| non port: security/vuxml/vuln.xml |
Number of commits found: 6273 (showing only 100 on this page) |
|
Thursday, 6 Sep 2018
|
06:53 yuri 
Add VuXML entry for the fixed CVE-2017-11114 in www/links
PR: 230849
Submitted by: Dmitri Goutnik <dg@syrec.org>
  |
|
Wednesday, 5 Sep 2018
|
23:30 sunpoet
Document curl vulnerability
|
20:39 jbeich
security/vuxml: mark firefox < 62 as vulnerable
|
|
Tuesday, 4 Sep 2018
|
12:47 tijl
Document Ghostscript -dSAFER sandbox bypass vulnerabilities.
PR: 231148
Security: https://www.kb.cert.org/vuls/id/332928
|
|
Friday, 31 Aug 2018
|
23:47 swills
Document grafana issues
PR: 231019
PR: 231020
PR: 231021
PR: 231022
|
|
Thursday, 30 Aug 2018
|
20:47 mfechner
Document several vulnerabilities for gitlab-ce.
Approved by: mentors (implicit)
|
06:33 tota
- Fix range for ja-mailman in CVE-2018-13796
|
00:09 leres
Mark bro < 2.5.5 as vulnerable as per:
https://www.bro.org/download/NEWS.bro.html
Reviewed by: ler (mentor)
Approved by: ler (mentor)
Differential Revision: https://reviews.freebsd.org/D16948
|
|
Monday, 27 Aug 2018
|
11:19 bhughes
security/vuxml: document Node.js vulnerabilities
https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/
Sponsored by: Miles AS
|
|
Friday, 24 Aug 2018
|
10:34 tobik
Fix databases/mantis entry after r477954
|
|
Thursday, 23 Aug 2018
|
05:34 matthew
Apparently you can have more than on <name></name> item inside a
<package></packge> group. Also, re-add plain 'phpMyAdmin' without a
flavour suffix as a possible package name -- it's only been a few
months since flavourization, and there may well be some older installs
still out there. (Although those should already be flagging for the
previous PMASA)
Reported by: mat
|
|
Wednesday, 22 Aug 2018
|
21:58 matthew
Third time's the charm. Now capitalize the package names correctly.
|
21:40 matthew
phpMyAdmin is flavoured now: use the correct package names.
|
21:28 feld
Document FreeBSD-SA-18:11.hostapd
|
21:28 feld
Document FreeBSD-SA-18:10.ip
|
21:27 feld
Document FreeBSD-SA-18:09.l1tf
|
21:03 swills
Document gogs open redirect issue
PR: 230800
Submitted by: Dmitri Goutnik <dg@syrec.org>
|
20:32 matthew
Document the latest phpMyAdmin security advisory PMASA-2018-5
|
19:28 zeising
Document libX11 vulnerabilities.
CVE-2018-14598
CVE-2018-14599
CVE-2018-14600
https://lists.x.org/archives/xorg-announce/2018-August/002915.html
|
|
Tuesday, 21 Aug 2018
|
17:53 dch
security/vuxml: add CVE-2018-11769 for databases/couchdb versions < 2.2.0
Reported by: Apache CouchDB PMC
Approved by: jrm
Security: CVE-2018-11769
Security: https://lists.apache.org/thread.html/1052ad7a1b32b9756df4f7860f5cb5a96b739f444117325a19a4bf75@%3Cdev.couchdb.apache.org%3E
Differential Revision: https://reviews.freebsd.org/D16820
|
|
Friday, 17 Aug 2018
|
21:07 swills
Document issue in security/botan2
PR: 230666
|
|
Wednesday, 15 Aug 2018
|
21:01 lwhsu
Document Jenkins Security Advisory 2018-08-15
Sponsored by: The FreeBSD Foundation
|
|
Tuesday, 14 Aug 2018
|
20:21 cy
Document WPA unauthenticated encrypted EAPOL-Key data vunlerability.
Security: CVE-2018-14526
|
19:08 jkim
Document the latest Flash Player vulnerabilities.
https://helpx.adobe.com/security/products/flash-player/apsb18-25.html
|
13:37 timur
Add an entry about multiple Samba vulnerabilities:
* CVE-2018-1139 (Weak authentication protocol allowed.)
* CVE-2018-1140 (Denial of Service Attack on DNS and LDAP server.)
* CVE-2018-10858 (Insufficient input validation on client directory
listing in libsmbclient.)
* CVE-2018-10918 (Denial of Service Attack on AD DC DRSUAPI server.)
* CVE-2018-10919 (Confidential attribute disclosure from the AD LDAP
server.)
Security: CVE-2018-1139
CVE-2018-1140
CVE-2018-10858
CVE-2018-10918
CVE-2018-10919
Sponsored by: iXsystems Inc.
|
|
Sunday, 12 Aug 2018
|
17:35 sunpoet
Document GraphicsMagick vulnerability
|
13:44 tobik
Document lang/chicken vulerabilities
|
07:55 flo
Document www/gitea vulnerability, with the scarce details provided by Gitea
PR: 230512
|
|
Friday, 10 Aug 2018
|
14:35 tijl
Document mbed TLS Security Advisory 2018-02.
Security: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-02
|
08:56 girgen
Add entry about postgresql vulnerabilites
|
|
Wednesday, 8 Aug 2018
|
19:07 brnrd
security/vuxml: Document Oracle's Crititcal Patch Update
|
|
Tuesday, 7 Aug 2018
|
13:18 girgen
Add vulnerability information about apache-xml-security-c
|
|
Monday, 6 Aug 2018
|
21:26 feld
Document FreeBSD-SA-18:08.tcp
|
03:23 koobs
security/py-cryptography: Add tag forgery vulnerability
PR: 226906
|
|
Sunday, 5 Aug 2018
|
11:56 riggs
Document CVE-2018-14912 in devel/cgit before version 1.2.1
PR: 230360
Submitted by: yasu@utahime.org
|
|
Friday, 3 Aug 2018
|
16:09 mfechner
Documented vulnerability of copied security/rubygem-doorkeeper43.
Approved by: mentors (implicit)
|
|
Wednesday, 1 Aug 2018
|
16:32 adamw
Fix a common grammar error: "can not" means the opposite of "cannot."
"Can not" means "it is possible not to," and "cannot" means "it is impossible
to."
|
|
Tuesday, 31 Jul 2018
|
23:44 sunpoet
Document rubygem-doorkeeper vulnerability
|
23:43 sunpoet
Document rubygem-sinatra vulnerability
|
09:51 mandree
Add new Mailman < 2.1.28 security issue.
https://bugs.launchpad.net/mailman/+bug/1780874
https://mail.python.org/pipermail/mailman-announce/2018-July/000241.html
Security: b4f0ad36-94a5-11e8-9007-080027ac955c
Security: CVE-2018-13796
|
|
Sunday, 29 Jul 2018
|
12:23 tota
- Fix range for ja-mailman in CVE-2018-0618
|
10:42 joneum
document mantis issues
PR: 229880
Submitted by: Nathan <ndowens.fbsd@yandex.com>
|
|
Saturday, 28 Jul 2018
|
11:43 sunpoet
Fix version range of curl vulnerability
|
|
Friday, 27 Jul 2018
|
13:37 swills
security/vuxml: document py-bleach issue
PR: 226851
|
13:15 swills
security/vuxml: document lshell issues
PR: 215988
Submitted by: Damien Fleuriot <dam@my.gd>
|
13:04 swills
security/vuxml: document openjpeg issues
PR: 225805
Submitted by: VK <vlad-fbsd@acheronmedia.com>
|
13:00 swills
security/vuxml: Document ffmpeg issues
PR: 223626
Submitted by: VK <vlad-fbsd@acheronmedia.com>
|
12:55 swills
security/vuxml: document gimp issue
While here, fix entry date on curl entry
PR: 225636
Submitted by: D. Ebdrup <debdrup@gmail.com>
|
12:34 cpm
Document new vulnerabilites in www/chromium < 68.0.3440.75
Obtained
from: https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html
|
12:24 swills
security/vuxml: Document curl issue
PR: 229752
Submitted by: Yasuhiro KIMURA <yasu@utahime.org>
|
06:50 mfechner
Documented vulnerabilities for gitlab-ce.
Approved by: mentors (implicit)
|
|
Thursday, 26 Jul 2018
|
17:37 danilo
- Document a graphics/vips buffer overflow.
https://github.com/jcupitt/libvips/releases/tag/v8.6.5
|
|
Tuesday, 24 Jul 2018
|
18:08 fernape
Document vulnerabilities for graphics/sixel 1.8.1
* CVE-2018-14072
* CVE-2018-14073
PR: 229975
Reported by: sue@iwmt.org (maintainer)
Approved by: tcberner (mentor)
|
06:33 miwi
- Exclude LibreSSL 2.6.5 from CVE-2018-0732 entry
PR: 229037
Sponsored by: iXsystems Inc.
|
|
Saturday, 21 Jul 2018
|
08:51 tijl
Remove linux expat packages from latest expat entry. Red Hat has marked
these "will not fix" because of the low impact so there's no point in
nagging users about this.
https://access.redhat.com/security/cve/cve-2016-9063
https://access.redhat.com/security/cve/cve-2017-9233
|
06:58 woodsb02
security/vuxml: Add CVE details for VLC vulnerability
|
06:50 woodsb02
security/vuxml: document VLC vulnerability
|
|
Thursday, 19 Jul 2018
|
15:37 fernape
security/vuxml: add mutt vulnerabilities
Include mutt vulnerabilities for mutt < 1.10.1
PR: 229810
Submitted by: dereks@lifeofadishwasher.com
Approved by: tcberner (mentor)
Differential Revision: https://reviews.freebsd.org/D16321
|
12:39 gahr
security/vuxml: fix typo
|
12:04 gahr
security/vuxml: document NeoMutt and Mutt vulnerabilities
|
06:44 mfechner
Document gitlab < 11.0.4 vulnerability.
Reviewed by: swills (mentor)
Approved by: swills (mentor)
Differential Revision: https://reviews.freebsd.org/D16317
|
|
Wednesday, 18 Jul 2018
|
23:15 lwhsu
Update CVE number of 20a1881e-8a9e-11e8-bddf-d017c2ca229d
Sponsored by: The FreeBSD Foundation
|
15:53 lwhsu
Fix range of 20a1881e-8a9e-11e8-bddf-d017c2ca229d
Sponsored by: The FreeBSD Foundation
|
15:50 lwhsu
Document Jenkins Security Advisory 2018-07-18
Sponsored by: The FreeBSD Foundation
|
14:14 dbaio
security/vuxml: Document irc/znc vulnerabilities
Reported by: gordon
Security: CVE-2018-14055
Security: CVE-2018-14056
|
13:39 brnrd
security/vuxml: Document Apache httpd vulns
|
|
Tuesday, 17 Jul 2018
|
17:28 gjb
Remove vendor-specific CVE numbers, following r474804. This tag
is reserved for Mitre CVE numbers, otherwise it does not pass
validation.
Sponsored by: The FreeBSD Foundation
|
17:19 novel
security/vuxml: update version range for latest qutebrowser vuln
Update version for www/qutebrowser CVE-2018-10895 to reflect 2018Q3 fix.
|
15:38 gjb
Comment a project-specific CVE reference in attempt to fix the build.
Sponsored by: The FreeBSD Foundation
|
15:29 joneum
Document vulberability for typo3-7 and typo3-8
|
|
Sunday, 15 Jul 2018
|
15:17 fernape
security/vuxml: add entry for devel/upp
Affected by CVE-2018-874
PR: 227414
Reported by: lightside@gmx.com
Approved by: tcberner (mentor)
Differential Revision: https://reviews.freebsd.org/D16017
|
15:13 eugen
Document several security defects in the Bouncy Castle Crypto APIs
before version 1.60
Obtained from: https://www.bouncycastle.org/latest_releases.html
Security: https://vuxml.FreeBSD.org/freebsd/fe93803c-883f-11e8-9f0c-001b216d295b
|
06:25 novel
Document www/qutebrowser CSRF vulnerability
Reviewed by: miwi
Security: CVE-2018-10895
|
|
Wednesday, 11 Jul 2018
|
17:24 jkim
Fix typos.
Reported by: N.J. Mann (njm at njm dot me dot uk)
|
16:44 jkim
Document the latest Flash Player vulnerabilities.
https://helpx.adobe.com/security/products/flash-player/apsb18-24.html
|
16:27 mfechner
Document vulnerability for libgit2 < 0.27.3.
Reviewed by: swills (mentor)
Approved by: swills (mentor)
Differential Revision: https://reviews.freebsd.org/D16220
|
13:50 gjb
Fix build.
Sponsored by: The FreeBSD Foundation
|
13:09 dch
security/vuxml: add CVE for Apache CouchDB 1.7.2 (databases/couchdb)
Approved by: jrm
Differential Revision: https://reviews.freebsd.org/D16212
|
|
Monday, 9 Jul 2018
|
19:16 ler
security/vuxml: document vulnerabilities in security/clamav.
|
08:19 miwi
- Document devel/zziplib - multible vulnerabilities
PR: 226491
Sponsored by: iXsystems Inc.
|
|
Sunday, 8 Jul 2018
|
14:45 joneum
Document wordpress issues
|
|
Saturday, 7 Jul 2018
|
14:25 jbeich
security/vuxml: seamonkey-2.49.4 contains firefox-52.9.0
|
11:08 joneum
Document vulnerability in www/mybb
|
|
Thursday, 5 Jul 2018
|
11:23 dbaio
security/vuxml: Document expat vulnerabilities
libwww is also vulnerable because it has expat in its source tree.
Security: CVE-2016-9063
Security: CVE-2017-9233
|
|
Tuesday, 3 Jul 2018
|
13:13 dch
security/vuxml: add CVE-2018-0608 for www/h2o
PR: 228762
Approved by: jrm
Security: CVE-2018-0608
Differential Revision: https://reviews.freebsd.org/D16110
|
|
Tuesday, 26 Jun 2018
|
16:27 jbeich
security/vuxml: mark firefox < 61 as vulnerable
|
15:27 mfechner
Vulnerability entry for www/gitlab.
Reviewed by: tz (mentor)
Approved by: tz (mentor)
Differential Revision: https://reviews.freebsd.org/D16010
|
|
Monday, 25 Jun 2018
|
21:55 mandree
Fixup
|
21:54 mandree
Link release announcement to mail/mailman < 2.1.27 vuln/CVE 2018-0618
|
21:45 mandree
Add mailman vulnerabilities/hardening.
Obtained from: Mark Sapiro
Security: 739948e3-78bf-11e8-b23c-080027ac955c
Security: CVE-2018-0618
Security: JVN#00846677
Security: JPCERT#97432283
|
|
Friday, 22 Jun 2018
|
23:16 matthew
Docuement the latest phpMyAdmin vulnerabilities
|
|
Thursday, 21 Jun 2018
|
22:49 feld
Document SA-18:07.lazyfpu
|
|
Wednesday, 20 Jun 2018
|
19:38 sunpoet
Document GraphicsMagick vulnerability
PR: 223629
Submitted by: Vladimir Krstulja <vlad-fbsd@acheronmedia.com>
|
|
Sunday, 17 Jun 2018
|
18:14 mfechner
Document vulnerability for libgit2 and py-pygit2.
Reviewed by: tz (mentor)
Approved by: tz (mentor)
Differential Revision: https://reviews.freebsd.org/D15668
|
|
Saturday, 16 Jun 2018
|
14:43 jrm
security/vuxml: document Slurm vulnerability
https://lists.schedmd.com/pipermail/slurm-announce/2018/000008.html
While here, silence validation warnings caused by node.js 2018-06-15 entry.
|
|
Friday, 15 Jun 2018
|
05:09 bhughes
security/vuxml: document Node.js vulnerabilities
https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/
|
|
Thursday, 14 Jun 2018
|
21:02 rene
List GPG parsing vulnerabilities in sysutils/password-store < 1.7.2
|
13:24 brnrd
security/vuxml: Document LibreSSL vuln
|
|
Wednesday, 13 Jun 2018
|
18:51 cpm
Document libgcrypt side-channel attack vulnerability
Security: CVE-2018-0495
|
|
Tuesday, 12 Jun 2018
|
13:55 adamw
Update gnupg entry now that gnupg1-1.4.23 has landed
|
Number of commits found: 6273 (showing only 100 on this page) |
As an Amazon Associate I earn from qualifying purchases.