mirror/freebsd-ports
1
0
Fork 0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-27 05:10:36 +00:00
Code Issues Releases Activity
248,475 Commits 45 Branches 100 Tags 3.4 GiB
3169297712
Commit Graph

2273 Commits

Author SHA1 Message Date
Beat Gaetzi
17a0039c11 - Document mozilla -- multiple vulnerabilities 2010-12-10 11:48:30 +00:00
Stanislav Sedov
3f94eeab07 - Document recent MIT krb5 checksum handling vulnerabilities. 2010-12-10 01:02:04 +00:00
Rene Ladan
9a65b62874 Document the known vulnerabilities for www/chromium. 
The [numbers] in the entry represent bug numbers which are clickable at
the referenced site, but most of them give a 403.
 2010-12-07 18:02:47 +00:00
Sergey A. Osokin
72ac285804 Document ProFTPD compromised source packages backdoor security issue. 2010-12-04 04:29:19 +00:00
Sunpoet Po-Chuan Hsieh
58ed65d4a0 - Document phpMyAdmin XSS attack in database search 2010-11-30 03:00:12 +00:00
Wesley Shields
edc2e088ca Document net/isc-dhcp41-server DHCPv6 DoS. The update to the port is coming 
shortly.
 2010-11-24 18:27:03 +00:00
Alexey Dokuchaev
66b5b71a45 Add entry for CVE-2010-4168: denial of service (server/client) via invalid 
read in OpenTTD.

PR:		ports/152529
Submitted by:	kwm
 2010-11-24 06:07:01 +00:00
Alexey Dokuchaev
b39cf9835e - Kill EOL whitespace and reformat to fit in standard terminal width better 
- Clean up the way <p>...</p> tags are used throughout the file for consistency
 2010-11-24 04:54:24 +00:00
Thierry Thomas
b14d49a80c Add an entry for www/horde-base VCARD attachments XSS vulnerability. 
Security:	VuXML: a3314314-f731-11df-a757-0011098ad87f
 2010-11-23 19:02:12 +00:00
Simon L. B. Nielsen
080a8fb7e4 Fix discovery date in last entry. 
Pointy hat to:	remko
 2010-11-23 17:42:24 +00:00
Remko Lodder
9cdf36a2e6 Add proftpd remote root vulnerability. 
Based on:	Vladimir Nikolic <vladimir dot nikolic at amis dot net>
Feature proof:	yes
With hat:	secteam
 2010-11-23 16:38:51 +00:00
Dirk Meyer
95520228fb - add security/openssl CVE-2010-3864 2010-11-17 11:09:34 +00:00
Juergen Lock
a3731df72a - Update to 10.1r102 resp. 9.0r289. 
- Drop MD5 hashes from distinfos

Security:	http://www.freebsd.org/ports/portaudit/76b597e4-e9c6-11df-9e10-001b2134ef46.html
Reported by:	Matthias Apitz on -emulation
 2010-11-06 17:55:52 +00:00
Xin LI
4702e40767 Add wireshark CVE-2010-3445. 
PR:		ports/151891
Submitted by:	Eygene Ryabinkin
 2010-11-06 04:08:59 +00:00
Sunpoet Po-Chuan Hsieh
5d593e5912 - Limit affected version of dovecot to 1.2.* before 1.2.8 
(vid: 30211c45-e52a-11de-b5cd-00e0815b8da8)

Reported by:	Adam McDougall <mcdouga9@egr.msu.edu>
Reference:	http://www.dovecot.org/list/dovecot-news/2009-November/000143.html
 2010-11-04 01:50:23 +00:00
Wesley Shields
40c91eecca Document mailman XSS. 
PR:		ports/151918
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
 2010-11-03 20:29:56 +00:00
Sergey Skvortsov
d1b28660ca Document "otrs" - multiple XSS and denial of service vulnerabilities. 2010-11-03 15:45:50 +00:00
Beat Gaetzi
580c23c54d - Document mozilla -- Heap buffer overflow mixing document.write and DOM 
insertion
 2010-10-28 09:17:23 +00:00
Dirk Meyer
370de94beb - www/opera 
PR:		151471
Submitted by:	Arjan van Leeuwen
 2010-10-26 16:46:27 +00:00
Sunpoet Po-Chuan Hsieh
78e52b728b - Add bzip2 integer overflow vulnerability 
Approved by:	pgollucci (mentor, implicit)
 2010-10-25 16:03:49 +00:00
Wesley Shields
6d95038ef1 Add the missing FreeBSD SA entries. We used to add these but stopped a while 
back. This should catch us up.

According to cperciva@ the reason we stopped was that it was causing a lot of
false positives. I ran portaudit with these changes and did not see any false
positives but if it turns out to be too noisy I will remove them.

Submitted by:	Christopher J. Umina (private mail)
Approved by:	cperciva@
 2010-10-25 14:58:40 +00:00
Rene Ladan
99f4a85ae6 Add monotone denial of service. 
Security:	http://www.monotone.ca/NEWS
 2010-10-24 17:08:03 +00:00
Philip M. Gollucci
426a7944f6 - Add devel/apr0 to list of packages that is affect. 2010-10-20 21:13:40 +00:00
Beat Gaetzi
020a9a16aa - Document mozilla -- multiple vulnerabilities 2010-10-20 15:12:52 +00:00
Koop Mast
2811b75557 Add multiple vulnabilities in webkit-gtk2. 2010-10-20 12:42:50 +00:00
Philip M. Gollucci
6a7415f239 - set modified date 2010-10-06 05:44:00 +00:00
Philip M. Gollucci
89cdfe653b - these 2 urls are covered by the <cvename/> tags 
Suggested by:   stas
 2010-10-06 05:41:27 +00:00
Philip M. Gollucci
436d682ca1 - Fix a minor typo 
Reported by:    stas
 2010-10-06 05:36:56 +00:00
Philip M. Gollucci
ea3f1485e1 Document devel/apr1's apr-util vunerabilities 
Security:       http://secunia.com/advisories/41701
Reviewed by:    secteam (cperciva) via irc
 2010-10-06 05:29:49 +00:00
Niels Heinen
edf2ce831b Documented phpMyFaq XSS vulnerability 
PR:		ports/151055
Submitted by:	Florian Smeets <flo@smeets.im>
Approved by:	itetcu (mentor, implicit)
Security:	http://www.phpmyfaq.de/advisory_2010-09-28.php
 2010-10-02 11:16:58 +00:00
Thierry Thomas
d5e2ba1fbc Report an XSS vulnerability in ftp/horde-gollem. 2010-09-28 18:04:45 +00:00
Thierry Thomas
44be814e6e Report a XSS vulnerability in mail/horde-dimp. 2010-09-28 17:48:19 +00:00
Thierry Thomas
bd94ed9c6b Report a XSS vulnerability in mail/horde-imp. 2010-09-28 17:30:09 +00:00
Thierry Thomas
ab6d2d5a2f Report 2 vulnerabilities in www/horde-base. 2010-09-28 17:09:35 +00:00
Niels Heinen
403b7450e1 Documented remote code execution vulnerability in OpenX 
PR:		ports/150610
Approved by:	itetcu (mentor, implicit)
Security:	ttp://blog.openx.org/09/security-update/
 2010-09-26 13:32:10 +00:00
Niels Heinen
e791a5a928 Documented squid denial of service vulnerability 
PR:		ports/150364
Submitted by:	Thomas-Martin Seck <tmseck@web.de>
Approved by:	itetcu (mentor, implicit)
Security:	CVE-2010-3072
Security:	http://www.squid-cache.org/Advisories/SQUID-2010_3.txt
 2010-09-24 20:24:37 +00:00
Juergen Lock
1442ee12d9 Update to 10.1r85 resp. 9.0r283 [1]. 
Security:	http://www.freebsd.org/ports/portaudit/8a34d9e6-c662-11df-b2e1-001b2134ef46.html
PR:		ports/150832 [2]
Submitted by:	pointyhat via pav [1], Tsurutani Naoki
		<turutani@scphys.kyoto-u.ac.jp> [2]
 2010-09-22 17:45:56 +00:00
Xin LI
230792e275 Correct discovery date, my bad :( 2010-09-17 20:07:07 +00:00
Xin LI
95878b7f1d Document django XSS vulnerability. 2010-09-17 19:31:59 +00:00
Bernhard Froehlich
f7a5d789ea - Add libxul as affected package to the latest mozilla entry 
Approved by:	beat (co-mentor)
 2010-09-15 15:37:24 +00:00
Philippe Audeoud
6be750f6d2 - Fix CVE name for webkit-gtk2 2010-09-10 13:41:57 +00:00
Koop Mast
7f2356aac7 Document webkit-gtk2 - multiple vulnerabilities. 
Also add 1 extra CVE to the previous webkit-gtk2 entry that was fixed but
didn't make it to the release notes.
 2010-09-10 13:03:19 +00:00
Shaun Amott
78503ca93a Belatedly (and perhaps pointlessly) document [1]: 
vim6 -- heap-based overflow while parsing shell metacharacters

While here, prepare this old port for termination with DEPRECATED.

PR:		ports/129300 [1]
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru> [1]
 2010-09-09 03:13:09 +00:00
Beat Gaetzi
462a91c8d5 - Document mozilla -- multiple vulnerabilities 2010-09-08 06:51:06 +00:00
Wesley Shields
6ca7c3635e Document sudo Runas group vulnerability. 2010-09-07 18:11:49 +00:00
Baptiste Daroussin
604949fc56 - wget 1.12_1 is also concerned 2010-09-04 16:20:33 +00:00
Baptiste Daroussin
096679336f - Add wget entry CVE-2010-2252 
- Add lftp entry CVE-2010-2251
 2010-09-03 13:57:14 +00:00
Philippe Audeoud
0f9f1862ff - Document p5-libwww vulnerability (remote servers can create .(dot) files) 2010-08-31 14:53:00 +00:00
Niels Heinen
9ac0da53ac Documented quagga vulnerabilities (stack overflow, DoS) 
Approved by:	itetcu (mentor,implicit)
Security:	http://www.openwall.com/lists/oss-security/2010/08/24/3
Security:	http://www.quagga.net/news2.php?y=2010&m=8&d=19#id1282241100
 2010-08-25 07:49:07 +00:00
Sergey Skvortsov
8bb83e14a6 Document "bugzilla" - information disclosure, denial of service. 2010-08-24 16:26:54 +00:00