1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-11-30 01:15:52 +00:00
Commit Graph

134 Commits

Author SHA1 Message Date
Simon L. B. Nielsen
8c91f8349c Change MAINTAINER address for ports maintained by the Security Team to
secteam@ instead of security@ to make it more clear that the ports are
not maintained by the freebsd-security@ mailing list.  Both addresses
go to the same people.
2005-07-30 19:13:10 +00:00
Simon L. B. Nielsen
04e3a67805 - Set maintainership to security@.
Suggested by:	nectar, remko
2005-07-03 20:46:48 +00:00
Simon L. B. Nielsen
de9b30b80a Grab maintainer-ship of portaudit. While I do not currently have any
plans for improvements (though I have ideas) I feel that portaudit is
too important to not have an active maintainer.

Approved by:	portmgr (linimon)
2005-06-14 22:04:55 +00:00
Thierry Thomas
3b1b7922ee Document Horde's XSS vulnerabilities.
Approved by:	portmgr (krion).
2005-01-05 10:51:21 +00:00
Jacques Vidrine
9cfb8ca626 Create a VuXML entry for Horde XSS help window vulnerability to replace
the portaudit-db entry.
2004-10-27 12:25:06 +00:00
Thierry Thomas
6833f56de3 Add an entry for a vulnerability fixed in horde-2.2.7. 2004-10-26 19:37:44 +00:00
Michael Nottebrock
d7892a1f84 Add entries for vulnerabilites in imported xpdf code in kdegraphics
and koffice.
2004-10-24 14:46:52 +00:00
Thierry Thomas
9958c57947 Add an entry for a XSS vulnerability fixed in IMP-3.2.6. 2004-10-12 05:25:06 +00:00
Oliver Eikemeier
c821b0e337 - star-devel: privilege escalation
- multi-gnome-terminal: information leak
- usermin: remote shell command injection and insecure installation
- mpg123: layer 2 decoder buffer overflow

Approved by:	portmgr (implicit)
2004-09-08 21:57:10 +00:00
Oliver Eikemeier
1ea7e0e900 - XSS vulnerability in phpGroupWare wiki module
- add some references

Approved by:	portmgr (implicit)
2004-09-07 10:44:11 +00:00
Oliver Eikemeier
a093965a26 multiple vulnerabilities in LHA 2004-09-03 22:30:35 +00:00
Oliver Eikemeier
903db11a21 grrrr... left the test case intact 2004-09-03 21:36:18 +00:00
Oliver Eikemeier
3648da397a - add some references
- extend ImageMagick entry
- squid ntlm authentication helper DoS
- multiple vpopmail vulnerabilities
- first attempts to check the base system for vulnerabilities:
  + cvs server code
  + zlib DoS
- BSD license portaudit.xml
2004-09-03 20:27:26 +00:00
Oliver Eikemeier
bf0beda828 samba printer change notification request DoS 2004-08-30 23:43:44 +00:00
Oliver Eikemeier
41570a3aad add some references, add ru-gaim 2004-08-30 10:58:47 +00:00
Oliver Eikemeier
5f3eb07822 multiple vulnerabilities in gaim 2004-08-30 10:57:42 +00:00
Oliver Eikemeier
14664616fe security bug in rscsi client code
Submitted by:	marius
2004-08-30 10:07:22 +00:00
Jacques Vidrine
8961228139 Document NSS SSLv2 server buffer overflow (already referenced in
portaudit.txt).
2004-08-27 15:29:58 +00:00
Jacques Vidrine
b95b3a3535 Document ripMIME decoding bug (already referenced in portaudit.txt). 2004-08-27 14:43:07 +00:00
Oliver Eikemeier
4262ad369c Argh. Duplicate entry for "Scorched 3D server chat box format string vulnerabilty" 2004-08-27 10:34:05 +00:00
Oliver Eikemeier
e601056789 Mozilla / NSS S/MIME DoS vulnerability & Scorched 3D server chat box format string vulnerability 2004-08-27 10:31:21 +00:00
Jacques Vidrine
975dd4bd17 Note sanitize_path bug in rsync (already referenced in portaudit.txt). 2004-08-26 22:10:50 +00:00
Jacques Vidrine
c57e57ac31 Document buffer overflows in SoX (already referenced in portaudit.txt). 2004-08-26 20:34:41 +00:00
Jacques Vidrine
80e7374bc1 Document cookie bug in Konqueror (already referenced in portaudit.txt). 2004-08-26 20:15:22 +00:00
Jacques Vidrine
e139e5a754 Remove libxine issue which is now documented in the FreeBSD VuXML
document.

Reminded by:	eik
2004-08-25 13:58:01 +00:00
Oliver Eikemeier
26458d785a nss library SSL remote buffer overflow 2004-08-25 13:10:29 +00:00
Oliver Eikemeier
bea9f10345 multiple buffer overflows in xv 2004-08-25 11:07:08 +00:00
Oliver Eikemeier
13a24db696 Konqueror cross-domain cookie injection 2004-08-23 23:28:36 +00:00
Oliver Eikemeier
a744df8d30 handle some duplicates 2004-08-23 23:12:02 +00:00
Oliver Eikemeier
da80a04ac6 a2ps: Possible execution of shell commands as local user. 2004-08-21 10:45:26 +00:00
Oliver Eikemeier
61e848dda0 correct topic of eda0ade6-f281-11d8-81b0-000347a4fa7d 2004-08-20 08:31:09 +00:00
Oliver Eikemeier
e510a55afd QT 3.x BMP (and possibly other graphics formats) heap-based overflow 2004-08-20 08:28:33 +00:00
Oliver Eikemeier
aeb091ef05 potential security flaws in mod_ssl 2004-08-18 20:01:44 +00:00
Oliver Eikemeier
21e5e83c57 move a800386e-ef7e-11d8-81b0-000347a4fa7d to xml 2004-08-17 07:56:37 +00:00
Oliver Eikemeier
539307be33 ruby CGI::Session insecure file creation 2004-08-16 12:23:39 +00:00
Oliver Eikemeier
ba24268c8f multiple phpGroupWare vulnerabilities 2004-08-15 23:44:59 +00:00
Oliver Eikemeier
137b94aa13 phpGedView, jftpgw 2004-08-15 17:22:09 +00:00
Oliver Eikemeier
48af6951c8 apply xlist not to the own files 2004-08-13 17:51:46 +00:00
Oliver Eikemeier
ea84ffa8c6 fix some vuxml duplicates, add sympa unauthorized list creation 2004-08-13 16:48:12 +00:00
Michael Nottebrock
57447419e7 Add another entry for kdelibs3 due to another missed patch. 2004-08-12 21:32:15 +00:00
Michael Nottebrock
3f9cf344ae Correct entries for recent kde vuln's and add new entry for kdelibs
(3.2.3_3 didn't have all patches).
2004-08-12 21:17:31 +00:00
Oliver Eikemeier
a49bbe0700 fix security hole in non-chroot rsync daemon.
<http://www.freebsd.org/ports/portaudit/2689f4cb-ec4c-11d8-9440-000347a4fa7d.html>
2004-08-12 10:45:27 +00:00
Oliver Eikemeier
9fcf94529c 9fb5bb32-d6fa-11d8-b479-02e0185c0b53 is a duplicate of 40800696-c3b0-11d8-864c-02e0185c0b53 2004-08-12 00:08:05 +00:00
Oliver Eikemeier
ab808db926 f72ccf7c-e607-11d8-9b0a-000347a4fa7d is a duplicate of 6f955451-ba54-11d8-b88c-000d610a3b12, move references 2004-08-11 22:57:51 +00:00
Michael Nottebrock
461f3c5adb Factor out all but one of the build switches of the KDE main module ports
into separate ports. The OPTIONS will remain as of yet and trigger dependencies
now, for easy transition.

Update KOffice to version 1.3.2.

Add patches to fix a number of issues, including:

- fix kxkb on Xorg
- fix kdemultimedia WITH_MPEGLIB (now mpeglib_artsplug) compilation on gcc 3.4.2
  with optimizations greater than -O

Add security related patches and entries to portaudit.txt.
2004-08-11 01:27:37 +00:00
Oliver Eikemeier
0826a8f01d libine "vcd:" input source buffer overflow 2004-08-10 08:50:27 +00:00
Oliver Eikemeier
9b87366d7a SpamAssassin DoS & cfengine authentication heap corruption 2004-08-10 00:56:37 +00:00
Oliver Eikemeier
97a39effba CVStrac arbitrary remote code execution 2004-08-07 09:09:26 +00:00
Oliver Eikemeier
4192752964 fold entry 7eded4b8-e6fe-11d8-b12f-0a001f31891a into 2de14f7a-dad9-11d8-b59a-00061bc2ad93 2004-08-06 12:37:01 +00:00
Dirk Meyer
3e4de141f0 putty local command execution 2004-08-06 05:41:01 +00:00