mirror/freebsd-ports
1
0
Fork 0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-02 01:20:54 +00:00
Code Issues Releases Activity
180,267 Commits 45 Branches 100 Tags 3.3 GiB
66a8f0e357
Commit Graph

1376 Commits

Author SHA1 Message Date
Martin Wilke
fee6acc5a0 - Fix the versions number of typespeed from 4.1.0 to 0.4.1 
PR:		114441
Submitted by:	Tor Halvard Furulund <squat@squat.no>
 2007-07-09 14:03:19 +00:00
Andrew Pantyukhin
fec0d4b44a - Fix the latest wireshark entries by correcting a typo and adding 
more package names
 2007-07-07 08:27:53 +00:00
Martin Wilke
9cd0314853 - Document wireshark - Multiple problems 
Reviewed by:	simon@
 2007-07-06 10:34:25 +00:00
Gabor Kovesdan
4c8afbbe37 - Document typespeed arbitrary code execution 
Reviewed by:	remko
 2007-07-03 19:50:57 +00:00
Martin Wilke
14148fb403 - Fix a typo vcl -> vlc 
Noticed by:	lx@
 2007-06-29 22:18:24 +00:00
Martin Wilke
08d66d63bc - Document vlc - format string vulnerability and integer overflow 2007-06-29 09:42:05 +00:00
Martin Wilke
6e69c5aa16 - Document flac123 - stack overflow in comment parsing 
Reviewed by:	simon@
 2007-06-29 09:24:06 +00:00
Remko Lodder
fdfb889ae5 Document gd -- multiple vulnerabilities 
PR:		ports/114115
Submitted by:	Nick Barkas <snb at threerings dot net> (minor modifications by me).
 2007-06-29 06:06:58 +00:00
Xin LI
cbb3bdea6f Document that CVE-2007-3257 was fixed with evolution-data-server 
1.10.2_1.
 2007-06-28 07:38:03 +00:00
Andrew Pantyukhin
19d36d00b2 - Fix modified date in mod_perl entry 2007-06-27 20:52:24 +00:00
Erwin Lansing
9695a9e6ff Mark www/mod_perl2 fixed in version 2.0.3_2,3 2007-06-27 20:44:12 +00:00
Xin LI
f64828b3cf Document evolution-data-server remote arbitrary code execution 
vulnerability.

Fix at:	Evolution SVN changeset 7817 (#447414)
 2007-06-25 10:57:52 +00:00
Erwin Lansing
c8d93d036e The XMLRPC SQL Injection issue with wordpress was addressed in the 
latest release.
 2007-06-24 11:34:12 +00:00
Gabor Kovesdan
525a1c1cfb Document xpcd buffer overflow vulnerability. 
Revieved by:	remko
 2007-06-21 17:28:37 +00:00
Remko Lodder
02327974a6 Document clamav -- multiple vulnerabilities. 2007-06-19 19:47:51 +00:00
Xin LI
359efa1acf Document SpamAssassin vulnerability CVE-2007-2873, a local 
DoS issue.
 2007-06-18 07:56:53 +00:00
Martin Wilke
a6b094a5ee - Document cups -- Incomplete SSL Negotiation Denial of Service. 
Reviewed by:	simon@
 2007-06-12 18:27:39 +00:00
Martin Wilke
807e4948e9 - Fix other duplicate entry. 
Reviewed by:	simon
 2007-06-09 19:47:04 +00:00
Martin Wilke
c3ae8a8590 - Document c-ares -- DNS Cache Poisoning Vulnerability 
Reviewed by:	simon@
 2007-06-09 17:46:22 +00:00
Martin Wilke
d00658d436 - Fix duplicate entry de-wordpress -> zh-wordpress. 2007-06-09 17:44:04 +00:00
Gabor Kovesdan
2e460cd831 Add zh-wordpress as affected by the last two wordpress entries. 2007-06-09 16:13:32 +00:00
Gabor Kovesdan
d929936825 wordpress -- XMLRPC SQL Injection 
wordpress -- unmoderated comments disclosure

Reviewed by:	simon
 2007-06-09 15:07:22 +00:00
Martin Wilke
8fd707f9da - Document webmin -- cross site scripting 
Reviewed by:	simon@
 2007-06-09 14:07:47 +00:00
Simon L. B. Nielsen
c40c31c7cb - The fixed mplayer version number is 0.99.10_10, mark it as such. [1] 
- Add older mplayer package names.
- Break long lines.

Noticed by:	Henrik Brix Andersen <henrik@brixandersen.dk>
 2007-06-07 18:34:14 +00:00
Martin Wilke
8ec6f91e6e - Fix mplayer portversion. 2007-06-07 08:44:24 +00:00
Martin Wilke
849c29c9fe - Document mplayer -- cddb stack overflow. 
Reviewed by:	simon@
 2007-06-07 08:42:02 +00:00
Gabor Kovesdan
10f833a8e0 - Note that plone is also affected by 34414a1e-e377-11db-b8ab-000c76189c4c 
prior to version 2.5.3

Reviewed by:	simon
 2007-06-06 09:29:58 +00:00
Gabor Kovesdan
266bf60961 - gzip 1.3.12 has been patched and is not affected by 
11a84092-8f9f-11db-ab33-000e0c2e438a any more

Reviewed by:	simon
 2007-06-05 16:17:06 +00:00
Erwin Lansing
d0c078c27a Document an information disclosure vulnerability in mod_jk < 1.2.23. 
Reviewed by:	simon
 2007-06-05 09:38:17 +00:00
Erwin Lansing
1da851aff6 Add an entry for an email header injection vulnerability in 
www/typo3 from February.

Reviewed by:	remko
Persuaded by:	cperciva and simon by setting up the
		ports-security team
 2007-06-04 20:56:26 +00:00
Martin Wilke
781637120c - Document phppgadmin - Cross Site Scripting Vulnerability. 
Reviewed by:	mnag@
Reported by:	dinoex@
 2007-06-04 12:42:17 +00:00
Edward Tomasz Napierala
ed2a5982f8 - Add entry for findutils -- GNU locate heap buffer overrun. 
Revieved by:	simon (secteam)
Approved by:	miwi (mentor)
 2007-06-01 19:36:13 +00:00
Xin LI
ed56a09fc7 Mark file < 4.21 as vulnerable to the heap overflow. 2007-05-31 08:05:11 +00:00
Joe Marcus Clarke
3c9b6f623e Add an entry for the recent Freetype heap overflow vulnerability. 
Submitted by:	Nick Barkas <snb@threerings.net>
 2007-05-25 00:37:57 +00:00
Remko Lodder
8003ff9706 Document FreeBSD-SA-07:04.file (heap overflow in file(1)) 
Approved by:	portmgr (secteam implicit)
 2007-05-23 16:29:27 +00:00
Martin Wilke
4f2588d5fc - Document squirrelmail -- Cross site scripting in HTML filter 
Approved by:	portmgr (marcus)
 2007-05-21 20:08:21 +00:00
Simon L. B. Nielsen
e82affd309 Document png -- DoS crash vulnerability. 2007-05-16 21:10:03 +00:00
Simon L. B. Nielsen
fdeb5fd7a2 Document samba -- multiple vulnerabilities. 
Brought to you from Heathrow Airport and BSDCan 2007 Devsummit.
 2007-05-16 20:22:35 +00:00
Simon L. B. Nielsen
5660505553 Backout last change. 
Blackboard:

- I will remember to look at which files are committed.
- I will remember to look at which files are committed.
- I will remember to look at which files are committed.
- I will remember to look at which files are committed.
- I will remember to look at which files are committed.
- I will remember to look at which files are committed.
- I will remember to look at which files are committed.

x1000

Pointy hat to:	simon
 2007-05-10 17:34:45 +00:00
Simon L. B. Nielsen
4e0a6f6ea4 Update PHP entry to include the vulnerable version so the entry is 
correct for when PHP is updated in ports (yes it's being worked on),
or for people who upgrade "manually".

With hat:	secteam
Requested by:   several
 2007-05-10 17:31:49 +00:00
Remko Lodder
947b7a739d Document a lot of PHP vulnerabilities, mark all php4 and php5 (+cli,cgi) 
ports as vulnerable till the ports had been upgraded.
 2007-05-07 09:12:41 +00:00
Remko Lodder
1ee4a7171c Bump modification date for the latest mod_perl entry, this was forgotten 
by erwin, but there were "massive" changes that warrant a date bump.
 2007-05-07 08:49:25 +00:00
Remko Lodder
573e3a6f58 Standarize the latest entry (qemu) a bit more and add a forgotten 'a' 
in the p5-Imager text.
 2007-05-02 16:56:22 +00:00
Juergen Lock
1c19bc62dd Document multiple qemu vulnerabilities 
Obtained from:	debian-security-announce@lists.debian.org mailing list
Security:	multiple qemu vulnerabilities
 2007-05-01 22:49:39 +00:00
Lars Balker Rasmussen
77e127836a Update to 0.57 - fixes possible overflow vulnerability regarding malformed 
BMPs, see vuln.xml for details.

Security:	VuXML ID: 632c98be-aad2-4af2-849f-41a6862afd6a
 2007-04-30 17:51:53 +00:00
Remko Lodder
507f8c5208 Document FreeBSD -- IPv6 Routing Header 0 is dangerous 2007-04-28 18:34:30 +00:00
Erwin Lansing
1b24a292e8 Rework the mod_perl entry to note that Mandriva originally released 
an advisory.  Also add mod_perl2 to the vulnerable versions.
 2007-04-25 19:05:44 +00:00
Erwin Lansing
e9ca1878e6 Minor wordsmithing in the last mod_perl entry. 
Submitted by:	simon
 2007-04-25 17:11:17 +00:00
Erwin Lansing
b85159572e Add entry for mod_perl -- remote DOS in PATH_INFO parsing 
PR:		111844
Submitted by:	"Philip M. Gollucci" <pgollucci@p6m7g8.com>
 2007-04-25 17:04:36 +00:00
Anton Berezin
d9fddefe1b p5-Crypt-OpenPGP 1.03_1 should not be vulnerable to CVE-2005-0366. 2007-04-23 14:12:10 +00:00