aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authoreik <eik@FreeBSD.org>2004-08-16 20:23:39 +0800
committereik <eik@FreeBSD.org>2004-08-16 20:23:39 +0800
commiteb93738ad61d7c3d7ccc32192124ceaddfb91e91 (patch)
tree0e0b3c9775ac10e449d4db9db30d588da6366f60
parent27b4a12766bab5228114b55c4ca9be8c9272a55f (diff)
downloadfreebsd-ports-gnome-eb93738ad61d7c3d7ccc32192124ceaddfb91e91.tar.gz
freebsd-ports-gnome-eb93738ad61d7c3d7ccc32192124ceaddfb91e91.tar.zst
freebsd-ports-gnome-eb93738ad61d7c3d7ccc32192124ceaddfb91e91.zip
ruby CGI::Session insecure file creation
-rw-r--r--ports-mgmt/portaudit-db/database/portaudit.txt3
-rw-r--r--security/portaudit-db/database/portaudit.txt3
2 files changed, 4 insertions, 2 deletions
diff --git a/ports-mgmt/portaudit-db/database/portaudit.txt b/ports-mgmt/portaudit-db/database/portaudit.txt
index 03ecf5da2610..b772c0d91b61 100644
--- a/ports-mgmt/portaudit-db/database/portaudit.txt
+++ b/ports-mgmt/portaudit-db/database/portaudit.txt
@@ -64,7 +64,8 @@ p5-Mail-SpamAssassin<2.64|http://secunia.com/advisories/12255 http://marc.theaim
cfengine2<2.1.8|http://www.coresecurity.com/common/showdoc.php?idx=387&idxseccion=10 http://secunia.com/advisories/12251|cfengine authentication heap corruption|f2a1dc8b-ea66-11d8-9440-000347a4fa7d
libxine<=1.0.r5_1|http://www.open-security.org/advisories/6 http://secunia.com/advisories/12194 http://sourceforge.net/mailarchive/forum.php?thread_id=5143955&forum_id=11923|libxine vcd MRL input identifier management overflow|bef4515b-eaa9-11d8-9440-000347a4fa7d
rsync<2.6.2_2|http://lists.samba.org/archive/rsync-announce/2004/000017.html|security hole in non-chroot rsync daemon|2689f4cb-ec4c-11d8-9440-000347a4fa7d
-sympa<4.1.2|http://secunia.com/advisories/12286 http://www.sympa.org/release.html|Sympa unauthorized list creation security issue|4a160c54-ed46-11d8-81b0-000347a4fa7d
+sympa<4.1.2|http://secunia.com/advisories/12286 http://www.sympa.org/release.html http://xforce.iss.net/xforce/xfdb/16984|Sympa unauthorized list creation security issue|4a160c54-ed46-11d8-81b0-000347a4fa7d
phpgedview<2.65.5|http://sourceforge.net/forum/forum.php?forum_id=344342 http://secunia.com/advisories/10602 http://www.osvdb.org/3473 http://www.osvdb.org/3474 http://www.osvdb.org/3475 http://www.osvdb.org/3476 http://www.osvdb.org/3477 http://www.osvdb.org/3478 http://www.osvdb.org/3479 http://www.osvdb.org/3480 http://www.osvdb.org/3481 http://www.osvdb.org/3482 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0067 http://www.securityfocus.com/archive/1/349698|phpGedView: muliple vulnerabilities|c35d4cae-eed0-11d8-81b0-000347a4fa7d
{ja-,}phpgroupware<0.9.14.007|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0016 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0017 http://www.securityfocus.com/bid/9386 http://www.securityfocus.com/bid/9387 http://xforce.iss.net/xforce/xfdb/13489 http://xforce.iss.net/xforce/xfdb/14846 http://www.osvdb.org/2691 http://www.osvdb.org/6857 http://secunia.com/advisories/10046|phpGroupWare calendar and infolog SQL injection, calendar server side script execution|96fc0f03-ef13-11d8-81b0-000347a4fa7d
{ja-,}phpgroupware<0.9.16.002|http://freshmeat.net/releases/168144 http://www.osvdb.org/8354 http://xforce.iss.net/xforce/xfdb/16970|phpGroupWare stores passwords in plain text|82f16a40-ef12-11d8-81b0-000347a4fa7d
+ruby{,_r,_static}>=1.8.*<1.8.2.p2|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0755 http://secunia.com/advisories/12290 http://www.debian.org/security/2004/dsa-537 http://www.ruby-lang.org/cgi-bin/cvsweb.cgi/ruby/ChangeLog?rev=1.2673.2.410 http://www.osvdb.org/8845|ruby CGI::Session insecure file creation|a800386e-ef7e-11d8-81b0-000347a4fa7d
diff --git a/security/portaudit-db/database/portaudit.txt b/security/portaudit-db/database/portaudit.txt
index 03ecf5da2610..b772c0d91b61 100644
--- a/security/portaudit-db/database/portaudit.txt
+++ b/security/portaudit-db/database/portaudit.txt
@@ -64,7 +64,8 @@ p5-Mail-SpamAssassin<2.64|http://secunia.com/advisories/12255 http://marc.theaim
cfengine2<2.1.8|http://www.coresecurity.com/common/showdoc.php?idx=387&idxseccion=10 http://secunia.com/advisories/12251|cfengine authentication heap corruption|f2a1dc8b-ea66-11d8-9440-000347a4fa7d
libxine<=1.0.r5_1|http://www.open-security.org/advisories/6 http://secunia.com/advisories/12194 http://sourceforge.net/mailarchive/forum.php?thread_id=5143955&forum_id=11923|libxine vcd MRL input identifier management overflow|bef4515b-eaa9-11d8-9440-000347a4fa7d
rsync<2.6.2_2|http://lists.samba.org/archive/rsync-announce/2004/000017.html|security hole in non-chroot rsync daemon|2689f4cb-ec4c-11d8-9440-000347a4fa7d
-sympa<4.1.2|http://secunia.com/advisories/12286 http://www.sympa.org/release.html|Sympa unauthorized list creation security issue|4a160c54-ed46-11d8-81b0-000347a4fa7d
+sympa<4.1.2|http://secunia.com/advisories/12286 http://www.sympa.org/release.html http://xforce.iss.net/xforce/xfdb/16984|Sympa unauthorized list creation security issue|4a160c54-ed46-11d8-81b0-000347a4fa7d
phpgedview<2.65.5|http://sourceforge.net/forum/forum.php?forum_id=344342 http://secunia.com/advisories/10602 http://www.osvdb.org/3473 http://www.osvdb.org/3474 http://www.osvdb.org/3475 http://www.osvdb.org/3476 http://www.osvdb.org/3477 http://www.osvdb.org/3478 http://www.osvdb.org/3479 http://www.osvdb.org/3480 http://www.osvdb.org/3481 http://www.osvdb.org/3482 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0067 http://www.securityfocus.com/archive/1/349698|phpGedView: muliple vulnerabilities|c35d4cae-eed0-11d8-81b0-000347a4fa7d
{ja-,}phpgroupware<0.9.14.007|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0016 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0017 http://www.securityfocus.com/bid/9386 http://www.securityfocus.com/bid/9387 http://xforce.iss.net/xforce/xfdb/13489 http://xforce.iss.net/xforce/xfdb/14846 http://www.osvdb.org/2691 http://www.osvdb.org/6857 http://secunia.com/advisories/10046|phpGroupWare calendar and infolog SQL injection, calendar server side script execution|96fc0f03-ef13-11d8-81b0-000347a4fa7d
{ja-,}phpgroupware<0.9.16.002|http://freshmeat.net/releases/168144 http://www.osvdb.org/8354 http://xforce.iss.net/xforce/xfdb/16970|phpGroupWare stores passwords in plain text|82f16a40-ef12-11d8-81b0-000347a4fa7d
+ruby{,_r,_static}>=1.8.*<1.8.2.p2|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0755 http://secunia.com/advisories/12290 http://www.debian.org/security/2004/dsa-537 http://www.ruby-lang.org/cgi-bin/cvsweb.cgi/ruby/ChangeLog?rev=1.2673.2.410 http://www.osvdb.org/8845|ruby CGI::Session insecure file creation|a800386e-ef7e-11d8-81b0-000347a4fa7d