- Document mysql -- MyISAM table privileges security bypass vulnerability for
symlinked paths

- Document mplayer -- twinvq processing buffer overflow vulnerability

Reported by:    Thomas Zander <riggs@rrr.de> (mplayer maintainer)

- ampache -- insecure temporary file usage

- Small cleanup for the last cups-base entry
  * CVE-2008-5184 was fixed in 1.3.8.
  * CVE-2008-1722 does not related to anything in this entry;
  * PNG buffer overflow is really CVE-2008-5286.

Reported by:    Eygene Ryabinkin <rea-fbsd@codelabs.ru>
No Cookies for: miwi

- Document opera -- multiple vulnerabilities

- Document mediawiki -- multiple vulnerabilities

- Fix make validate

- document drupal -- Multiple vulnerabilities

- Document mozilla -- multiple vulnerabilities

- Fix a small typo

- Document phpmyadmin -- cross-site request forgery vulnerability

- Document php5 -- potential magic_quotes_gpc vulnerability

Reviewed by:    miwi

- Fix a typo

Reported by:    Eygene Ryabinkin <rea-fbsd@codelabs.ru>

- Document wireshark --  SMTP Processing Denial of Service Vulnerability

- Document php -- multiple vulnerabilities

- Document mgetty+sendfax -- symlink attack via insecure temporary files

PR:             based on 129471
Submitted by:   Eygene Ryabinkin <rea-fbsd@codelabs.ru>

- Document dovecot-managesieve -- Script Name Directory Traversal Vulnerability

PR:             based on 129303
Submitted by:   Eygene Ryabinkin <rea-fbsd@codelabs.ru>

Document habari -- Cross-Site Scripting Vulnerability

PR:             129475
Submitted by:   Ayumi M <ayu@dahlia.commun.jp>

- Add 32545 to the latest vlc entry.

- Document vlc -- arbitrary code execution in the RealMedia processor

- S/secunia/Secunia

- Document mantis - PHP Code Execution Vulnerability

PR:             based on 129438
Submitted by:   Eygene Ryabinkin <rea-fbsd@codelabs.ru>

Document mantis -- multiple vulnerabilities

PR:             based on 129438

- Fix previous entry

- Document squirrelmail -- Cross site scripting vulnerability

- Fix discovery from previous entry

- Document openoffice -- arbitrary code execution vulnerabilities

PR:             based on 129192
Submitted by:   Eygene Ryabinkin <rea-fbsd@codelabs.ru>

- Document wordpress -- Header RSS Feed Script Insertion Vulnerability

- Document samba -- potential leakage of arbitrary memory contents
- Fix my previous entry

- Document hplip -- hpssd Denial of Service

PR:             based on 129097
Submitted by:   Eygene Ryabinkin

- Document cups -- multiple vulnerabilities

- Document a buffer overflow vulnerability in imlib2.

PR:             ports/129037
Submitted by:   Eygene Ryabinkin <rea-fbsd@codelabs.ru>

- Fix latest mozilla entry

Note:
        mail/thunderbird and mail/linux-thunderbird versions are wrong.
        All problems are fixed in 2.0.0.18 and not in 2.0.0.17.

Pointy hat to:  tabthorpe

- Document streamripper -- multiple buffer overflows

PR:             based on 128999

- Dokument -- Mantis: Session hijacking vulnerability

- Cleanup
- Fix a lot whitespaces

Document two ACL bypassing vulnerabilities of dovecot.

Submitted by:   Eygene Ryabinkin <rea-fbsd codelabs.ru> (with changes)
PR:             ports/129000

- Document libxml2 -- multiple vulnerabilities

- Document openfire -- multiple vulnerabilities

Document syslog-ng2 chroot vulnerability.

PR:             ports/128960
Submitted by:   Eygene Ryabinkin <rea-fbsd@codelabs.ru>
Reviewed by:    tabthorpe

- Add a missing new line between entries

- Add an entry for print/enscript and its slave ports

PR:             ports/128958
Submitted by:   Eygene Ryabinkin <rea-fbsd at codelabs.ru> (based on)
Reviewed by:    stas@

Add CVE identifier for clamav off-by-one error.

PR:             ports/128924
Submitted by:   Mark Foster <mark@foster.cc>

- Fix an indentation in the latest net-snmp entry.

- Document the recent chain validation vulnerability in gnutls.

PR:             ports/128868
Submitted by:   Eygene Ryabinkin <rea-fbsd@codelabs.ru> (based on)

- Fix formating

Add entry for net-snmp (fix will be followed).

PR:             ports128772, ports/128837
Submitted by:   "Mark D. Foster" <mark@foster.cc>,
                Eygene Ryabinkin <rea-fbsd@codelabs.ru>

- Cleanup
  * Add some more references to the faad2 entry
  * Fix formating for the last emacs and trac entry

- Document mozilla -- multiple vulnerabilities

Reviewed by:    simon

- Document faad2 -- heap overflow vulnerability

- Fix multimedia/vlc entry

Document vulnerability in Emacs python integration.

PR:             127168
Submitted by:   keramida

- Document clamav get_unicode_name() off-by-one buffer overflow, 0.94.1 have
  fixed the problem [1]
- Since i'm here, document clamav-devel either

PR:             ports/128749 [1]
Submitted by:   Eygene Ryabinkin <rea-fbsd@codelabs.ru> [1]

Document trac wiki markup DoS issue

- Document vlc -- cue processing stack overflow

Document opera -- multiple vulnerabilities

With hat:       secteam
Requested by:   simon

Document qemu -- Heap overflow in Cirrus emulation

Fix BugTraq ID :(

Pointy hat to:  delphij

Add more reference with last commit

Document phpmyadmin XSS issue

Add linux-opera with opera entries. Remove the YYYYMMDD in the version (ie:
9.61.YYYYMMDD -> 9.61) as linux-opera does not do it anymore. It should not
affect anything on opera.

- Fix formating

- Document opera -- multiple vulnerabilities

PR:             ports/128264
Submitted by:   Arjan van Leeuwen <freebsd-maintainer opera.com>

- Document libspf2 -- Buffer overflow

- Document openx -- sql injection vulnerability

- Fix duplicate wording

- Document flyspray -- multiple vulnerabilities

Submitted by:   Nick Hilliard (nick@foobar.org) (based on)

Document wordpress snoopy shell command execution vulnerability

- Fix libxine entry

- Whitespace fix in last entry.

Document drupal multiple vulnerabilities.

Submitted by:   Nick Hilliard <nick foobar org>

Newer version of wordpress-mu has resolved the security vulnerability,
I have verified the code with respect to older release and to wordpress
changeset.

Reviewed by:    stas

The libxml2-2.6.32_1 now have two security fixed. If I edit it incorrect,
please fix it for me.

Document libxine denial of service vulnerability.

- Fix formating from previous entry

- Fix previous commit

- Document linux-flashplugin -- multiple vulnerabilities

Reviewed by:    stas

Document libxml2 vulnerabilities.

- Fix a small typo

- Document drupal -- multiple vulnerabilities

Document cups multiple vulnerabilities.

Update mysql entries.

- Fix formating and remove whitespaces from previous commit.

Add two www/opera vulnarabilities which affect versions <9.60.20081004

PR:             ports/127941
Submitted by:   Arjan van Leeuwen (opera maintainer)

- Capitalize "Secunia" word in all entries.

Reviewed by:    tabthorpe

- Mplayer vulnerability has been fixed in 0.99.11_7.

- Document mysql-client input validation vulnerability.

- Document mplayer integer overflows.

Bump copyright year.

Really fix firefox 3 part of the latest mozilla entry.  Now it doesn't
match fixed firefox 2 versions.

Cluebat:        Eygene Ryabinkin <rea-fbsd@codelabs.ru>
Pointyhat:      simon (for too quick review of last update)

- Fix bad firefox3 specification

PR:             127712
Reported by:    Eygene Ryabinkin <rea-fbsd@codelabs.ru>
Reviewed by:    simon

lighttpd -- multiple vulnerabilities

- Fix last thunderbird entrys
- Bump modified date

- Cleanup previous entry.

Add irc/bitlbee entry.

- Update samba entries so they don't match upcomming Samba 3.2 which
  doesn't have PORTEPOCH in the version number.
- Bump modified date for all updated entries.

Requested by:   timur

- Fix firefox version

Reported by:    bsam@

- Fix a typo (s/reportss/reports)

Submitted by:   tabthorpe/remko

- Document mozilla --  multiple vulnerabilities

- Mark ftp/proftpd as safe
- Add more references to the last phpMyAdmin entry