aboutsummaryrefslogtreecommitdiffstats
path: root/ports-mgmt
Commit message (Expand)AuthorAgeFilesLines
* Fix RUN_DEPENDS.linimon2004-08-291-1/+4
* Document NSS SSLv2 server buffer overflow (already referenced innectar2004-08-271-1/+0
* Document ripMIME decoding bug (already referenced in portaudit.txt).nectar2004-08-271-1/+0
* Argh. Duplicate entry for "Scorched 3D server chat box format string vulnerab...eik2004-08-271-2/+1
* Mozilla / NSS S/MIME DoS vulnerability & Scorched 3D server chat box format s...eik2004-08-271-0/+2
* Note sanitize_path bug in rsync (already referenced in portaudit.txt).nectar2004-08-271-1/+0
* Document buffer overflows in SoX (already referenced in portaudit.txt).nectar2004-08-271-1/+0
* Document cookie bug in Konqueror (already referenced in portaudit.txt).nectar2004-08-271-1/+0
* Remove libxine issue which is now documented in the FreeBSD VuXMLnectar2004-08-251-1/+0
* nss library SSL remote buffer overfloweik2004-08-251-0/+1
* multiple buffer overflows in xveik2004-08-251-2/+3
* Watch out for undefined values when resolving port origins. This makesdes2004-08-252-4/+6
* Fix path to INDEX file on 5.x.adamw2004-08-251-0/+14
* Fix build on current in some situations.adamw2004-08-241-0/+2
* I am pleased to announce a new GTK+-2 interface to our ports tree!adamw2004-08-244-0/+55
* Konqueror cross-domain cookie injectioneik2004-08-241-0/+1
* handle some duplicateseik2004-08-243-2/+71
* fix "too many open files" error when using the -r flageik2004-08-242-2/+2
* a2ps: Possible execution of shell commands as local user.eik2004-08-211-1/+2
* Update to 0.2.0sem2004-08-213-20/+32
* correct topic of eda0ade6-f281-11d8-81b0-000347a4fa7deik2004-08-201-1/+1
* QT 3.x BMP (and possibly other graphics formats) heap-based overfloweik2004-08-201-0/+1
* potential security flaws in mod_ssleik2004-08-191-4/+6
* move a800386e-ef7e-11d8-81b0-000347a4fa7d to xmleik2004-08-173-9/+36
* ruby CGI::Session insecure file creationeik2004-08-161-1/+2
* Don't check the base system when PACKAGE_BUILDINGeik2004-08-161-0/+2
* multiple phpGroupWare vulnerabilitieseik2004-08-161-0/+2
* phpGedView, jftpgweik2004-08-163-0/+29
* Remove -a from the default fetch(1) flags, so that the daily securityeik2004-08-152-2/+2
* apply xlist not to the own fileseik2004-08-142-10/+15
* fix man page nits,eik2004-08-143-36/+61
* update to 20040811: fix compilation with GCC 3.4eik2004-08-143-13/+19
* fix some vuxml duplicates, add sympa unauthorized list creationeik2004-08-143-8/+680
* Add another entry for kdelibs3 due to another missed patch.lofi2004-08-131-0/+1
* Correct entries for recent kde vuln's and add new entry for kdelibslofi2004-08-131-1/+3
* fix security hole in non-chroot rsync daemon.eik2004-08-121-0/+1
* 9fb5bb32-d6fa-11d8-b479-02e0185c0b53 is a duplicate of 40800696-c3b0-11d8-864...eik2004-08-122-2/+5
* f72ccf7c-e607-11d8-9b0a-000347a4fa7d is a duplicate of 6f955451-ba54-11d8-b88...eik2004-08-122-4/+7
* Factor out all but one of the build switches of the KDE main module portslofi2004-08-111-0/+2
* libine "vcd:" input source buffer overfloweik2004-08-101-0/+1
* Update to 0.1.9sem2004-08-103-9/+9
* SpamAssassin DoS & cfengine authentication heap corruptioneik2004-08-101-2/+4
* Update to 0.1.8.sem2004-08-093-18/+37
* Upgrade to 0.1.7.thierry2004-08-084-96/+32
* Version 0.5 release.thierry2004-08-082-4/+17
* CVStrac arbitrary remote code executioneik2004-08-071-1/+2
* - Update to 0.63 (see NEWS for list of changes)sergei2004-08-072-5/+8
* fold entry 7eded4b8-e6fe-11d8-b12f-0a001f31891a into 2de14f7a-dad9-11d8-b59a-...eik2004-08-062-1/+4
* putty local command executiondinoex2004-08-061-0/+1
* move abe47a5a-e23c-11d8-9b0a-000347a4fa7d to vuxml, add mozilla to the list o...eik2004-08-061-1/+0
* o Security Update to 2.2.10-ja-1.0.nork2004-08-061-0/+1
* add Opera "location" object write access vulnerabilityeik2004-08-051-0/+1
* move f9e3e60b-e650-11d8-9b0a-000347a4fa7d to vuxml, add mozilla to the list o...eik2004-08-051-3/+0
* back out last commitdinoex2004-08-051-1/+0
* putty local command executiondinoex2004-08-051-0/+1
* libPNG stack-based buffer overflow and other code concernseik2004-08-051-0/+3
* Acrobat Reader handling of malformed uuencoded pdf fileseik2004-08-041-0/+1
* Squid NTLM authentication helper overfloweik2004-08-041-0/+1
* ripMIME attachment extraction bypasseik2004-08-041-4/+5
* Update to a snapshot of CVS from today to fix the build with GCC 3.4.marcus2004-08-033-7/+7
* GnuTLS certificate chain verification DoSeik2004-08-031-1/+3
* Add portmanager 0.1.3, freeBSD port management software.sem2004-08-015-0/+141
* phpMyAdmin configuration manipulation and code injectioneik2004-07-311-1/+2
* Register a vulnerability in mail/imp3.thierry2004-07-311-0/+1
* Mozilla Firefox certificate spoofingeik2004-07-301-0/+1
* DansGuardian banned extension filter bypass vulnerabilityeik2004-07-301-0/+1
* add a reference to the SoX buffer overflow entryeik2004-07-291-1/+1
* SoX buffer overflows when handling .WAV fileseik2004-07-291-1/+2
* LCDProc buffer overflow/format string vulnerabilitieseik2004-07-281-0/+1
* pavuk digest auth buffer overfloweik2004-07-271-0/+1
* add Nessus "adduser" race condition and Dropbear DSS verification bugeik2004-07-271-2/+5
* New option -r: restrict listed entries to selected references.eik2004-07-243-4/+25
* sync with latest b.p.meik2004-07-243-31/+82
* l2tpd BSS-based buffer overfloweik2004-07-231-0/+1
* phpBB cross site scripting vulnerabilitieseik2004-07-221-0/+1
* add subversion-perl, subversion-pythoneik2004-07-201-0/+1
* subversion access control bypasseik2004-07-201-0/+1
* mod_ssl format string vulnerabilityeik2004-07-181-0/+2
* create /var/db/options when it doesn't existeik2004-07-171-0/+6
* - synchronize with recent changes in bsd.port.mkeik2004-07-176-139/+1047
* Add missing RUN_DEPENDS on devel/newfilevs2004-07-171-1/+2
* Roundup directory traversaleik2004-07-161-1/+2
* wv library datetime field buffer overfloweik2004-07-141-0/+1
* multiple vulnerabilities in Bugzillaeik2004-07-141-0/+1
* check for a working tr(1).eik2004-07-142-0/+9
* Add a patch to read the index file via sort(1) instead of readingknu2004-07-134-2/+30
* correct vulnerable version of linux-png and add a referenceeik2004-07-111-2/+2
* libpng row buffer overfloweik2004-07-111-0/+2
* typo in 'make master-sites-all'eik2004-07-101-1/+1
* add some referenceseik2004-07-091-0/+4
* FWIIW, enable the use ofeik2004-07-091-6/+9
* move e5e2883d-ceb9-11d8-8898-000d6111a684 to vuln.xmleik2004-07-081-2/+0
* add targets master-sites-all, master-sites, patch-sites-all, patch-siteseik2004-07-072-1/+87
* fix a warning when GeoIP can't find the country for a siteeik2004-07-071-10/+13
* eliminate some verbatim uses of mktemp and sorteik2004-07-072-8/+9
* Fix a bug with -P when there are more than one binary package file forknu2004-07-074-2/+34
* add some referenceseik2004-07-061-3/+3
* Add devel/portmk, a place where bsd.port.mk development can happen.eik2004-07-0618-0/+6241
* MySQL versions < 4.1 seem to be unaffectedeik2004-07-061-2/+2
* Update to today's pkg_install from HEAD.marcus2004-07-064-88/+10
* add MySQL server authentication bypass / buffer overfloweik2004-07-061-0/+2
* Mark 4aec9d58-ce7b-11d8-858d-000d610a3b12 as a duplicate of theeik2004-07-053-1/+28
* Perform plist substitution for -L.des2004-07-052-3/+10
* Move phpnuke vulnerabilities to VuXML.trhodes2004-07-031-1/+0
* Use full path to portsdb instead of assuming ${LOCALBASE}/sbin is in PATHkris2004-07-021-2/+2
* Apply a patch to avoid "undefined method `each' for nil:NilClass"knu2004-07-024-0/+34
* move "phpMyAdmin code injection" to vuxmleik2004-07-021-1/+0
* Test OSVERSION instead of pkg_info -P to enable cross-version buildseik2004-07-022-9/+11
* phpMyAdmin code injectioneik2004-07-021-0/+1
* - update to version 0.5eik2004-07-0110-554/+442
* Update to 20040701. New distfile.knu2004-07-016-54/+10
* - SSLtelnet remote format string vulnerabilityeik2004-07-011-7/+8
* update to 20040629: sync with -CURRENTeik2004-06-303-5/+33
* add MIT Kerberos 5 krb5_aname_to_localname() buffer overfloweik2004-06-291-0/+1
* add isakmpd security association deletion vulnerabilityeik2004-06-291-2/+3
* add Apache input header folding DoS vulnerabilityeik2004-06-291-0/+1
* xine-lib RTSP handling vulnerabilitieseik2004-06-281-0/+1
* Move MoinMoin entry to VuXML.trhodes2004-06-281-1/+0
* diversify url conversioneik2004-06-281-1/+21
* Update to 2.6.6marcus2004-06-282-10/+115
* add portaudit2vuxml.pl to easy the migration of entries to VuXMLeik2004-06-261-0/+129
* Add an entry for recent isc-dhcp3-server buffer overflows.trhodes2004-06-261-1/+0
* Move giFT-FastTrack to VuXML.trhodes2004-06-261-1/+0
* giFT-FastTrack remote DoSeik2004-06-251-0/+1
* Add patch with bugfixes.mich2004-06-252-1/+48
* Update to 0.2.2eik2004-06-254-7/+10
* correct rlpr versioneik2004-06-251-2/+2
* Pure-FTPd DoS when the max number of connection is reachedeik2004-06-251-0/+1
* Move the Gallery entry to VuXML.trhodes2004-06-251-1/+0
* update to version 0.4.1eik2004-06-253-2/+30
* rlpr local and remote exploitable buffer overflow (CAN-2004-0393, CAN-2004-0454)eik2004-06-241-0/+1
* CAN-2004-0451: format string vulnerabilities in supeik2004-06-241-0/+1
* Security flaw in rssheik2004-06-241-1/+2
* Icecast remote DoS vulnerabilityeik2004-06-241-0/+1
* Add pkg-req file which was forgotten in the last commit.eik2004-06-241-0/+27
* Update to version 0.4, with a new `-f' option.eik2004-06-243-42/+91
* update to version 20040623, which has a new `filter mode' for pkg_version -T.eik2004-06-232-3/+3
* it seems like isc-dhcp3-{client,devel} are unaffectedeik2004-06-231-1/+1
* reword gallery entryeik2004-06-231-1/+4
* Update of port which supports FreeBSD-5 alike INDEX-5 file parsingeik2004-06-232-1/+21
* Sqwebmail 4.0.4 XSS vulnerabilityeik2004-06-221-0/+1
* Oops, the previous patch was bogus. Sorry.knu2004-06-224-24/+18
* Upgrade to version 0.4lofi2004-06-222-3/+3
* Roundup remote file disclosure vulnerabilityeik2004-06-221-0/+1
* Support the new, extended INDEX format.knu2004-06-224-0/+40
* make expiry date customizable via daily_status_portaudit_expiryeik2004-06-223-3/+3
* mailman allows 3rd parties to retrieve member passwords (CAN-2004-0412)weik2004-06-211-0/+1
* super format string vulnerabilityeik2004-06-211-0/+1
* Scorched 3D server chat box format string vulnerabilityeik2004-06-211-0/+1
* BNBT Authorization Header DoSeik2004-06-211-0/+1
* - The previous commit included ruby18-raspell-0.1, which is not affected.thierry2004-06-211-1/+2
* Security: fix a buffer overflow in word-list-compress:thierry2004-06-201-0/+1
* ircd-hybrid-7 low-bandwidth DoSeik2004-06-201-0/+2
* Fetch the database from http://www.FreeBSD.org/ports/ first.eik2004-06-184-6/+11
* make BASEURL customizableeik2004-06-182-3/+11
* add subversion-perl, subversion-pythoneik2004-06-181-1/+1
* added racoon certificate validation bugeik2004-06-171-0/+1
* update to 0.2eik2004-06-173-8/+15
* add moinmoin, phpnuke and webmin vulnerabilitieseik2004-06-171-0/+3
* SquirrelMail has a localized japanese versioneik2004-06-161-0/+1
* Add SquirrelMail XSS vulnerabilityeik2004-06-161-0/+1
* Update to 2.6.5.marcus2004-06-152-5/+11
* typoeik2004-06-152-2/+2
* Point all vulnerabilities to the base URL, so that entrieseik2004-06-152-3/+14
* update to 0.1.1, supporting some of the VuXML 1.1 featureseik2004-06-146-53/+194
* reword some descriptionseik2004-06-141-6/+6
* Change URLs for a better reference about IMP & Chora vulnerabilities.thierry2004-06-131-2/+2
* Add an entry for Chora and IMP.thierry2004-06-131-0/+2
* Added CAN-2004-0488, CAN-2004-0492, DBMail vulnerability, smtpproxy vulnerabi...eik2004-06-131-4/+9
* portaudit-db generates a portaudit database from a currenteik2004-06-1310-0/+644
* Fix a bug where the wrong path to pkg_add could result when doing recursivemarcus2004-06-132-21/+24
* accidentally packaged a wrong distribution fileeik2004-06-122-3/+3
* fix a problem with adding packages recursively under certain conditionseik2004-06-122-3/+3
* Fix package build by using explicit paths in RUN_DEPENDSkris2004-06-092-11/+11
* - Add dependency on portupgradepav2004-06-081-0/+3
* Update to 2.6.4.marcus2004-06-072-53/+15
* Update to 2.6.3.marcus2004-06-062-25/+57
* Update to 0.7.will2004-06-064-18/+19
* Update to the latest CVS HEAD snapshot (as of today). Also, make sure wemarcus2004-05-312-4/+13
* Update to 2.6.2.marcus2004-05-312-12/+80
* Update to 20040529.knu2004-05-296-24/+10
* Add two new metaports comprising a set of tools to work with the Portslinimon2004-05-274-0/+68
* Try to fetch an up-to-date index from http://www.freebsd.org/ports/.des2004-05-243-15/+46
* update to version 20040517, which parses 10alpha3 as 10.a3.eik2004-05-182-3/+3
* - Update to 20040517krion2004-05-174-339/+13
* Make 4a < 4a0 in order to improve consistency with missing version numberseik2004-05-132-3/+3
* Update to 20040511eik2004-05-122-3/+3
* disable on bento because the dynamicaleik2004-05-111-0/+5
* Use 'make checksum' instead of 'make fetch'.des2004-05-103-6/+6
* - fix package extensions for 4.xeik2004-05-082-3/+3
* Update to 20040414,mat2004-05-042-18/+34
* enable the use of csh-style {...} choices in glob patterns, e.g.eik2004-05-012-3/+3
* Update to 2.6.1.marcus2004-05-012-6/+38
* Fix usage of pkg_createeik2004-04-292-3/+3
* add an `-S' option to pkg_create, mostlyeik2004-04-292-3/+3
* - Update to version 0.2krion2004-04-183-16/+4
* * Update to today's -CURRENT snapshotmarcus2004-04-173-3/+70
* Introduce '*' as the lowest possible version number, so thateik2004-04-162-12/+3
* Add missing @dirrmkris2004-04-141-0/+1
* Don't require additional command line arguments when -I is specified.des2004-04-122-2/+2
* Cosmetic: sort the status report, wrap a long line.des2004-04-052-3/+6
* - Update pkg-descr to reflect realitysergei2004-04-051-5/+7
* Chase the glib20 update, and bump all affected ports' PORTREVISIONs.marcus2004-04-051-1/+1
* Rework the dependency discovery and update code, as well as the handlingdes2004-04-033-121/+133
* update to 0.3.1:eik2004-04-015-18/+117
* Use the two-argument version of mkdir() for backward compatibility.des2004-03-312-1/+2
* SIZEify (maintainer timeout)trevor2004-03-316-0/+6
* Add support for MOVED.des2004-03-292-13/+64
* Fix a stupid bug introduced by the last update, which destroyedknu2004-03-294-0/+20
* Update to 2.6.0marcus2004-03-272-12/+52
* Update to 20040325.knu2004-03-254-2/+6
* Update to 2.5.9.marcus2004-03-212-17/+48
* - SIZEify.mich2004-03-181-0/+1
* Add size data.trevor2004-03-181-0/+1
* Update to 0.3.eik2004-03-119-86/+145
* Update to 2.5.8.marcus2004-03-102-7/+8
* Make the variable definition syntax more like make(1)'s, and update thedes2004-03-033-10/+14
* Update to 02/29/2004's CVS HEAD snapshot of the pkg_install code to fix somemarcus2004-03-012-4/+5
* grammareik2004-02-251-2/+2
* add a security contacteik2004-02-251-0/+7
* - bugfix: awk in -CURRENT accepts no regexes in RS, causing the databaseeik2004-02-254-3/+57
* update to 0.2:eik2004-02-228-126/+480
* update to 20040216:eik2004-02-193-5/+4
* Disable auditfile.txt until we decide on a database format,eik2004-02-191-53/+0
* add bind, pine, samba 3.xeik2004-02-171-0/+5
* remove duplicate mutt entry, sorry.eik2004-02-171-1/+0
* add mutt and mailmaneik2004-02-171-0/+2
* XFree86-Server font file buffer overflowseik2004-02-171-0/+2
* add GNATS3eik2004-02-161-0/+1
* require gaim version 0.75_6, since the vulnerability has been re-introducedeik2004-02-131-1/+4
* add fspd <= 2.8.1.3eik2004-02-131-0/+1
* Add mutt < 1.4.2 vulnerabilty.clement2004-02-121-0/+1
* add an URL where at least somek kind of advisory for monkeyd can be found...eik2004-02-111-1/+1
* Add entries for:clement2004-02-111-0/+2
* add clamav<0.65_7eik2004-02-101-0/+1
* Update to 20040207pav2004-02-092-8/+22
* Update to 20040208. (Just repacked to roll up recent patches)knu2004-02-0810-276/+10
* Fix a long-standing silly bug in uninstall_pkg().knu2004-02-084-2/+34
* Make portsdb -U use the canonical way to make a ports index file nowknu2004-02-076-6/+138
* Use PLIST_FILES (bento-tested, marcus-reviewed).trevor2004-02-068-4/+4
* Use PLIST_FILES.trevor2004-02-062-1/+1
* Bump PORTREVISION on all ports that depend on gettext to aid with upgrading.marcus2004-02-042-0/+2
* Add a patch to make portupgrade just use stdout/stderr redirection toknu2004-02-014-0/+94
* SIZE *DOES* MATTER.sergei2004-01-311-0/+1
* SIZEify.trevor2004-01-301-0/+1
* Speling 8Peik2004-01-291-1/+1
* Add some more examples (inn, apache) to test combined >= & < relationseik2004-01-291-1/+10
* tandart vulnerability test for port auditing systemseik2004-01-292-0/+50
* portaudit provides a list of published security vulnerabilitieseik2004-01-287-0/+295
* - remove sourceforge from MASTER_SITESeik2004-01-284-34/+49