| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
1.1_2
03 Aug 2014 21:44:44
   |
rakuco  |
Document CVE-2014-4607 in net/krfb.
MFH: 2014Q3 |
1.1_2
02 Aug 2014 15:17:54
|
zi |
- Document net/samba4* vulnerability: CVE-2014-3560 |
1.1_2
02 Aug 2014 02:34:44
|
jhale |
- Document vulnerability in security/gpgme (CVE-2014-3564) |
1.1_2
31 Jul 2014 15:23:47
|
rakuco |
Document x11/kdelibs4 vulnerability |
1.1_2
30 Jul 2014 20:54:22
|
cs |
tor -- traffic confirmation attack |
1.1_2
28 Jul 2014 18:38:13
|
cs |
Report serious i2p vulnerability |
1.1_2
25 Jul 2014 14:12:55
|
ohauer |
- document bugzilla Cross Site Request Forgery (CVE-2014-1546)
MFH: 2014Q3 |
1.1_2
24 Jul 2014 20:12:51
|
ohauer |
- document apache22 CVE entries
MFH: 2014Q3 |
1.1_2
23 Jul 2014 16:51:38
|
zi |
- Document vulnerabilities in www/tomcat*: CVE-2014-0096, CVE-2014-0099,
CVE-2014-0075 |
1.1_2
23 Jul 2014 07:50:19
|
delphij |
Document Mozilla multiple vulnerabilities. |
1.1_2
21 Jul 2014 21:36:54
|
rakuco |
Fix the recent Qt vulnerability entry again.
The CVE patch applies to -imageformats in Qt4 but -gui in Qt5. I always get
confused by the different port names...
Noted by antoine@.
MFH: 2014Q3
Security: 904d78b8-0f7e-11e4-8b71-5453ed2e2b49 |
1.1_2
21 Jul 2014 21:20:14
|
swills |
security/vuxml: document security issue in mcollective |
1.1_2
20 Jul 2014 21:47:42
|
matthew |
Update the latest phpMyAdmin entry with CVE numbers and descriptive
text from the security advisories, now that they have been published.
Security: 3f09ca29-0e48-11e4-b17a-6805ca0b3d42 |
1.1_2
20 Jul 2014 17:06:36
|
rakuco |
Fix the list of packages affected by 904d78b8-0f7e-11e4-8b71-5453ed2e2b49.
Submitted by: RyoTa SimaMoto <liangtai.s16@gmail.com>
MFH: 2014Q3 |
1.1_2
19 Jul 2014 20:24:30
|
rakuco |
Document qt4-gui/qt5-gui vulnerability.
MFH: 2014Q3 |
1.1_2
19 Jul 2014 13:46:20
|
ohauer |
- document apache24 CVE entries
until now there is no official CHANGELOG and apache-2.4.10
is not released, so take summary from upstream SVN. |
1.1_2
18 Jul 2014 07:02:34
|
matthew |
Yet another tranche of phpMyAdmin security alerts. In typical style
there has been a software release with warnings that it contains
security fixes, but the Security Advisories are not yet available and
CVE numbers have not yet been published. |
1.1_2
17 Jul 2014 08:29:54
|
rene |
Document new vulnerabilities in www/chromium < 36.0.1985.125
Submitted by: Carlos Jacobo Puga Medina <cpm@fbsd.es> via freebsd-chromium
Obtained from: http://googlechromereleases.blogspot.nl/
MFH: 2014Q3 |
1.1_2
16 Jul 2014 20:12:28
|
rakuco |
Document x11/kdelibs4 vulnerability.
MFH: 2014Q3 |
1.1_2
13 Jul 2014 13:29:22
|
rakuco |
Add entry for mail/postfixadmin.
PR: 189248
MFH: 2014Q3 |
1.1_2
04 Jul 2014 06:38:24
|
swills |
- Add seamonkey to list of things affected by mozilla issue |
1.1_2
03 Jul 2014 14:57:40
|
kwm |
Document more dbus vulnabilities. |
1.1_2
28 Jun 2014 12:09:09
|
riggs |
Add vuln entries for mplayer and mencoder for CVE-2014-4610
(integer overflow in ffmpeg's lzo code)
Approved by: mentors (implicit)
MFH: 2014Q2 |
1.1_2
26 Jun 2014 18:08:03
|
mandree |
Add a vulnerability entry for lzo2. |
1.1_2
24 Jun 2014 14:49:44
|
kuriyama |
Add also gnupg-2.0.24. |
1.1_2
24 Jun 2014 06:48:54
|
matthew |
Update vuln.xml now that advisories have been published. |
1.1_2
24 Jun 2014 00:07:48
|
kuriyama |
Add about gnupg-1.4.17. |
1.1_2
23 Jun 2014 18:29:56
|
zi |
- Document recent samba vulnerabilities (CVE-2014-3493, CVE-2014-0244) |
1.1_2
20 Jun 2014 23:24:19
|
matthew |
Document the latest phpMyAdmin vulnerabilities. Very little
information has been published as yet. What there is here has been
gleaned from the ChangeLog at
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.2.4/phpMyAdmin-4.2.4-notes.html/view
Updates and CVE numbers to follow, as they are made available. |
1.1_2
18 Jun 2014 22:02:27
|
lx |
Add vuln entry for iodine.
Submitted by: Kenta S. |
1.1_2
17 Jun 2014 08:12:08
|
flo |
Document asterisk vulnerabilities |
1.1_2
14 Jun 2014 12:16:57
|
kwm |
Document dbus local dos
MFH: 2014Q2 |
1.1_2
11 Jun 2014 08:06:47
|
rene |
Document new vulnerabilities in www/chromium < 35.0.1916.153
Submitted by: Carlos Jacobo Puga Medina <cpm@fbsd.es>
Obtained from: http://www.googlechromereleases.blogspot.nl/
MFH: 2014Q2 |
1.1_2
10 Jun 2014 20:12:13
|
beat |
Document mozilla vulnerabilities |
1.1_2
05 Jun 2014 12:34:21
|
delphij |
Document OpenSSL multiple vulnerabilities. |
1.1_2
04 Jun 2014 20:15:03
|
mandree |
Fix extraneous <vuxml> open tag on line 88. |
1.1_2
04 Jun 2014 19:07:17
|
wxs |
Fix build. |
1.1_2
04 Jun 2014 18:50:52
|
cy |
Document gnutls CVE-2014-3466 to prevent memory corruption due to server
hello parsing.
Security: CVE-2014-3466 |
1.1_2
03 Jun 2014 19:42:40
|
zi |
- Document vulnerability in security/gnutls3 (CVE-2014-3466) |
1.1_2
29 May 2014 15:27:37
|
feld |
Fixing range of affected versions of mumble 1.2.4 to cover all portrevisions |
1.1_2
29 May 2014 15:24:55
|
miwi |
- Fix formating |
1.1_2
29 May 2014 15:13:25
|
feld |
audio/mumble vulnerabilities
My first foray into this dark, scary vuxml dungeon. |
1.1_2
29 May 2014 09:22:29
|
rea |
VuXML: cancel Exim's CVE-2014-2957
Current port isn't built with DMARC support and has no knobs to enable it. |
1.1_2
28 May 2014 18:36:46
|
zi |
- Document exim vulnerability (CVE-2014-2957) |
1.1_2
26 May 2014 21:01:24
|
eadler |
Undo my poor merge conflict editing.
Reported by: rene, mat |
1.1_2
26 May 2014 20:36:27
|
eadler |
Report the latest flash security issue |
1.1_2
24 May 2014 14:28:28
|
kwm |
Document a bunch of openjpeg vulnabilities.
MFH: 2014Q2 |
1.1_2
20 May 2014 20:36:40
|
rene |
Document new vulnerabilities in www/chromium < 35.0.1916.114
Obtained from: http://googlechromereleases.blogspot.nl/
MFH: 2014Q2 |
1.1_2
17 May 2014 17:58:39
|
zi |
- Add STAGE support
- Add LICENSE
- Cleanup plist-related clever
- Pacify portlint(1)
- Bump PORTREVISION
With hat: ports-secteam |
1.1_1
14 May 2014 10:38:06
|
rene |
Describe new vulnerabilities in www/chromium < 34.0.1847.137
Obtained from: http://googlechromereleases.blogspot.nl/
MFH: 2014Q2 |
1.1_1
13 May 2014 16:31:18
|
kwm |
Record libXfont X Font Service Protocol and Font metadata file handling issues
MFH: 2014Q2 |
1.1_1
13 May 2014 02:07:07
|
knu |
Document CVE-2013-2877 which affects textproc/libxml2. |
1.1_1
13 May 2014 01:59:37
|
knu |
Summary: Oops, the current version is affected, hence <le/> instead of <lt/>. |
1.1_1
13 May 2014 01:55:46
|
knu |
Summary: Fix a typo copied from the original report. |
1.1_1
13 May 2014 01:49:52
|
knu |
Document CVE-2014-0191 which affects textproc/libxml2. |
1.1_1
06 May 2014 07:53:32
|
dinoex |
Document OpenSSL vulnerability
Security: CVE-2014-0198 |
1.1_1
05 May 2014 21:09:44
|
rakuco |
Document qt4-xml vulnerability (CVE-2013-4549). |
1.1_1
04 May 2014 12:43:28
|
zi |
- Document strongSwan vulnerability (CVE-2014-2338)
- Add additional reminder to document port variants |
1.1_1
30 Apr 2014 17:51:30
|
ohauer |
- fix some entries so they are really detected
by old and new pkg audit tools
Approved by: portmgr (bdrewery) |
1.1_1
30 Apr 2014 07:54:12
|
culot |
- Document vulnerabilities in www/mohawk
PR: ports/189082
Submitted by: mohawk <mohawk@bsdsx.fr> |
1.1_1
30 Apr 2014 06:42:34
|
rene |
Document new vulnerabilities in www/chromium < 34.0.1847.132
Obtained from: http://googlechromereleases.blogspot.nl/ |
1.1_1
29 Apr 2014 17:00:46
|
beat |
Document mozilla vulnerabilities |
1.1_1
24 Apr 2014 15:54:50
|
lwhsu |
Add back pakcage ranges for people have ancient packages
Notified by: mat |
1.1_1
23 Apr 2014 13:36:36
|
lwhsu |
Fix Django package names
Submitted by: mat |
1.1_1
23 Apr 2014 13:10:30
|
lwhsu |
Document Django 2014-04-21 vulnerabilty |
1.1_1
23 Apr 2014 01:55:54
|
bdrewery |
- This is not really a quote, I summarized it myself. |
1.1_1
23 Apr 2014 01:54:44
|
bdrewery |
- Document OpenSSL CVE-2010-5298 |
1.1_1
18 Apr 2014 14:56:43
|
ohauer |
- fix entries so issues for bugzilla40/42 are detected
first version found only bugzilla44 issues (tested with pkg audit) |
1.1_1
18 Apr 2014 14:20:15
|
ohauer |
- document bugzilla issues
CVE-2014-1517 is fixed in bugzilla-4.4.3
therefore use two vuxml entries. |
1.1_1
15 Apr 2014 20:21:44
|
swills |
- Add multiple missing entries
PR: ports/188512
Submitted by: Pawel Biernacki <pawel.biernacki@gmail.com> |
1.1_1
13 Apr 2014 12:45:24
|
rene |
Fix typo.
Submitted by: matthew@ |
1.1_1
13 Apr 2014 12:17:20
|
rene |
Mention a vulnerability in japanese/chasen* which exists since 2011-11-08
Obtained from: http://jvn.jp/en/jp/JVN16901583/index.html |
1.1_1
11 Apr 2014 21:41:43
|
zi |
- Correct version ranges for
7ccd4def-c1be-11e3-9d09-000c2980a9f3/5631ae98-be9e-11e3-b5e3-c80aa9043978
Reported by: Tim Zingelman <tez@netbsd.org> |
1.1_1
11 Apr 2014 21:33:41
|
zi |
- Move CVE-2014-0076 to its own entry+add FreeBSD system information as the
affected list does not 100% line up with the vulnerability described in
CVE-2014-0160/5631ae98-be9e-11e3-b5e3-c80aa9043978 |
1.1_1
11 Apr 2014 21:11:17
|
zi |
- Note FreeBSD system vulnerability information for
5631ae98-be9e-11e3-b5e3-c80aa9043978 |
1.1_1
10 Apr 2014 23:58:48
|
bdrewery |
- Mark linux-f10-openssl vulnerabilities
Reported by: frogs on freenode |
1.1_1
09 Apr 2014 14:37:43
|
zi |
- Document recent vulnerability in net/openafs (CVE-2014-0159) |
1.1_1
08 Apr 2014 19:14:35
|
rene |
Document new vulnerabilities in www/chromium < 34.0.1847.116
Obtained from: http://googlechromereleases.blogspot.nl/
MFH: 2014Q2 |
1.1_1
08 Apr 2014 13:40:19
|
knu |
Add mingw32-openssl. |
1.1_1
08 Apr 2014 02:26:46
|
bdrewery |
Add more information for OpenSSL bug |
1.1_1
08 Apr 2014 00:50:34
|
bdrewery |
- Sort references
- Add link to heartbleed.com that has a lot of useful information |
1.1_1
07 Apr 2014 22:05:07
|
bdrewery |
- Document Openssl vulnerabilities
Security: CVE-2014-0160
Security: CVE-2014-0076
Security: https://www.openssl.org/news/secadv_20140407.txt
MFH: 2014Q2 |
1.1_1
03 Apr 2014 12:23:44
|
cs |
New OTRS vulnerability
Security: CVE-2014-2554 |
1.1_1
03 Apr 2014 11:07:25
|
knu |
Add CVE-2014-2525 which affects libyaml. |
1.1_1
01 Apr 2014 08:46:41
|
ale |
Fix all mod_php entries.
Please don't use the range <range><ge>0</ge></range>. |
1.1_1
29 Mar 2014 12:00:53
|
lme |
Add an entry for CVE-2014-2386 |
1.1_1
29 Mar 2014 08:30:51
|
bf |
Add an entry for CVE-2014-2270, and correct the indentation
in the entry for CVE-2014-1943 |
1.1_1
28 Mar 2014 12:11:17
|
ale |
Fix mod_php5 entry. |
1.1_1
27 Mar 2014 19:50:33
|
mandree |
Sort reference entries in 36f9ac43-b2ac-11e3-8752-080027ef73ec
mail/trojita information leak.
This should really be in the DTD or at least "make validate" if it's
official requirement...
Submitted by: remko |
1.1_1
23 Mar 2014 23:20:44
|
nivit |
- Document multiple vulnerabilities for Joomla! 2 and Joomla! 3 |
1.1_1
23 Mar 2014 17:10:43
|
mandree |
Add an entry for trojita mail leak across unencrypted connections
(CVE-2014-2567). Port update in PR#187370, pending commit.
MFH: yes |
1.1_1
23 Mar 2014 13:40:57
|
osa |
Split nginx and nginx-devel entries, update date. |
1.1_1
23 Mar 2014 02:48:58
|
osa |
Add CVE-2014-0133 entries for www/nginx and www/nginx-devel. |
1.1_1
22 Mar 2014 21:22:02
|
ohauer |
- document apache22 /apache24
CVE-2014-0098, CVE-2013-6438
Please Note:
apache-2.2.27 is not released until now,
but this is exoected during the next days. |
1.1_1
20 Mar 2014 10:24:11
|
beat |
Attempt to fix latest mozilla entry for firefox-esr
Reported by: plukky on #bsdports |
1.1_1
19 Mar 2014 17:54:48
|
beat |
Document mozilla vulnerabilities |
1.1_1
15 Mar 2014 09:26:10
|
rene |
Document new vulnerabilities in www/chromium < 33.0.1750.152
Obtained from: http://googlechromereleases.blogspot.nl/
MFH: 2014Q1 |
1.1_1
14 Mar 2014 15:13:13
|
simon |
Update (c) year to be 2014.
PS. all rumors that this commit is to shup up the grim reaper are wildly
exagurated. |
1.1_1
14 Mar 2014 11:34:53
|
zi |
- Fix ordering |
1.1_1
14 Mar 2014 11:19:19
|
zi |
- Document recent vulnerability in mail/mutt (CVE-2014-0467) |
As an Amazon Associate I earn from qualifying purchases.
