |
Document memcached vulnerabilities |
1.1_3
01 Nov 2016 20:35:01
|
brnrd |
security/vuxml: Fix version numbers for MySQL |
1.1_3
01 Nov 2016 20:31:33
|
brnrd |
security/vuxml: Document MySQL/MariaDB vulnerabilities
- New entries added to "Oracle Critical Patch Update Advisory - October 2016"? |
1.1_3
31 Oct 2016 20:36:50
|
rene |
Document new vulnerabilities in www/chromium < 54.0.2840.59
Obtained
from: https://googlechromereleases.blogspot.nl/2016/10/stable-channel-update-for-desktop.html |
1.1_3
29 Oct 2016 18:16:45
|
peter |
Attempt to fix vuxml build after r424916 |
1.1_3
29 Oct 2016 15:19:27
|
feld |
Document openssh DoS
PR: 213640
Security: CVE-2016-8858 |
1.1_3
28 Oct 2016 15:34:17
|
feld |
Document sudo vulnerability |
1.1_3
28 Oct 2016 14:01:00
|
feld |
Document axis2 vulnerabilities
PR: 213791
Security: CVE-2012-6153
Security: CVE-2014-3577 |
1.1_3
28 Oct 2016 13:33:41
|
feld |
Document node vulnerabilities
PR: 213800
Security: CVE-2016-5172 |
1.1_3
28 Oct 2016 04:47:28
|
olivierd |
Document vulnerability in net/py-urllib3 |
1.1_3
27 Oct 2016 13:14:18
|
tijl |
Document latest flash plugin vulnerability.
PR: 213831 |
1.1_3
25 Oct 2016 17:57:29
|
feld |
Fix FreeBSD-SA-16:32.bhyve to correctly document this affects FreeBSD-kernel |
1.1_3
25 Oct 2016 17:56:10
|
feld |
Document revised FreeBSD-SA-16:15.sysarch |
1.1_3
25 Oct 2016 17:51:50
|
feld |
Document FreeBSD-SA-16:32.bhyve |
1.1_3
24 Oct 2016 15:32:21
|
feld |
Document flash vulnerabilities
Differential Revision: https://reviews.freebsd.org/D8266 |
1.1_3
21 Oct 2016 12:51:41
 |
mat |
${RM} already has -f.
PR: 213570
Submitted by: mat
Exp-run by: antoine
Sponsored by: Absolight |
1.1_3
21 Oct 2016 11:40:34
|
jbeich |
Reference MFSA for Thunderbird fixed by r423073 |
1.1_3
21 Oct 2016 11:32:25
|
jbeich |
Document recent Firefox vulnerabilities |
1.1_3
18 Oct 2016 18:01:39
|
feld |
Fix some malformed <freebsdpr> entries in vuxml |
1.1_3
18 Oct 2016 17:57:17
|
feld |
Document vulnerability in Apache Axis2
PR: 213546
Security: CVE-2010-3981 |
1.1_3
18 Oct 2016 17:26:07
|
rene |
Document remote denial of service vulnerability in security/tor*
PR: 212952
Submitted by: Neel Chauhan <neel@neelc.org>
Obtained
from: https://blog.torproject.org/blog/tor-0289-released-important-fixes |
1.1_3
18 Oct 2016 14:46:11
|
tz |
Fix wrong range of vulnerable Rails 4 versions
Approved by: pi (mentor) |
1.1_3
14 Oct 2016 12:03:47
|
tz |
Rails 4: Document XSS Vulnerability in Action View and
Unsafe Query Generation Risk in Active Record
Security: CVE-2016-6316
Security:
https://vuxml.freebsd.org/freebsd/43f1c867-654a-11e6-8286-00248c0c745d.html
Security: CVE-2016-6317
Security:
https://vuxml.freebsd.org/freebsd/7e61cf44-6549-11e6-8286-00248c0c745d.html
Approved by: pi(mentor) |
1.1_3
14 Oct 2016 12:01:47
|
tz |
Document multiple security issues of PHP 7.0
Security: CVE-2016-7416
Security: CVE-2016-7412
Security: CVE-2016-7414
Security: CVE-2016-7417
Security: CVE-2016-7413
Security: CVE-2016-7418
Security:
https://vuxml.freebsd.org/freebsd/f471032a-8700-11e6-8d93-00248c0c745d.html
Approved by: pi (mentor) |
1.1_3
14 Oct 2016 11:59:35
|
tz |
Document multiple security issues of PHP 5.6
Security: CVE-2016-7416
Security: CVE-2016-7412
Security: CVE-2016-7414
Security: CVE-2016-7417
Security: CVE-2016-7411
Security: CVE-2016-7413
Security: CVE-2016-7418
Security:
https://vuxml.freebsd.org/freebsd/8d5180a6-86fe-11e6-8d93-00248c0c745d.html
Approved by: pi (mentor) |
1.1_3
12 Oct 2016 04:47:33
|
feld |
Document file-roller vulnerability
PR: 213199
Security: CVE-2016-7162 |
1.1_3
12 Oct 2016 02:01:12
|
feld |
Document Virtualbox vulnerabilities
PR: 204406
Security: CVE-2015-4813
Security: CVE-2015-4896 |
1.1_3
12 Oct 2016 01:37:49
|
feld |
Document ImageMagick vulnerabilities
PR: 213032 |
1.1_3
12 Oct 2016 01:28:23
|
feld |
Document libgd vulnerabilities
PR: 213023 |
1.1_3
12 Oct 2016 01:22:04
|
feld |
Document libvncserver vulnerabilities
PR: 212380
Security: CVE-2014-6051
Security: CVE-2014-6052
Security: CVE-2014-6053
Security: CVE-2014-6054
Security: CVE-2014-6055 |
1.1_3
12 Oct 2016 01:17:13
|
feld |
Document OpenOffice vulnerability
PR: 212379
Security: CVE-2014-3575 |
1.1_3
12 Oct 2016 00:49:00
|
feld |
Document mupdf vulnerabilites
PR: 212207
Security: CVE-2016-6525
Security: CVE-2016-6265 |
1.1_3
11 Oct 2016 19:59:56
|
feld |
Fix OpenSSL vuln version range
Reported by: mat |
1.1_3
11 Oct 2016 15:07:54
|
feld |
Document openjpeg vulnerability
PR: 212672
Security: CVE-2016-5157
Security: CVE-2016-7163 |
1.1_3
11 Oct 2016 15:02:52
|
feld |
Document redis vulnerability
PR: 211709
Security: CVE-2013-7458 |
1.1_3
10 Oct 2016 16:20:06
|
feld |
Fix typo in vuxml topic |
1.1_3
10 Oct 2016 12:43:45
|
feld |
Document FreeBSD-SA-16:31.libarchive |
1.1_3
10 Oct 2016 12:42:13
|
feld |
Document FreeBSD-SA-16:30.portsnap |
1.1_3
10 Oct 2016 12:41:35
|
feld |
Document FreeBSD SA-16:29.bspatch |
1.1_3
10 Oct 2016 12:40:50
|
feld |
Add FreeBSD SA info to recent BIND vulnerability |
1.1_3
10 Oct 2016 12:39:09
|
feld |
Add FreeBSD SA info to recent OpenSSL vulnerability |
1.1_3
09 Oct 2016 07:49:26
|
riggs |
Document code execution vulnerability in mkvtoolnix < 9.4.1 |
1.1_3
08 Oct 2016 13:43:13
|
kwm |
Update the libXfixes version. The old version was still affected by the
vulnabilities. |
1.1_3
07 Oct 2016 18:00:32
|
kwm |
Document X.org client libraries insufficient validation of data from
the X server vulnabilities.
Security: CVE-2016-5407 |
1.1_3
30 Sep 2016 09:40:28
|
tijl |
Add linux-c6-openssl to recent OpenSSL vulnerabilities.
PR: 213082
Security: https://rhn.redhat.com/errata/RHSA-2016-1940.html |
1.1_3
28 Sep 2016 12:55:20
|
mat |
Add bind9-devel to the latest BIND9 vuln.
Sponsored by: Absolight |
1.1_3
28 Sep 2016 08:00:08
|
delphij |
Document BIND remote DoS vulnerability. |
1.1_3
28 Sep 2016 02:20:17
|
wen |
- Document the security vulnerability in py-django, py-django18 and py-django19.
PR: 213033
Submitted by: vlad-fbsd@acheronmedia.com
Security: CVE-2016-7401 |
1.1_3
27 Sep 2016 21:00:06
|
brnrd |
security/vuxml: Update recent OpenSSL vuln (add LibreSSL)
- Add libressl and libressl-devel |
1.1_3
26 Sep 2016 13:45:12
|
brnrd |
security/vuxml: Add 2016-09-26 OpenSSL entries |
1.1_3
23 Sep 2016 13:37:02
|
feld |
Document affected FreeBSD versions for recent OpenSSL vulnerabilities |
1.1_3
22 Sep 2016 14:31:34
|
feld |
Remove extra / invalid CVE entry for OpenSSL |
1.1_3
22 Sep 2016 12:51:09
|
feld |
Update range of vulnerable irssi versions |
1.1_3
22 Sep 2016 12:17:04
|
brnrd |
security/vuxml: Add new OpenSSL 1.0.2 and 1.1.0 vulnerabilities
- 2016-09-22 security advisory |
1.1_3
21 Sep 2016 21:03:46
|
feld |
Document that chinese/irssi is vulnerable as well |
1.1_3
21 Sep 2016 20:59:52
|
feld |
Document irssi vulnerabilities
PR: 212888
Security: CVE-2016-7044
Security: CVE-2016-7045 |
1.1_3
20 Sep 2016 17:01:30
|
jbeich |
Document recent Firefox vulnerabilities |
1.1_3
18 Sep 2016 14:17:58
|
brnrd |
security/vuxml: Fix curl version ranges |
1.1_3
16 Sep 2016 20:16:04
|
rene |
Document new vulnerabilities in www/chromium < 53.0.2785.113
Obtained
from: https://googlechromereleases.blogspot.nl/2016/09/stable-channel-update-for-desktop_13.html |
1.1_3
16 Sep 2016 16:17:48
|
riggs |
Document CVE 2016-6662: zero-day remote vulnerability in mysql ports
PR: 212612
Submitted by: mokhi64@gmail.com (mysql57-* maintainer)
Reported by: rootservice@gmail.com
Security: CVE 2016-6662 |
1.1_3
15 Sep 2016 07:46:55
|
matthew |
Document security problems in dropbear
PR: 212699
Submitted by: pkubaj@anongoth.pl |
1.1_3
14 Sep 2016 09:31:35
|
brnrd |
security/vuxml: Document www/h2o vulnerability
PR: 211892
Submitted by: Dave Cottlehuber <dch@skunkwerks.at> (maintainer)
Reviewed by: brnrd
MFH: 2016Q3
Security: 08664d42-7989-11e6-b7a8-74d02b9a84d5 |
1.1_3
14 Sep 2016 07:28:07
|
brnrd |
ftp/curl: Document integer overflow vuln |
1.1_3
13 Sep 2016 19:10:33
|
rene |
Add vulnerabilities for www/chromium < 53.0.2785.92
Obtained
from: https://googlechromereleases.blogspot.nl/2016/08/stable-channel-update-for-desktop_31.html |
1.1_3
13 Sep 2016 17:59:22
|
rene |
Belatedly add vulnerabilities for www/chromium < 52.0.2743.116
Obtained
from: https://googlechromereleases.blogspot.nl/2016/08/stable-channel-update-for-desktop.html |
1.1_3
13 Sep 2016 08:05:42
|
delphij |
Document MySQL root code execution vulnerability. |
1.1_3
12 Sep 2016 20:22:00
|
gjb |
Fix build.
Sponsored by: The FreeBSD Foundation |
1.1_3
12 Sep 2016 20:05:47
|
johans |
Document WolfSSL vulnerabilities (< 3.6.8)
PR: 205936
Submitted by: Christoph Moench-Tegeder |
1.1_3
09 Sep 2016 13:31:30
|
tijl |
Add entry for GNUTLS-SA-2016-3. |
1.1_3
09 Sep 2016 11:02:05
|
cmt |
document mozilla vulnerabilities (<48, <45.3esr)
PR: 212463
Approved by: jbeich (maintainer), rene (mentor) |
1.1_3
08 Sep 2016 20:52:39
|
madpilot |
Document asterisk vulnerabilities. |
1.1_3
06 Sep 2016 17:08:31
|
tijl |
- Add linux-*-tiff information to existing tiff vulnerabilities.
- Like r419692, cancel a gif2tiff vulnerability that upstream marked
WONTFIX: http://bugzilla.maptools.org/show_bug.cgi?id=2536
PR: 211552 |
1.1_3
06 Sep 2016 14:22:55
|
feld |
Document vulnerability in irc/inspircd
No CVEs have been assigned at this time. |
1.1_3
06 Sep 2016 08:37:04
|
mandree |
Add CVE-2016-7123 for resolved mailman CSRF.
PR: 212378
Reported by: Sevan Janiyan
Security: CVE-2016-7123
Security: 9e50dcc3-740b-11e6-94a2-080027ef73ec |
1.1_3
05 Sep 2016 21:40:38
|
tijl |
Fix the version range for a linux-c6-nss vulnerability.
PR: 208385 |
1.1_3
01 Sep 2016 20:27:24
|
gjb |
Fix build.
Sponsored by: The FreeBSD Foundation |
1.1_3
01 Sep 2016 20:21:00
|
bdrewery |
Document OpenSSH CVE-2015-8325 and CVE-2016-6210 fixed in OpenSSH 7.3p1.
PR: 212275
Reported by: <Sevan Janiyan> venture37@geeklan.co.uk
Security: CVE-2015-8325
Security: CVE-2016-6210 |
1.1_3
29 Aug 2016 19:00:37
|
mandree |
Document mailman < 2.1.23 CVE-2016-6893, insufficient CSRF protection. |
1.1_3
28 Aug 2016 17:53:49
|
kwm |
Document libxml2 vulnabilities. |
1.1_3
27 Aug 2016 19:20:16
|
tcberner |
Document kdelibs KArchive directory traversal vulnerability.
Approved by: rakuco (mentor)
Security: CVE-2016-6232 |
1.1_3
22 Aug 2016 17:20:59
|
kwm |
Docuement eog out of bounds write.
Security: CVE-2016-6855 |
1.1_3
22 Aug 2016 12:20:59
|
mat |
Some more cleanup to Perl vulnerabilities.
Sponsored by: Absolight |
1.1_3
21 Aug 2016 19:12:35
|
kwm |
Document fontconfig insufficiently cache file validation
Security: CVE-2016-5384 |
1.1_3
19 Aug 2016 15:05:35
|
feld |
Fix ruby version range which was missing the important portepoch
Add postgres and mysql to the EoL port list
PR: 211975 |
1.1_3
19 Aug 2016 14:02:11
|
feld |
Fix PKGNAME matching for old ruby in vuxml
PR: 211975 |
1.1_3
19 Aug 2016 13:01:25
|
mat |
Fixup Perl package names in the EoL vuln.
Sponsored by: Absolight |
1.1_3
18 Aug 2016 22:27:48
|
jgh |
unbreak build (validation and tests pass)
Reported by: feld
With hat: ports-secteam |
1.1_3
18 Aug 2016 21:44:35
|
feld |
Add a number of old expired and End of Life ports to vuxml
PR: 211975 |
1.1_3
18 Aug 2016 19:22:47
|
jkim |
Fix CVE name for security/gnupg and security/libgcrypt. There was a typo in
the official release announcement. |
1.1_3
18 Aug 2016 00:41:25
|
kuriyama |
Register recent gnupg1/libgcrypt vuln. |
1.1_3
17 Aug 2016 11:02:43
|
matthew |
Document 26 new security advisories from phpmadmin. Some of these are
described as 'critical'. |
1.1_3
15 Aug 2016 09:26:54
|
mat |
Note where the XSLoader thing is being fixed in Perl 5.18 and 5.20.
Sponsored by: Absolight |
1.1_3
15 Aug 2016 04:18:36
|
koobs |
security/vuxml: Fix/Improve a few entry titles (<topic)
- TeamSpeak 3 Server: Use standard "Product -- Description" title format
- TeamSpeak 3 Server: Include RCE in title so people dont miss it. Importante.
- puppet-agent MCollective: Remove duplicate name in title, use software name
- FreeBSD ntp entry: Fix grammo |
1.1_3
14 Aug 2016 22:19:31
|
pi |
audio/teamspeak3-server: Document remote code execution
PR: 211846
Security: http://seclists.org/fulldisclosure/2016/Aug/61
Submitted by: Ultima1252@gmail.com |
1.1_3
14 Aug 2016 17:12:27
|
junovitch |
Fix PKGNAME for collectd5
PR: 211613 |
1.1_3
14 Aug 2016 08:33:15
|
romain |
Add entry for CVE-2015-7331
mcollective-puppet-agent -- Remote Code Execution in mcollective-puppet-agent
plugin |
1.1_3
13 Aug 2016 21:44:31
|
mat |
Fix the perl5* section for the two recent vuln.
For some reason, perl5-devel was having a wrongly special treatment, and
it was failing to take into account the fact that we've had 5.21 and
5.23 in the tree.
Also, correct the version at which the XSLoader thing was solved in 5.25.
Sponsored by: Absolight |
As an Amazon Associate I earn from qualifying purchases.
