Niclas Zeising
9f10a77fa4
vuxml: Update pango entry for CVE-2019-1010238
...
Update the pango entry for CVE-2019-1010238.
Since the fix to pango wasn't applied properly the first time around, the
pango version with the fix needed to be bumpt in the vuxml entry.
2020-09-26 13:10:25 +00:00
Rene Ladan
ed1a1fd78b
Document new vulnerabilities in www/chromium < 85.0.4183.121
...
Obtained from: https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop_21.html
2020-09-22 19:00:08 +00:00
Tobias C. Berner
9f6cc013ea
security/vuxml: document libxml2 vulnerabilities
...
PR: 249386
2020-09-22 17:23:50 +00:00
Danilo G. Baio
e89f02361c
security/vuxml: Document net-im/py-matrix-synapse issue
...
PR: 249375
Submitted by: Denis Kasak <dkasak@termina.org.uk>
Submitted by: Sascha Biberhofer <ports@skyforge.at> (earlier version)
2020-09-21 21:07:56 +00:00
Dima Panov
7f985e2a71
- Document python35 multiple vulnerabilities
...
PR: 249187
2020-09-20 11:36:50 +00:00
Timur I. Bakeyev
e7ee7c7a9b
Add an entry about CVE-2020-1472 - Unauthenticated domain takeover via netlogon ("ZeroLogon")
...
Security: CVE-2020-1472
2020-09-20 00:36:02 +00:00
Bernard Spil
53a3c0120e
security/vuxml: Document Nextcloud 19.0.1 vuln
2020-09-19 12:22:27 +00:00
Matthias Andree
9ad5dcaf07
www/webkit2-gtk3: Multiple Vulnerabilities (vuxml entry)
...
PR: 247892
Submitted by: rob2g2 <spam123@bitbert.com>
Security: CVE-2020-9802
Security: CVE-2020-9803
Security: CVE-2020-9805
Security: CVE-2020-9806
Security: CVE-2020-9807
Security: CVE-2020-9843
Security: CVE-2020-9850
Security: CVE-2020-13753
2020-09-18 09:26:23 +00:00
Bradley T. Hughes
52a029c85d
security/vuxml: document Node.js September 2020 Security Releases
...
https://nodejs.org/en/blog/vulnerability/september-2020-security-releases/
Sponsored by: Miles AS
2020-09-16 20:47:51 +00:00
Philip Paeps
de62122961
security/vuxml: add FreeBSD SA-20:30.ftpd
2020-09-16 06:44:34 +00:00
Philip Paeps
dab946dccd
security/vuxml: add FreeBSD SA-20:29.bhyve_svm
2020-09-16 06:44:29 +00:00
Philip Paeps
582f0229ae
security/vuxml: add FreeBSD SA-20:28.bhyve_vmcs
2020-09-16 06:44:24 +00:00
Philip Paeps
0d319e0865
security/vuxml: add FreeBSD SA-20:27.ure
2020-09-16 06:44:19 +00:00
Sunpoet Po-Chuan Hsieh
98d2dac1be
Document rails vulnerability
2020-09-12 12:11:02 +00:00
Craig Leres
604114ceb2
security/vuxml: Mark zeek < 3.0.10 as vulnerable as per:
...
https://github.com/zeek/zeek/releases/tag/v3.0.10
Memory leak has potential for remote DOS via resource exhaustion.
2020-09-10 00:10:25 +00:00
Rene Ladan
5e0537a255
Document new vulnerabilities in www/chromium < 85.0.4183.102
...
Obtained from: https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop.html
2020-09-09 16:01:09 +00:00
Xin LI
130bd47749
Sigh, fix previous entry as it's already documented, combine the information
...
into previous entry.
2020-09-07 18:04:21 +00:00
Xin LI
3cf2794ffa
Document mpd multiple vulnerabilities.
2020-09-07 18:02:55 +00:00
Eugene Grosbein
f5465e43bd
Document remotely exploitable crash in the mpd5.
...
Reported by: chennan at SourceForge
Obtained from: http://mpd.sourceforge.net/doc5/mpd4.html#4
2020-09-06 20:03:11 +00:00
Tijl Coosemans
df19ff75c1
Document Mbed TLS 2020-09-1 and 2020-09-2.
...
Security: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-1
Security: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-2
2020-09-06 10:49:31 +00:00
Tijl Coosemans
cd91da0ddc
Document GNUTLS-SA-2020-09-04.
...
Security: https://gnutls.org/security-new.html#GNUTLS-SA-2020-09-04
2020-09-06 10:22:45 +00:00
Sunpoet Po-Chuan Hsieh
f0dd6a6ecb
Update jasper vulnerability
2020-09-05 21:44:37 +00:00
Sunpoet Po-Chuan Hsieh
aca0331314
Document Django vulnerability
2020-09-05 21:35:39 +00:00
Adam Weinberger
97bd56c544
security/vuxml: Fix gnupg version range specification
...
Thanks to swills for pointing me to the error here.
PR: 249110
Reported by: jjuanino gmail
2020-09-04 21:08:41 +00:00
Li-Wen Hsu
48b2cc7d4b
Fix format
2020-09-04 05:25:46 +00:00
Adam Weinberger
672ce5d301
vuxml: Add entry for gnupg 2.2.21 - 2.2.22
2020-09-04 02:13:17 +00:00
Philip Paeps
f78f8bc162
security/vuxml: add FreeBSD SA-20:26.dhclient
2020-09-03 01:00:50 +00:00
Philip Paeps
52a9605084
security/vuxml: add FreeBSD SA-20:25.sctp
2020-09-03 01:00:45 +00:00
Philip Paeps
986e599a69
security/vuxml: add FreeBSD SA-20:24.ipv6
2020-09-03 01:00:36 +00:00
Matthias Fechner
df941c88fb
Document gitlab vulnerabilities.
2020-09-02 19:39:19 +00:00
Dmitri Goutnik
8d14a6949f
security/vuxml: Document lang/go vulnerability
2020-09-01 19:28:26 +00:00
Tobias C. Berner
fc5c7433e8
security/vuxml: document vulnerability in ark
2020-08-28 05:15:49 +00:00
Craig Leres
1eab12760e
security/vuxml: Mark php72, php73, and php74 vulnerable as per:
...
https://www.php.net/ChangeLog-7.php#PHP_7_4
https://www.php.net/ChangeLog-7.php#PHP_7_3
https://www.php.net/ChangeLog-7.php#PHP_7_2
The phar_parse_zipfile function had [a] use-after-free vulnerability
because of [a] mishandling of the actual_alias variable.
Security: CVE-2020-7068
2020-08-27 20:50:21 +00:00
Rene Ladan
51af93a416
Document new vulnerabilities in www/chromium < 85.0.4183.83
2020-08-26 18:01:43 +00:00
Sunpoet Po-Chuan Hsieh
9c18d40b7a
Document jasper vulnerability
2020-08-25 19:00:36 +00:00
Niclas Zeising
5ff4f6245e
vuxml: Document xorg-server and libX11 vulns
...
Document newly announced vulnerabilities in libX11 and xorg-server.
2020-08-25 17:26:32 +00:00
Matthias Fechner
a89892bf02
Updated entry for gitlab to clarify that the previously reported version does not fix the problem.
...
Please also see this upstream issue:
https://gitlab.com/gitlab-org/gitlab/-/issues/233881
2020-08-25 13:12:31 +00:00
Matthias Andree
54b44bff84
vuln.xml: add chrony < 3.5.1 pidfile symlink vulnerability
...
Security: 719f06af-e45e-11ea-95a1-c3b8167b8026
Security: CVE-2020-14367
2020-08-22 10:08:38 +00:00
Ryan Moeller
b0d91d98c5
security/vuxml: Document sysutils/openzfs-kmod issues
...
PR: 248787
Reported by: Andrew Walker
Reviewed by: wg
Approved by: wg (ports)
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D26121
2020-08-20 18:12:45 +00:00
Dmitri Goutnik
7276747700
security/vuxml: Document textproc/elasticsearch6 vulnerability
...
PR: 248761
Submitted by: Juraj Lutter <juraj@lutter.sk> (maintainer)
2020-08-20 11:54:30 +00:00
Niclas Zeising
3cee13ce15
vuxml: Document dns/adns security issues
...
Document several securiy issues in dns/adns.
While here, fix whitespace in adjacent entries, as reported by make
validate.
2020-08-20 10:39:15 +00:00
Lars Engels
1843ae0614
Document icingaweb2 vulnerability
2020-08-19 17:29:51 +00:00
Sunpoet Po-Chuan Hsieh
3cc8f6d211
Document curl vulnerability
2020-08-19 16:26:33 +00:00
Wen Heping
be3d82501c
- Update a cvename entry
2020-08-19 15:59:55 +00:00
Wen Heping
4bb51dc8e7
- Document python37 and python36 multiple vulnerabilities
...
PR: 248751
Submitted by: mwalker@carbonhouse.com
2020-08-19 15:30:09 +00:00
Niclas Zeising
4951d0f103
vuxml: Document security/trousers issues
...
Reapply r545263, but do it properly this time.
Document security issues in security/trousers.
2020-08-19 08:24:45 +00:00
Glen Barber
bcba2bb3c1
Revert r545263, which excludes the package name, version(s) affected,
...
and includes "INSERT BLOCKQUOTE URL HERE" for a URL, suggesting the
'make validate' target was clearly not executed.
2020-08-19 03:30:06 +00:00
Niclas Zeising
89d7a12642
vuxml: Document security issues in security/trousers
2020-08-18 23:17:17 +00:00
Rene Ladan
09551cd8d2
Document new vulnerability in www/chromium < 84.0.4147.135
2020-08-18 19:36:51 +00:00
Florian Smeets
4c51f2fe71
Document ceph vulnerability
...
PR: 248673
Submitted by: Willem Jan Withagen <wjw@digiware.nl>
2020-08-17 20:10:04 +00:00