mirror/freebsd-ports
1
0
Fork 0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-16 03:24:07 +00:00
Code Issues Releases Activity
215,678 Commits 45 Branches 100 Tags 3.4 GiB
6526752ad7
Commit Graph

1928 Commits

Author SHA1 Message Date
Martin Wilke
a7a0db324f - Document mozilla -- multiple vulnerabilities 2009-04-22 08:38:33 +00:00
Joe Marcus Clarke
64d1edd4b4 Document the recent poppler vulnerabilities fixed in 0.10.6. 
PR:		133838
Submitted by:	Mark Foster <mark@foster.cc>
Approved by:	portmgr (implicit)
 2009-04-18 18:26:26 +00:00
Martin Wilke
66c77fe3d6 - Rework previus entry (xpdf -- multiple vulnerabilities) 
* fix typos
	* added more information about security issues
	* added more reference sites

Approved by:	portmgr (secteam blanked)
 2009-04-18 17:55:20 +00:00
Marcelo Araujo
8a731c69a4 - Document xpdf -- multiple vulnerabilities 
Approved by:	portmgr (erwin)
 2009-04-18 17:20:19 +00:00
Martin Wilke
00b3381597 - Document freetype2 -- multiple vulnerabilities 
Approved by:	portmgr (secteam blanked)
 2009-04-18 09:41:32 +00:00
Wesley Shields
3c69234054 - Document ejabberd cross-site scripting vulnerability. 
PR:		ports/132800
Submitted by:	Mark Foster <mark@foster.cc>
Reviewed by:	miwi
Approved by:	portmgr (secteam blanket, explicitly miwi)
 2009-04-17 16:51:03 +00:00
Martin Wilke
9440f6135c - Document ziproxy -- Multiple HTTP Proxy HTTP Host Header Incorrect Relay Behavior Vulnerability 
Approved by:	portmgr (secteam blanked)
 2009-04-15 13:34:52 +00:00
Martin Wilke
18b036d438 - Document phpmyadmin -- insufficient output sanitizing when generating configuration file 
Approved by:	portmgr (secteam blanked)
 2009-04-15 13:17:13 +00:00
Martin Wilke
bba5f10f46 - Document drupal6-cck -- cross-site scripting 
PR:		133550
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
 2009-04-11 12:01:18 +00:00
Martin Wilke
0efe214134 - Document pivot-weblog -- file deletion vulnerability 2009-03-27 21:49:38 +00:00
Mathieu Arnold
e0dcc02b64 Fix the roundcube version of CVE-2009-0413, should be 0.2.1,1 and not 0.2.1. 
Pointy Hat To:	miwi
 2009-03-26 14:13:03 +00:00
Xin LI
647cfb9fef Document phpmyadmin: insufficient output sanitizing when generating 
configuration file.
 2009-03-25 07:41:42 +00:00
Martin Wilke
2b6fa4ce53 - Update 8e8b8b94-7f1d-11dd-a66a-0019666436c2 (www/rubygem-rails) now secure 
- Bump modified day

Reported by:	Mike Duchene
 2009-03-23 15:43:25 +00:00
Martin Wilke
b2a5391713 - Fix daf045d7-b211-11dd-a987-000c29ca8953 
- Fix discovery date
- Tell portaudit net-snmp is secure

Reported by:	Oliver Brandmueller <ob@e-Gitt.NET> (via private mail)
Reviewed by:	tabthorpe
 2009-03-23 15:28:08 +00:00
Martin Wilke
3c71d4f718 - Update zabbix entry is now secure 2009-03-23 15:08:29 +00:00
Martin Wilke
e056f1f57e - Fix spelling 2009-03-23 14:22:46 +00:00
Martin Wilke
1989306a17 - Document amarok -- multiple vulnerabilitie 
PR:		based on 132938
 2009-03-23 14:17:46 +00:00
Martin Wilke
8c2ba7ce07 - Fix portaudit build 
- Rework latest wireshark entry
- Bump modified
 2009-03-23 14:09:31 +00:00
Martin Wilke
a487c53796 - Cleanup latest Wireshark entry 2009-03-22 19:26:13 +00:00
Martin Wilke
6dea4b8457 - Bump modified date for zope entry 2009-03-22 19:24:02 +00:00
Pav Lucistnik
dca2909bc8 - zope-2.7.9_2 secure 2009-03-22 18:24:25 +00:00
Joe Marcus Clarke
71be066eed Add an entry for Wireshark less than or equal to 1.0.5 pertaining to 
multiple DoS situations as described at http://www.wireshark.org/security/wnpa-sec-2009-01.html.

PR:		131688
Submitted by:	Mark Foster <mark@foster.cc>
 2009-03-22 17:10:57 +00:00
Martin Wilke
f4ddd96771 - Mark *seamonkey as safe 2009-03-20 22:01:24 +00:00
Martin Wilke
57316d0728 - Add CVE's referenc to 78f5606b-f9d1-11dd-b79c-0030843d3802 
PR:		132797
Submitted by:	Mark Foster <mark@foster.cc>
 2009-03-20 21:59:31 +00:00
Martin Wilke
d673e1bf89 - Mark mail/*thunderbird as safe 2009-03-20 21:13:46 +00:00
Martin Wilke
7130b9a37c - Added more references to the netatalk 2009-03-18 16:18:57 +00:00
Martin Wilke
c3c675ea12 - Small cleanup 2009-03-18 15:34:56 +00:00
Martin Wilke
a411f5c95b - Document netatalk -- arbitrary command execution in papd daemon 
PR:		based on 132427
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
 2009-03-18 15:05:03 +00:00
Martin Wilke
635e827515 - Fix discovery date from previous entry 2009-03-16 21:01:09 +00:00
Martin Wilke
765337b861 - Document gstreamer-plugins-good -- multiple memory overflows 
PR:		 based on 132428
 2009-03-16 20:37:17 +00:00
Martin Wilke
b4cf27eb74 - Document libsndfile -- CAF processing integer overflow vulnerability 
PR:		based on 132371
 2009-03-16 19:50:10 +00:00
Martin Wilke
9f12e0ff02 - Fix roundcube entry 
Pointy hat to:	me
 2009-03-16 19:33:22 +00:00
Martin Wilke
9e21f29c30 - Document ffmpeg -- 4xm processing memory corruption vulnerability 
PR:		based on 132434
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
 2009-03-16 19:25:06 +00:00
Martin Wilke
ac98934a33 - Document roundcube -- webmail script insertion and php code injection 
PR:		based on 130968
 2009-03-16 18:49:33 +00:00
Martin Wilke
6ff8e622dc - Document proftpd -- multiple sql injection vulnerabilities 
PR:		based on 132369
 2009-03-16 18:11:40 +00:00
Martin Wilke
2da57f878f - Fix a typo 2009-03-16 17:51:11 +00:00
Martin Wilke
905c47c943 - Document zappix -- php frontend multiple vulnerabilities 
PR:		based on 132315
 2009-03-16 17:38:25 +00:00
Martin Wilke
cd6c576ba4 - Document php-mbstring -- php mbstring buffer overflow vulnerability 
PR:		based on 130603
 2009-03-16 17:13:48 +00:00
Martin Wilke
917343365e - Document phppgadmin -- directory traversal with register_globals enabled 
PR:		based on 132346
 2009-03-16 17:01:04 +00:00
Martin Wilke
0fa9447355 - Document opera -- multiple vulnerabilities 
PR:		based on 132437
 2009-03-15 20:42:00 +00:00
Martin Wilke
65e5b90bf4 - Clean up latest curl entry 2009-03-14 08:35:42 +00:00
Thomas Abthorpe
673ff0c2eb - Document epiphany -- untrusted search path vulnerability 2009-03-12 02:30:02 +00:00
Thomas Abthorpe
3ad800ee34 - Document apache -- Cross-site scripting vulnerability 2009-03-11 20:17:10 +00:00
Dmitry Marakasov
fa8fe25c56 - Document pngcrush -- libpng Uninitialised Pointer Arrays Vulnerability 
Reviewed by:	tabthorpe
 2009-03-05 00:35:07 +00:00
Peter Pentchev
bbc81a3bc4 Document the cURL redirection security bypass - CVE-2009-0037. 
I'll update the ftp/curl port itself ASAP.

PR:		132299
Reported by:	Mark Foster <mark@foster.cc> (the PR),
		Daniel Bond <db@danielbond.org> (e-mail)
 2009-03-04 15:30:27 +00:00
Joe Marcus Clarke
3262b5369b Bump the modified date for the previous Firefox change. 
Requested by:	miwi
 2009-02-23 20:48:17 +00:00
Joe Marcus Clarke
7cf62abcff Correct the Firefox 2.0 version for the recent Firefox vulnerabilities. 2009-02-23 20:41:47 +00:00
Marcus Alves Grando
1060ab3514 - Add CVE entries for last lighttpd security issue. 
Reported by:	Eygene Ryabinkin <rea-fbsd___codelabs.ru>
 2009-02-23 00:53:22 +00:00
Greg Larkin
549cd8c770 - Update to 1.7.5 
- Added UPDATING entry about incompatibility between 1.7.4 and 1.7.5
- Added vuln.xml entry for local file inclusion vulnerability in <1.7.5
- Added maintainer mode target in ZF Makefile to speed up fixups of
  pkg-plist output from genplist

Security:	cf495fd4-fdcd-11dd-9a86-0050568452ac
Security:	http://framework.zend.com/issues/browse/ZF-5748
Security:	http://weierophinney.net/matthew/archives/206-Zend-Framework-1.7.5-Released-Important-Note-Regarding-Zend_View.html
 2009-02-18 18:06:37 +00:00
Philippe Audeoud
aae2119c20 - Document dia -- remote command execution vulnerability 
Reviewed by:	miwi
 2009-02-17 21:10:46 +00:00