| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
1.1_2
28 Apr 2015 20:28:49
   |
rene  |
Document new vulnerabities in www/chromium < 42.0.2311.135
Obtained
from: http://googlechromereleases.blogspot.nl/2015/04/stable-channel-update_28.html |
1.1_2
27 Apr 2015 10:53:41
|
rene |
Document new vulnerabilities in www/chromium < 42.0.2311.90
Obtained
from: http://googlechromereleases.blogspot.nl/2015/04/stable-channel-update_14.html |
1.1_2
26 Apr 2015 16:32:34
|
marino |
security/vuxml: Add entry for security/wpa_supplicant
Security: CVE-2015-1863
PR: 199678 |
1.1_2
26 Apr 2015 06:34:50
|
delphij |
Document PHP multiple vulnerabilities.
Submitted by: Bernard Spil <spil.oss gmail com> |
1.1_2
24 Apr 2015 16:52:03
|
kwm |
There are actualy two chinese wordpress ports, which have both different
suffixes. List them both. |
1.1_2
24 Apr 2015 15:42:31
|
kwm |
Add wordpress vulnabilities. |
1.1_2
22 Apr 2015 07:40:02
|
novel |
Add an entry for security/libtasn1 vulnerability.
Security: CVE-2015-2806 |
1.1_2
21 Apr 2015 02:41:56
|
jbeich |
Document new Firefox vulnerability. CVE-2015-2706 |
1.1_2
18 Apr 2015 10:17:25
|
jbeich |
Document sqlite3 multiple vulnerabilites
PR: 199483 |
1.1_2
18 Apr 2015 09:27:51
|
jbeich |
Document chrony multiple vulnerabilites.
PR: 199508 |
1.1_2
17 Apr 2015 22:11:15
|
jbeich |
Document new Dulwich vulnerability. CVE-2015-0838
PR: 199162
Submitted by: Marco Broder (maintainer) |
1.1_2
17 Apr 2015 10:09:42
|
xmj |
Register Flash vulnerabilities.
Affected: www/linux-*-flashplugin11. |
1.1_2
17 Apr 2015 08:04:25
|
jbeich |
Document Wesnoth vulnerability. CVE-2015-0844
PR: 199414 |
1.1_2
14 Apr 2015 08:33:05
|
rakuco |
Add entry for CVE-2015-1858, CVE-2015-1859 and CVE-2015-1860.
Multiple vulnerabilities in Qt image format handling (the 3 CVEs are part of
the same security advisory). |
1.1_2
14 Apr 2015 00:50:37
|
swills |
Document issues in ruby |
1.1_2
09 Apr 2015 19:35:01
|
mandree |
Add mailman < 2.1.20 vulnerability.
Port update to arrive shortly. |
1.1_2
08 Apr 2015 21:46:52
|
madpilot |
Document new asterisk ports vulnerability. |
1.1_2
07 Apr 2015 23:48:04
|
delphij |
Document NTP multiple vulnerabilities. |
1.1_2
03 Apr 2015 23:42:56
|
jbeich |
Document mozilla vulnerabilities in Firefox 37.0 |
1.1_2
03 Apr 2015 16:34:46
|
riggs |
Document multiple vulnerabilities in multimedia/libav prior to version 11.3
PR: 198873
Submitted by: venture37@geeklan.co.uk
MFH: 2015Q2 |
1.1_2
01 Apr 2015 20:03:30
|
delphij |
Document multiple vulnerabilities of PHP.
Submitted by: Bernard Spil <bernard bachfreund nl> |
1.1_2
31 Mar 2015 20:16:05
|
ohauer |
- document subversion issues
http://subversion.apache.org/security/
Security: CVE-2015-0202
Security: CVE-2015-0248
Security: CVE-2015-0251 |
1.1_2
31 Mar 2015 18:40:30
|
jbeich |
Document mozilla vulnerabilities |
1.1_2
31 Mar 2015 16:10:21
|
amdmi3 |
Add vulnerability for devel/osc.
Security: CVE-2015-0778
PR: 198876
Submitted by: venture37@geeklan.co.uk |
1.1_2
31 Mar 2015 14:51:31
|
naddy |
Document GNU cpio vulnerabilities CVE-2014-9112 and CVE-2015-1197. |
1.1_2
28 Mar 2015 16:50:00
|
makc |
Document libzip vulnerability CVE-2015-2331 |
1.1_2
27 Mar 2015 05:33:35
|
lwhsu |
Document django vulnerability CVE-2015-2316 and CVE-2015-2317 |
1.1_2
25 Mar 2015 13:13:58
|
dvl |
Revert my previous commit. |
1.1_2
25 Mar 2015 13:03:33
|
dvl |
Convert non-ASCII quotes to ASCII characters
Approved by: mat (mentor) |
1.1_2
24 Mar 2015 23:20:00
|
jgh |
- fixing package name
$ make -C /usr/ports/devel/mingw64-binutils/ -V PKGNAME
x86_64-pc-mingw32-binutils-2.23.2_1 |
1.1_2
24 Mar 2015 22:15:49
|
zi |
- Fix vuxml build: bad package names in f6a014cd-d268-11e4-8339-001e679db764
- Fix blockquote style to match rest |
1.1_2
24 Mar 2015 21:32:04
|
brooks |
The ancient version of binutils in the cross-binutils port suffers for
several vulnerabilities.
This also effects devel/mingw64-binutils.
PR: 198816
Reported by: Sevan Janiyan <venture37@geeklan.co.uk> |
1.1_2
24 Mar 2015 16:11:41
|
vanilla |
Document nodejs (libuv) CVE-2015-0278.
PR: 198861
Submitted by: venture37@geeklan.co.uk |
1.1_2
24 Mar 2015 12:17:14
|
xmj |
Document vulnerable linux-c6-openssl versions in vuxml entry from 2015-03-19
Approved by: swills (mentor) |
1.1_2
24 Mar 2015 06:22:28
|
lwhsu |
Document Jenkins Security Advisory 2015-03-23 |
1.1_2
22 Mar 2015 04:45:56
|
jbeich |
Document mozilla issues disclosed at HP Zero Day Initiative's Pwn2Own |
1.1_2
19 Mar 2015 22:54:14
|
delphij |
Mention LibreSSL too. Use <ul>'s per suggestion from vsevolod [1].
PR: 198718 [1] |
1.1_2
19 Mar 2015 21:21:04
|
delphij |
Document OpenSSL multiple vulnerabilities. |
1.1_2
18 Mar 2015 09:07:06
|
kwm |
Record new libXfont security issues. |
1.1_2
16 Mar 2015 17:01:02
|
xmj |
Add latest security vulnerabilities in linux-*-flashplugin11:
CVE-2015-0332
CVE-2015-0333
CVE-2015-0334
CVE-2015-0335
CVE-2015-0336
CVE-2015-0337
CVE-2015-0338
CVE-2015-0339
CVE-2015-0340
CVE-2015-0341
CVE-2015-0342
Differential Revision: https://reviews.freebsd.org/D2061
Approved by: swills (mentor) |
1.1_2
13 Mar 2015 04:08:21
|
brd |
Add vulnerability for mail/sympa.
Approved by: bapt
Security: CVE-2015-1306 |
1.1_2
08 Mar 2015 11:55:51
|
matthew |
Document latest security vulnerabilities in rt42 and rt40:
CVE-2014-9472
CVE-2015-1165
CVE-2015-1464 |
1.1_2
08 Mar 2015 11:41:19
|
matthew |
Document the latest phpMyAdmin vulnerability: CVE-2015-2206 |
1.1_2
07 Mar 2015 17:17:32
|
romain |
Document mono TLS bugs.
Reported by: delphij |
1.1_2
05 Mar 2015 22:10:27
|
mandree |
Document recently fixed PuTTY < 0.64 vuln. CVE-2015-2157. |
1.1_2
04 Mar 2015 23:18:36
|
rene |
Document new vulnerabilities in www/chromium < 41.0.2272.76
Submitted by: Carlos Jacobo Puga Medina
Obtained from: http://googlechromereleases.blogspot.nl/ |
1.1_2
04 Mar 2015 23:05:03
|
rakuco |
Add entry for CVE-2015-0295 in qt4-gui and qt5-gui. |
1.1_2
01 Mar 2015 03:42:31
|
swills |
Add entry for security issue in jenkins
Reviewed by: zi |
1.1_2
27 Feb 2015 08:28:03
|
jbeich |
Fix typo: s/MSFA/MFSA/. The source to follow later.
https://bugzilla.mozilla.org/show_bug.cgi?id=1137604 |
1.1_2
27 Feb 2015 07:14:24
|
jbeich |
Document mozilla vulnerabilities |
1.1_2
26 Feb 2015 19:58:59
|
brd |
Document vulnerablities in php for CVE-2015-0235 and CVE-2015-0273.
Approved by: zi (mentor) |
1.1_2
26 Feb 2015 01:12:45
|
cy |
Document bugs fixed in krb5 1.11.6.
* Handle certain invalid RFC 1964 GSS tokens correctly to avoid
invalid memory reference vulnerabilities. [CVE-2014-4341
CVE-2014-4342]
* Fix memory management vulnerabilities in GSSAPI SPNEGO.
[CVE-2014-4343 CVE-2014-4344]
* Fix buffer overflow vulnerability in LDAP KDB back end.
[CVE-2014-4345]
* Fix multiple vulnerabilities in the LDAP KDC back end.
[CVE-2014-5354 CVE-2014-5353]
* Fix multiple kadmind vulnerabilities, some of which are based in the
gssrpc library. [CVE-2014-5352 CVE-2014-9421 CVE-2014-9422
CVE-2014-9423]
Security: CVE-2014-4341, CVE-2014-4342, CVE-2014-4343, CVE-2014-4344
CVE-2014-4345, CVE-2014-5354, CVE-2014-5353, CVE-2014-5352
CVE-2014-9421, CVE-2014-9422, CVE-2014-9423 |
1.1_2
24 Feb 2015 00:54:48
|
delphij |
Document Samba remote code execution vulnerability. |
1.1_2
24 Feb 2015 00:20:17
|
mandree |
Record two e2fsprogs vulnerabilities.CVE-2015-0247
<URL:http://vuxml.freebsd.org/0f488b7b-bbb9-11e4-903c-080027ef73ec.html>
Topic: e2fsprogs -- potential buffer overflow in closefs()
Affects:
e2fsprogs < 1.42.12_2
References:
url:http://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?h=maint&id=49d0fe2a14f2a23da2fe299643379b8c1d37df73
cvename:CVE-2015-1572
<URL:http://vuxml.freebsd.org/2a4bcd7d-bbb8-11e4-903c-080027ef73ec.html>
Security: CVE-2015-0247
Security: CVE-2015-1572
Security: 0f488b7b-bbb9-11e4-903c-080027ef73ec
Security: 2a4bcd7d-bbb8-11e4-903c-080027ef73ec.html |
1.1_2
23 Feb 2015 22:13:03
|
delphij |
Document BIND DoS issue with trust anchor management. |
1.1_2
21 Feb 2015 16:12:37
|
cy |
Kerberos Version 5, Release 1.12.3 is released affecting
security/krb5-112. This fixes multiple vulnerabilities, some previously
committed by point patches and others newly fixed in this release.
* Fix multiple vulnerabilities in the LDAP KDC back end.
[CVE-2014-5354] [CVE-2014-5353]
* Fix multiple kadmind vulnerabilities, some of which are based in the
gssrpc library. [CVE-2014-5352 CVE-2014-5352 CVE-2014-9421
CVE-2014-9422 CVE-2014-9423]
Security: CVE-2014-5354, CVE-2014-5353
Security: CVE-2014-5352, CVE-2014-5352, CVE-2014-9421
Security: CVE-2014-9422, CVE-2014-9423 |
1.1_2
17 Feb 2015 22:03:33
|
delphij |
Document unzip heap based buffer overflow in iconv patch.
PR: ports/197772 |
1.1_2
17 Feb 2015 17:19:32
|
madpilot |
Add modified date to entries I touched recently.
Noticed by: kwm (thanks) |
1.1_2
17 Feb 2015 16:14:31
|
madpilot |
Add CVE number to asterisk advisory. |
1.1_2
13 Feb 2015 20:23:29
|
cy |
Backported patches for CVE-2014-5353 and CVE-2014-5354 received from MIT
for krb5-111 and krb5-112.
Obtained from: Greg Hudson <ghudson@mit.edu>
Security: CVE-2014-5353, CVE-2014-5354 |
1.1_2
13 Feb 2015 01:59:09
|
zi |
- Additional fixes from the krb5 commit |
1.1_2
13 Feb 2015 01:55:34
|
zi |
- Correct errors in previous commit to resolve build |
1.1_2
13 Feb 2015 01:45:41
|
cy |
Document new krb5 vulnerabilities.
Security: CVE-2014-5353, CVE-2014-5354 |
1.1_2
12 Feb 2015 21:00:50
|
kwm |
The xorg-server entry in commit 378888, also mention portepoch for the other
version we want to check. |
1.1_2
12 Feb 2015 19:56:46
|
kwm |
Document xorg-server CVE-2015-0255.
Information leak in the XkbSetGeometry request of X servers |
1.1_2
09 Feb 2015 08:23:51
|
girgen |
In r378499, PostgreSQL package names where not version-suffixed. Fixed this.
Submitted by: kuriyama@ |
1.1_2
06 Feb 2015 23:27:42
|
rene |
Fix CVE name for www/chromium entry
Submitted by: bz via bot |
1.1_2
06 Feb 2015 22:48:15
|
delphij |
Document two recent OpenLDAP DoS issues. |
1.1_2
06 Feb 2015 22:21:15
|
rene |
Document new vulnerabilities in www/chromium < 40.0.2214.111
Submitted by: Carlos Jacobo Puga Medina
Obtained from: http://googlechromereleases.blogspot.nl/ |
1.1_2
05 Feb 2015 22:54:22
|
girgen |
Update PostgreSQL-9.x to latests versions.
This update fixes multiple security issues reported in PostgreSQL over the past
few months. All of these issues require prior authentication, and some require
additional conditions, and as such are not considered generally urgent.
However, users should examine the list of security holes patched below in case
they are particularly vulnerable.
Security: CVE-2015-0241,CVE-2015-0242,CVE-2015-0243,
CVE-2015-0244,CVE-2014-8161 |
1.1_2
05 Feb 2015 08:57:05
|
tijl |
Remove 734bcd49-aae6-11e4-a0c1-c485083ca99c because Adobe Flash Player 11.x
isn't affected. See February 2 revision of
https://helpx.adobe.com/security/products/flash-player/apsa15-02.html |
1.1_2
04 Feb 2015 20:38:31
|
cy |
Add the following KRB5 CVEs.
CVE-2014-5352: gss_process_context_token() incorrectly frees context
CVE-2014-9421: kadmind doubly frees partial deserialization results
CVE-2014-9422: kadmind incorrectly validates server principal name
CVE-2014-9423: libgssrpc server applications leak uninitialized bytes
Security: CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423 |
1.1_2
03 Feb 2015 22:35:06
|
delphij |
Document unzip out of boundary access issues in test_compr_eb.
PR: ports/197300 |
1.1_2
02 Feb 2015 19:09:36
|
xmj |
Add linux-f10-devtools (any version) and linux-c6-devtools (prior to 6.6_3) to
the CVE-2015-0235 entry from 2015-01-28.
Approved by: swills (mentor) |
1.1_2
02 Feb 2015 15:25:31
|
feld |
Add net-mgmt/xymon-server CVE-2015-1430 |
1.1_2
02 Feb 2015 14:53:57
|
xmj |
www/linux-*-flashplugin11: Add CVE-2015-0313
Spotted by: kwm
Approved by: swills (mentor) |
1.1_2
31 Jan 2015 16:09:37
|
olgeni |
Add CVE-2015-0862 for net/rabbitmq. |
1.1_2
31 Jan 2015 15:07:29
|
ohauer |
- document apache24 issues |
1.1_2
29 Jan 2015 11:20:52
|
madpilot |
Document asterisk security issues.
While here, add CVE number to a previous asterisk entry. |
1.1_2
28 Jan 2015 08:39:21
|
xmj |
Add CVE-2015-0235.
- Affects linux_base-*
Approved by: so@ (des) |
1.1_2
26 Jan 2015 21:20:44
|
tijl |
Document critical Adobe Flash Player vulnerability (CVE-2015-0311) |
1.1_2
26 Jan 2015 20:24:08
|
ohauer |
- document bugzilla security issues |
1.1_2
24 Jan 2015 17:58:08
|
lwhsu |
- Fix description of 9c7b6c20-a324-11e4-879c-00e0814cab4e |
1.1_2
23 Jan 2015 17:47:01
|
lwhsu |
Document Django 2014-01-13 vulnerabilty |
1.1_2
22 Jan 2015 17:43:48
|
mi |
Add a note about the just-fixed vulnerability of applications using net/libutp.
PR: 196351
Differential Revision: D1575
Submitted by: Jan Beich
Approved by: bapt |
1.1_2
22 Jan 2015 17:09:22
|
xmj |
Amend linux-c6-openssl version in OpenSSL entry from 2015-01-08.
Approved by: swills (mentor) |
1.1_2
22 Jan 2015 17:02:41
|
vsevolod |
Add CVE-2015-0206 description for LibreSSL port. |
1.1_2
22 Jan 2015 12:54:14
|
tijl |
Document Adobe Flash Player vulnerabilities |
1.1_2
21 Jan 2015 22:09:39
|
rene |
Document new vulnerabilities in www/chromium < 40.0.2214.91
Also affects FFmpeg, ICU, DOM but the links on the webpage all result in a 403.
Obtained from: http://googlechromereleases.blogspot.nl |
1.1_2
19 Jan 2015 20:52:53
|
jase |
security/vuxml:
- Document security/polarssl and security/polarssl13 crafted certificates
vulnerability (CVE-2015-1182) |
1.1_2
16 Jan 2015 08:18:14
|
ehaupt |
Document multiple archivers/unzip vulnerabilities (CVE-2014-8139,
CVE-2014-8140, CVE-2014-8141).
PR: 196777 (based on)
Submitted by: rsimmons0@gmail.com |
1.1_2
16 Jan 2015 04:05:18
|
timur |
Add description of CVE-2014-8143 in net/samba4 and net/samba41 |
1.1_2
14 Jan 2015 21:54:31
|
rakuco |
Add entry for CVE-2013-7252 in x11/kde4-runtime. |
1.1_2
14 Jan 2015 07:10:09
|
beat |
Document mozilla vulnerabilities |
1.1_2
11 Jan 2015 19:39:46
|
mm |
Add vuln.xml entry for libevent CVE-2014-6272
PR: ports/199640 |
1.1_2
09 Jan 2015 18:56:57
|
sunpoet |
- Fix more typo |
1.1_2
09 Jan 2015 18:51:33
|
sunpoet |
- Fix typo |
1.1_2
09 Jan 2015 18:41:23
|
sunpoet |
- Document cURL URL request injection vulnerability (CVE-2014-8150) |
1.1_2
09 Jan 2015 13:35:32
|
kwm |
Document webkit-gtk[23] vulnabilities. |
1.1_2
09 Jan 2015 00:00:00
|
delphij |
Document OpenSSL multiple vulnerabilities. |
As an Amazon Associate I earn from qualifying purchases.
