Fix the recent flash entry:

1. Only one <package> container is needed
2. Use of <lt> has to be relative to the latest (unvulnerable) version
3. Improve the range for the 11.x version to not tag all 10.x versions
4. Use https for the cite in blockquote
5. Fix a CVE entry

Feature safe:   yes

- Correct latest libxml(1) entrys
- Mark CVS-2009-2414 CVS-2009-2416 CVS-2011-1944 entrys as safe
- Fix whitespaces
- Bump modify date
- While here add missing blank lines between entries [1]

[1] This would not happened when committers use "make newentry" (sometimes RTFM
is really helpful)

Feature safe:   yes

Document latest phpMyAdmin vulnerability

PR:             ports/162442
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
Security:       CVE-2011-4107
Security:       http://www.phpmyadmin.net/home_page/security/PMASA-2011-17.php
CC:             m.seaman@infracaninophile.co.uk
Feature safe:   yes

- update flash10 to 10.3r183.11
- add security issues to vuln.xml

Submitted by:   nox
Reviewed by:    dougb (vuxml)
Security:       CVE-2011-2445, CVE-2011-2450, CVE-2011-2451, CVE-2011-2452,
CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2456, CVE-2011-2457,
CVE-2011-2458, CVE-2011-2459, CVE-2011-2458

Feature safe:   yesA

Add vulnerabilities for www/chromium < 15.0.874.120

Obtained from: 
http://googlechromereleases.blogspot.com/search/label/Stable%20updates
Security:       CVE-2011-[3892-3898]
Feature safe:   yes

Add missing blank lines between entries.

Feature safe:   yes

Fix build.

Feature safe:   yes

Register multiple libxml{1,2} vulnerabilities

- Cleanup a bit

Document gnutls client session resumption vulnerability.

- Document mozilla -- multiple vulnerabilities

- add vuxml entry for insecure use of temporary directories in caml-light

Reviewed by:    dougb
Approved by:    bapt,sahil (mentors, implicit)

- add vuxml entry for insecure use of temporary directories in caml-light

Reviewed by:    dougb
Approved by:    bapt,sahil (mentors, implicit)

Fix the freetype entry. The package name is freetype2 and fill in the comment.

Fix vuln.xml

Document vulnerabilities in handling Type 1 fonts in freetype.

Properly match lower bound of version numbers.

Noticed by:     Patrick Oonk <patrick.oonk pine.nl>

- bid from latest PivotX entry [1]
- while remove a lot whitespaces

PR:             161734 [1]
Submitted by:   Fumiyuki Shimizu <fumifumi@abacustech.jp>

Document cacti security issues.

SQL injection issue with user login
Cross-site scripting issues.

PR:             ports/162044
Reported by:    moggie <moggie@elasticmind.net>

- Cleanup & whitespace fixe

document phpmyfaq remote PHP code injection vulnerability

Mention vulnerabilities in www/chromium < 15.0.874.102

Obtained from:  http://googlechromereleases.blogspot.com/
Security:       CVE-2011-[2845, 3875-3891]

- Document phpldapadmin - remote PHP code injection vulnerability

PR:             ports/161954
Submitted by:   Ruslan Mahmatkhanov <cvs-src@yandex.ru>

Document CVE-2011-3365 and CVE-2011-3366.

Different CVE numbers for different software, but they share the same
KDE security advisory.

Approved by:    makc (mentor)

Fix the port names of a few past KDE vulnerabilities.

The entries mentioned kdebase4-runtime, kdebase3, kdelibs4 etc, but
the port names are kdebase, kdelibs etc.

Adjust the names and the version ranges.

Approved by:    makc (mentor)

add an entry for the recent piwik vulnerability, with the little information
that's available.

The only known fact is that Piwik rates this update critical.

Fix discovery date.

Document a File disclosure vulnerability and File permission change
vulnerability
in xorg-server.

Obtained from: 
http://lists.freedesktop.org/archives/xorg-announce/2011-October/001744.html
                upstream xorg-server
Security:       CVE-2011-4028, CVE-2011-4029

- Fix entry dates for recently added OpenTTD vulns

Submitted by:   "Ilya A. Arkhipov" <micro@heavennet.ru>

Document asterisk -- remote crash vulnerability in SIP channel driver.

Commit result of manually merged make tidy output.

Document PivotX remote file inclusion vulnerability.

PR:             ports/161734
Submitted by:   Fumiyuki Shimizu <fumifumi abacustech jp>

- Fix quotation links

Reported by:    danfe

Document openttd multiple vulnerabilities

PR:             161488
Submitted by:   "Ilya A. Arkhipov" <micro@heavennet.ru>

ca_root_nss - fix capitalization of topics

Security: 1b27af46-d6f6-11e0-89a6-080027ef73ec
Security: aa5bc971-d635-11e0-b3cf-080027ef73ec

ca_root_nss - reword topic for clarity

Security: 1b27af46-d6f6-11e0-89a6-080027ef73ec

Be less grubby in specifying vulnerable gnutls-devel versions.

Latest pyblosxom version is not vulnerable

Document quagga multiple vulnerabilities

Document latest vulnerabilities for www/chromium

Obtained from:  http://googlechromereleases.blogspot.com/
Security:       CVE-2011-[2876-2881, 3873]

Correct tomcat version represetations.

Pointed out by: Tim Zingelman <tez netbsd.org>

- Document mozilla -- multiple vulnerabilities

Properly mark version range for horde-imp.

- Update linux-f10-flashplugin to 10.3r183.10 . [1]
- Make gnome desktopfileutils dependency optional. [2]

PR:             ports/160894 [1]
Submitted by:   Garrett Cooper <yanegomi@gmail.com> [1]
Suggested by:   Peter Jeremy <peterjeremy@acm.org> [2]
Security:      
http://www.freebsd.org/ports/portaudit/53e531a7-e559-11e0-b481-001b2134ef46.html

Improve accuracy of krb5 vulnerability entries for upcoming port addition of
krb5-17.
(one entry was missed from the previous commit)

Improve accuracy of krb5 vulnerability entries for upcoming port addition
of krb5-17.

Document vulnerabilities in Chromium 13.0.x.y

Obtained from:  http://googlechromereleases.blogspot.com/
Security:       CVE-2011-[2834-2838, 2840-2844, 2846-2862, 2864, 2874-2875,
                          3234]

Document phpMyAdmin multiple XSS vulnerability.

Update phpMyAdminn to 3.4.5 release. [1]

PR:             ports/160589 [1]
Submitted by:   maitainer [1]

Document Django multiple vulnerabilities.

Document roundcube XSS vulnerability.

Document libsndfile -- PAF file processing integer overflow.

Security:       CVE-2011-2696

Re-revise emacs vulnerability to limit with >= 22 and < 22.2_1 instead of
>21.* and <22.2_1 which didn't work as expected

- Limit emacs vulnerability to > 21.* and <= 22.2 instead of just <= 22.2

Document two OpenSSL vulnerabilities.

(There is no OpenSSL 0.9.8s in the ports so mark <1.0.0 as vulnerable).

fix last thunderbird entry

add firefox, thunderbird and seamonkey to the DigiNotar.nl entry

Security:      
http://www.vuxml.org/freebsd/aa5bc971-d635-11e0-b3cf-080027ef73ec.html

Fix vuln.xml, while here fix indentation

- Update to 1.2.7

PR:             ports/160368
Submitted by:   gjb
Approved by:    dvl (maintainer), bapt (mentor)
Security:       CVE-2011-2938

- Document cfs buffer overflow vulnerability.
- While here, unbreak packaudit -- it doesn't like newlines in the
  middle of tags.  Perhaps a comment should say something?

Revise nss/ca_root_nss working around Mozilla,
limit ca_root_nss vuln to < 3.12.11 from <= 3.12.11.

Add a new entry for the ca_root_nss bug that caused extraction of untrusted
certificates to the trust bundle.

PR: ports/160455

- Correct affected plone versions

- bump modifiled for CVE-2007-5137

- update CVE-2007-5137

Update range to exclude nss 3.12.11 from vuln, as kwm@'s commit
to upgrade nss to 3.12.11 included the newer CKBI 1.87 that explicitly
distrusts DigiNotar.

Add a security notice for the DigiNotar incident, listing nss/ca_root/nss.

- only match vulnerable versions in the hlstats entry
- add additional CVEs

Final modification for apache22 vulnerability; include slave ports as well

Pointed out by: flo
Reviewed by:    eadler

Correct range for apache22, 2.2.20 is fixed and 1.3 wasn't affected.

Submitted by:   Aleksandr Stankevic (sysmonk on IRC/Freenode##FreeBSD)
Security:       CVE-2011-3192

Put a lower bound on the last php entry, as the bug was introduced in
5.3.7-RC5.

Submitted by:   "jaset" via #bsdports

- Fix entry date and use two ranges

Reviewed by:    gahr@
Approved by:    jadawin@ (mentor)

- Document CVE-2011-3192 for recent apache DoS vulnerability

Approved by:    jadawin@ (mentor)
Security:      
http://vuxml.org/freebsd/7f6108d2-cea8-11e0-9d58-0800279895ea.html

Upstream indicates that this only affects 4.40 and 4.41 so add a <ge> tag
to indicate that.

Document stunnel heap corruption vulnerability.

Fix discovery date

DOcument phpMyAdmin CVE-2011-3181 (multiple XSS).

Document new Chromium vulnerabilities.

Obtained from:  http://google-chrome-browser.com/releases
Security:       CVE-2011-[2821, 2823-2829, 2839]

Mark PHP5 < 5.3.7_2 as vulnerable to PHP bug #55439: crypt() returns only
the salt for MD5.

Document multiple PHP vulnerabilities.

Document Rails multiple vulnerabilities.

Document dovecot DoS vulnerability.

Document "otrs" - vulnerabilities in OTRS-Core allows read access
to any file on local file system.

document recent mozilla vulnerabilities

Document samba vulnerabilities of SWAT web interface.

Adjust dates in 510b630e-c43b-11e0-916c-00e0815b8da8.

Noticed by:     kwm@

- Document ISC DHCP server DoS.

Document "bugzilla" - multiple vulnerabilities.

Document dtc security issues

PR:             ports/159736
Submitted by:   Ansgar Burchardt <ansgar@debian.org>

Document freetype2 and libXfont vulnabilities.

Update linux-f10-flashplugin to 10.3r183.5 .

Submitted by:   pointyhat via erwin
Security:      
http://www.freebsd.org/ports/portaudit/2c12ae0c-c38d-11e0-8eb7-001b2134ef46.html

Document new vulnerabilities for www/chromium ( < 13.0.782.107)

Obtained from:  http://googlechromereleases.blogspot.com/
Security:       CVE-2011-{2358-2361, 2782-2805, 2818-2819}

Document libsoup security hole.

Fix match of phpmyadmin in recent revisions.

- Add CVE reference for OpenSAML2 issue
- Use official citation

Document phpmyadmin vulnerabilities

Approved by:    wxs (mentor)

Document OpenSAML2 issue

Document rsync DoS issue (CVE-2011-1097).

Document BIND vulnerabilities for ports. This was inspired by the PR,
but re-formatted and edited by me, so responsibility for errors is mine.

PR:             ports/158672
Submitted by:   Ryan Steinmetz <rpsfa@rit.edu>

Document phpMyAdmin multiple vulnerabilities

Reviewed by:    flo
Approved by:    rene (mentor vacation)

document one more vulnerability in the recent asterisk entry

Document new vulnerabilities for www/chromium ( < 12.0.742.112)

Security:       CVE-2011-[2345-2351]