aboutsummaryrefslogtreecommitdiffstats
path: root/security/vuxml
Commit message (Expand)AuthorAgeFilesLines
* phpmyadmin -- HTTP Response Splitting vulnerabilitymnag2005-11-161-0/+32
* Add CVE name to an old sudo entry.simon2005-11-151-0/+2
* Update latest phpSysInfo entry to reflect that 2.4 was in fact not fixedsimon2005-11-141-1/+2
* - Micromedia -> Macromediasem2005-11-141-6/+6
* - Document phpSysInfo vulnerabilitysem2005-11-141-0/+34
* - Document flashplugin vulnerabilitysem2005-11-141-0/+43
* - Document p5-Mail-SpamAssassin vulnerabily (alread fixed in ports)sem2005-11-101-0/+66
* Update the recent gallery2 and webcalendar entries:remko2005-11-091-5/+14
* Document qpopper -- multiple privilege escalation vulnerabilities.remko2005-11-081-0/+32
* - Add missed </p> tag [1]sem2005-11-071-2/+3
* Add a bit more info from the PEAR advisory about the vulnerability tosimon2005-11-051-0/+4
* The two latest OpenVPN vulnerabilities were both only for 2.0 andsimon2005-11-051-2/+4
* Add an entry for pear-PEAR arbitrary code execution vulnerability.thierry2005-11-051-0/+28
* Correct skype entry to match the correct fixed port version number.simon2005-11-021-1/+2
* Document two OpenVPN vulnerabilities.simon2005-11-021-0/+67
* As Peter Jeremy points out, the recent lynx vulnerability also concernsnaddy2005-11-021-0/+5
* - Document skype vulnerabilitiessem2005-11-011-2/+75
* - Document CVE-2005-3258:sem2005-11-011-0/+32
* - Document a BASE Basic Analysis and Security Engine vulnerabilitysem2005-11-011-0/+29
* Back out the accidentally committed white-space modification parts ofsimon2005-11-011-8900/+12898
* Add entry for "fetchmail -- fetchmailconf local password exposure",barner2005-10-311-0/+31
* Document lynx remote buffer overflow in NNTP header handling.naddy2005-10-311-12960/+8995
* - Fix a ruby vulnerabuility in the safe level settings.sem2005-10-281-0/+36
* Add more references to entry net-snmp -- remote DoS vulnerability.simon2005-10-271-0/+3
* - Mark linux-firefox 1.0.7 as fixedsimon2005-10-261-5/+6
* Add misc/compat5x to "openssl -- potential SSL 2.0 rollback".lesi2005-10-261-1/+8
* Also mark xli as vulnerable to xloadimage -- buffer overflows in NIFFsimon2005-10-241-0/+5
* For entry libgadu -- multiple vulnerabilities:simon2005-10-241-2/+3
* For entry zope28 -- expose RestructuredText functionality to untrustedsimon2005-10-231-3/+5
* Add another reference to clamav -- arbitrary code execution and DoSsimon2005-10-221-0/+2
* Document x11/xloadimage buffer overflows in NIFF image title handling.naddy2005-10-201-0/+39
* Rename all CAN-yyyy-nnnn to CVE-yyyy-nnnn, with the exception of textnectar2005-10-201-688/+688
* For entry: snort -- Back Orifice preprocessor buffer overflow vulnerability:simon2005-10-191-1/+2
* - Document snort -- Back Orifice preprocessor buffer overflow vulnerability.simon2005-10-191-2/+50
* - Document www/webcalendar vulnerability.sem2005-10-151-0/+23
* - Document www/gallery2 vulnerability.sem2005-10-151-0/+35
* Improve last couple of entries:simon2005-10-131-13/+17
* Add entry for opensslmnag2005-10-121-3/+57
* Add entry for phpmyadmin (PMASA-2005-4)mnag2005-10-121-0/+29
* Fix typo with range valuesmnag2005-10-121-1/+1
* Add entry from zope28mnag2005-10-121-0/+30
* For libxine -- format string vulnerability entry:simon2005-10-101-5/+6
* Add an entry for libxine format string vulnerability.nobutaka2005-10-101-0/+31
* Mark older revisions linux_base-suse 9.3 as vulnerable to kdebase --simon2005-10-091-0/+5
* - Mark cfengine's arbitrary file overwriting vulnerability as fixed in 2.1.6_1sergei2005-10-071-0/+6
* Add an entry for UW-IMAP Mailbox Name Handling Remote Buffer Overflowthierry2005-10-061-0/+35
* Add credit for recent ftp/weex incidentehaupt2005-10-051-1/+1
* rinetd >= 0.62_1 has no more vulnerabilitiesgarga2005-10-041-2/+5
* Add references to three squid entries.remko2005-10-031-5/+15
* Use the <freebsdpr> tag to markup a PR in weex -- remote format stringsimon2005-10-031-1/+1
* Document a format string vulnerability in ftp/weex.jylefort2005-10-031-0/+30
* Document picasm -- buffer overflow vulnerability.simon2005-10-021-0/+33
* Add an URL to the entry of the japanese/uim.nobutaka2005-10-021-1/+1
* Document japanese/uim privilege escalation vulnerability.nobutaka2005-10-021-0/+31
* Document cfengine -- arbitrary file overwriting vulnerability.simon2005-10-011-0/+32
* Mark zsync <= 0.4.1 vulnerable to the zlib buffer overflow vulnerability.remko2005-10-011-0/+5
* Add more references to unace -- multiple vulnerabilities entry.simon2005-10-011-0/+3
* Add CVE name to an older ProZilla entry.simon2005-10-011-0/+2
* Add more references for latest phpmyfaq entry.simon2005-09-301-0/+9
* - Add a note that new entries, per convention, should be added to thesimon2005-09-301-5/+11
* Document vulnerabilities in www/phpmyfaqvsevolod2005-09-291-0/+25
* Add linux_base-suse-9.3 to the zlib entry.remko2005-09-241-0/+5
* Document clamav -- arbitrary code execution and DoS vulnerabilities.simon2005-09-241-0/+39
* - Be consistent and call entries "firefox & mozilla", not the other waysimon2005-09-241-2/+12
* - Document mozilla & firefox -- multiple vulnerabilities.simon2005-09-241-0/+147
* Add real references to urban -- stack overflow vulnerabilities.simon2005-09-221-5/+3
* Document mozilla & firefox -- command line URL shell command injection.simon2005-09-221-0/+87
* Add CVE name for tor -- diffie-hellman handshake flaw.simon2005-09-221-0/+2
* Correct package name for entry bind -- buffer overrun vulnerability.simon2005-09-221-1/+2
* Add CVE name to an older CUPS issue.simon2005-09-221-0/+2
* Fix the htdig entry, the port version and the VuXML version did notremko2005-09-201-1/+1
* Fix the squirrelmail entry since only versions prior to 1.4.5 wereremko2005-09-201-1/+2
* Document the following items:remko2005-09-181-0/+60
* - Add an entry on possible DOS condition regarding NTLM in squidpav2005-09-161-0/+28
* Document X11 server -- pixmap allocation vulnerability.lesi2005-09-151-0/+33
* Document unzip -- permission race vulnerability. [1]remko2005-09-141-1/+35
* Document firefox & mozilla -- buffer overflow vulnerability.simon2005-09-111-0/+97
* Mark the latest version of cups-base fixed for "xpdf -- disk fill DoSlawrance2005-09-071-2/+2
* Add forgotten </package> line.remko2005-09-041-0/+1
* Mark b2evolution prior to 0.9.0.12_2 vulnerable to the XML_RPC remote php cod...remko2005-09-041-1/+5
* Document htdig -- cross site scripting vulnerability.remko2005-09-041-0/+29
* - Document two squid security related issues.sem2005-09-041-0/+55
* Document bind9 -- denial of service.remko2005-09-041-0/+44
* Document bind -- buffer overrun vulnerabilityremko2005-09-041-0/+28
* Add a more or less bogus reference section to the last entry, to make itsimon2005-09-021-0/+7
* Document stack overflow vulnerabilities in games/urban.jylefort2005-09-021-0/+22
* Mark latest evolution port version as fixed wrt. evolution -- remotesimon2005-08-301-1/+2
* Add entry for fswiki's vuln.kuriyama2005-08-291-0/+22
* Dante 1.1.15 is no longer affected by the fd_set bitmap index overflow.niels2005-08-291-2/+5
* - Fill out part of the std. VuXML template missed in the last entry.simon2005-08-291-2/+3
* Document evolution -- remote format string vulnerabilities.simon2005-08-281-0/+43
* Document pam_ldap -- authentication bypass vulnerability.simon2005-08-281-0/+32
* Mark phpgroupware as vulnerable to pear-XML_RPC -- remote PHP codesimon2005-08-281-1/+6
* Document pcre -- regular expression buffer overflow.simon2005-08-271-0/+29
* Mark latest awstats port as fixed for awstats -- arbitrary codesimon2005-08-241-1/+2
* Document mail/elm remote buffer overflow vulnerability.sem2005-08-241-0/+34
* Document four vulnerabilities in openvpn:remko2005-08-191-0/+123
* Also mark phpAdsNew as affected by "pear-XML_RPC -- remote PHP codesimon2005-08-181-1/+6
* Add the fixed version so that people do not get a stale portaudit when the up...remko2005-08-181-7/+7
* Document tor -- diffie-hellman handshake flaw.remko2005-08-181-0/+31
* gpdf has been fixed for "xpdf -- disk fill DoS vulnerability", mark itsimon2005-08-171-0/+4
* Add eGroupWare to the list of packages affected by "pear-XML_RPC --simon2005-08-171-0/+6
* Document acroread -- plug-in buffer overflow vulnerability.simon2005-08-171-0/+42
* Add phpmyfaq and drupal to the "pear-XML_RPC -- remote PHP codesimon2005-08-161-1/+15
* Document pear-XML_RPC -- remote PHP code injection vulnerability.simon2005-08-151-0/+36
* Document awstats -- arbitrary code execution vulnerability.simon2005-08-151-0/+45
* After further examination it turns out that gnugadu does not includesimon2005-08-131-2/+1
* Remove pl-gnugadu2 and kadu from being affected by libgadu -- multiplesimon2005-08-121-5/+0
* Document libgadu -- multiple vulnerabilities.simon2005-08-121-0/+78
* Document gaim -- AIM/ICQ away message buffer overflow and gaim --simon2005-08-121-0/+65
* Remove pdftohtml from the list of packages affected by xpdf -- disksimon2005-08-121-4/+0
* Document xpdf -- disk fill DoS vulnerability.simon2005-08-121-0/+45
* Mark apache 1.3.33_2 as fixed for apache -- http request smuggling.simon2005-08-111-2/+3
* Document gforge -- XSS and email flood vulnerabilities.simon2005-08-091-0/+46
* Document postnuke -- multiple vulnerabilities.simon2005-08-081-0/+47
* Document mambo -- multiple vulnerabilities.simon2005-08-051-0/+41
* Correct the ranges for the IPSec advisory and the devfs advisory.remko2005-08-051-3/+3
* Document some recent FreeBSD advisories:remko2005-08-051-0/+105
* Add some more entries to the apache -- http smuggling vulnerability.remko2005-08-041-2/+14
* Document proftpd -- format string vulnerabilities.simon2005-08-041-0/+37
* Note that the fix for gnupg -- OpenPGP symmetric encryptionsimon2005-08-041-0/+9
* Mark p5-Crypt-OpenPGP, pgp, and pgpin as vulnerable to gnupg --simon2005-08-031-0/+7
* Mark latest gdal version as fixed for all tiff vulnerabilities.simon2005-08-021-9/+24
* Added nbsmtp format string vulnerability.niels2005-08-011-0/+28
* Mark latest the linux-tiff and pdflib ports safe from latest tiffsimon2005-08-011-1/+8
* Document sylpheed -- MIME-encoded file name buffer overflowsimon2005-07-311-0/+31
* Document phpmyadmin -- cross site scripting vulnerability.simon2005-07-311-0/+30
* Document gnupg -- OpenPGP symmetric encryption vulnerability.simon2005-07-311-0/+37
* Bump entry date.remko2005-07-311-1/+1
* Document vim -- vulnerabilities in modeline handling: glob, expand.remko2005-07-311-0/+36
* Document that ekg -- insecure temporary file creation was fixed insimon2005-07-311-1/+2
* Add pdflib-perl, fractorama, gdal, iv, ivtools, ja-iv, ja-libimg,simon2005-07-311-3/+56
* Change MAINTAINER address for ports maintained by the Security Team tosimon2005-07-311-1/+1
* Document tiff -- buffer overflow vulnerability.simon2005-07-301-0/+39
* - Misc. markup/whitespace fixes.simon2005-07-301-39/+23
* Document jabberd vulnerabilities that were fixed by the latest update.vsevolod2005-07-301-0/+37
* Be consistent and use the same title for the latest etherealsimon2005-07-301-1/+1
* Document opera -- image dragging vulnerability and opera -- downloadsimon2005-07-301-0/+78
* Document ethereal -- multiple vulnerabilities.simon2005-07-301-0/+71
* - Fix apache 2.1 range for CAN-2005-2088 entry which prevents apache 2.0 fromclement2005-07-281-1/+4
* Mark apache+mod_ssl-1.3.33+2.8.22_1 as not vulnerable in the latest Apache en...remko2005-07-281-1/+2
* There must be an curse. s/il/li/.remko2005-07-281-7/+7
* Update my latest Apache entry to make clear that this only affects certainremko2005-07-281-1/+12
* Document apache -- http request smuggling.remko2005-07-271-0/+64
* Set modified date in entry for previous commit.erwin2005-07-261-0/+1
* Note that the fd_set vulnerability in net/bld was fixed in 0.3.3erwin2005-07-261-1/+4
* Document clamav -- multiple remote buffer overflows.hrs2005-07-251-0/+46
* - Document isc-dhcpd -- format string vulnerabilities (oldersimon2005-07-231-1/+37
* Add entry for eGroupWare's recent vulnerabilities.kuriyama2005-07-231-0/+31
* Document denial of service attack in fetchmail 6.5.2.1.barner2005-07-221-0/+30
* Update phppgadmin entry to note that it was fixed in 3.5.4 and add asimon2005-07-221-1/+4
* Document dnrd -- remote buffer and stack overflow vulnerabilities.simon2005-07-221-0/+33
* Fix typo in last commitsimon2005-07-211-1/+1
* Add more references to latest fetchmail entry [1] and sort referencessimon2005-07-211-1/+4
* Document an issue with the LDAP backend provided by PowerDNS.trhodes2005-07-211-0/+30
* Document fetchmail -- remote root/code injection from malicious POP3simon2005-07-211-0/+28
* o add kdebase (kate) vulnarability.mich2005-07-191-0/+33
* Add CVE names to recent bugzilla entry.simon2005-07-181-0/+3
* - Document firefox & mozilla -- multiple vulnerabilities.simon2005-07-161-1/+126
* Add an entry for the drupal vulnerabilities.erwin2005-07-161-0/+27
* Fixed incorrect newsfetch and mnogosearch affected package versionsniels2005-07-151-2/+2
* Markup fixed version of net-snmp problem.kuriyama2005-07-131-1/+2
* Correct a typo: s/lemote/remote/remko2005-07-101-1/+1
* Document the following vulnerabilities:remko2005-07-101-0/+159
* Document phppgadmin -- "formLanguage" local file inclusion vulnerability.simon2005-07-091-0/+34
* Document pear-XML_RPC -- information disclosure vulnerabilities.simon2005-07-091-0/+31
* Document ekg -- insecure temporary file creation.simon2005-07-091-0/+29
* Document bugzilla -- multiple vulnerabilities.simon2005-07-091-0/+40
* Document nwclient -- multiple vulnerabilities (old issues).simon2005-07-091-0/+41
* Add CAN reference to recent phpbb vulnerability.simon2005-07-071-0/+2
* Document acroread -- insecure temporary file creation.simon2005-07-071-0/+40
* Document two calmav vulnerabilities.simon2005-07-071-0/+87
* - Add FreeBSD-SA-05:16.zlib.simon2005-07-071-17/+51
* Document acroread -- buffer overflow vulnerability.simon2005-07-071-0/+41
* Document net-snmp -- remote DoS vulnerability.simon2005-07-061-0/+29
* Document cacti -- multiple vulnerabilities.simon2005-07-061-0/+63
* - Add another reference to bzip2 -- denial of service and permissionsimon2005-07-061-0/+68
* Document the following issues:hrs2005-07-031-0/+61
* Add certvu reference to kernel -- TCP connection stall denial of servicesimon2005-07-031-0/+2
* Add FreeBSD-SA-05:13.ipfw, FreeBSD-SA-05:14.bzip2, andsimon2005-06-301-0/+142
* Document ethereal -- multiple protocol dissectors vulnerabilities.simon2005-06-251-0/+131
* Document tor -- information disclosure.hrs2005-06-241-0/+29
* Document linux-realplayer -- RealText parsing heap overflow.hrs2005-06-241-0/+31
* Document ruby -- arbitrary command execution on XMLRPC server.hrs2005-06-231-0/+33
* - net/cacti - potential SQL injection and cross site scripting attackssem2005-06-211-0/+24
* Document three opera issues.simon2005-06-211-0/+109
* Document sudo -- local race condition vulnerability.simon2005-06-211-0/+34
* Add another reference to the latest tcpdump issue.simon2005-06-211-0/+2
* - Add entry for trac -- file upload/download vulnerability.simon2005-06-211-10/+61
* - razor-agents DoS vulnerabilitiessem2005-06-201-0/+29
* Fix year in <discovery> and <entry>.hrs2005-06-191-2/+2
* Document SpamAssassin -- Denial of service vulnerability.hrs2005-06-191-0/+36
* Document squirrelmail -- Several cross site scripting vulnerabilities.hrs2005-06-191-0/+33
* Document acroread -- XML External Entity vulnerability.hrs2005-06-191-0/+29
* Use standard topic format for gzip vulnerability.simon2005-06-181-1/+2
* Document FreeBSD-SA-05:11.gzip.simon2005-06-181-0/+55
* Document SA-05:10.tcpdump.simon2005-06-181-0/+41
* Document two vulnerabilities in Gaim.simon2005-06-181-0/+62
* Document an older, more serious gallery vulnerability.nectar2005-06-181-0/+25
* Document XSS vulnerabilities in gallery.nectar2005-06-181-0/+30
* Document KDE kstars vulnerability.nectar2005-06-181-0/+40
* Document fd_set overruns reported by 3APA3A.nectar2005-06-181-0/+49
* Document leafnode -- denial of service vulnerability.simon2005-06-091-0/+33
* Document a directory traversal issue in older GForge versions.nectar2005-06-041-0/+30
* Document an authentication bypass vulnerability in imap-uw.nectar2005-06-041-0/+27
* Document squid denial-of-service vulnerabilities.nectar2005-06-041-0/+29
* Document a remote denial-of-service vulnerability in racoon.nectar2005-06-041-0/+27
* Document integer overflows in xli.nectar2005-06-041-0/+26
* Document arbitrary command execution vulnerabilities in xli andnectar2005-06-041-0/+35
* Add new CVE names for yamt entry.nectar2005-06-041-0/+2
* Correct and improve recent xli entry:nectar2005-06-041-5/+15
* Correct recently added yamt entry:nectar2005-06-041-6/+19
* Buffer overflow in xli.trhodes2005-06-031-0/+24
* Fix breakage I caused.trhodes2005-06-031-1/+1
* Note buffer overflows and directory transversal issues in audio/ymat.trhodes2005-06-031-0/+25
* Update entry for FreeStyle Wiki:nectar2005-06-021-6/+14
* Document vulnerabilities in XView library.nectar2005-06-021-0/+31
* document a vulnerability in xtrlocknectar2005-06-021-0/+27
* Document vulnerabilities reported in the Red Hat 7.1 libraries.nectar2005-06-021-0/+36
* Document squirrelmail vulnerabilities.nectar2005-06-021-0/+59
* correct version number for mailman password generation issuenectar2005-06-011-1/+1
* Document vulnerability in set-user-ID sympa application.nectar2005-06-011-0/+28
* Another older mailman vulnerability, somewhat minornectar2005-06-011-0/+38
* Add year-old mailman vulnerability, that seems to not have beennectar2005-06-011-0/+32
* document Apache Jakarta Tomcat 5.x XSS issuenectar2005-06-011-0/+25
* Mark samba-2.2.12.j1.0beta1_2 as safe from "samba -- integer overflowsimon2005-05-291-1/+6
* - Update to 3.5.8 (including XSS problem fix).kuriyama2005-05-291-0/+28
* Remove a forgotten :.remko2005-05-221-1/+1
* Document the following issues:remko2005-05-221-0/+94
* Fix entry dates for latest squid entries.simon2005-05-201-5/+4
* Reword the cdrdao entry, this includes comments from Simon which i overlooked.remko2005-05-201-4/+4
* - Update Squid to 2.5.STABLE10pav2005-05-191-0/+58
* Document cdrdao -- unspecified privilege escalation vulnerability.remko2005-05-191-0/+28
* Document two gaim issues.simon2005-05-141-0/+69
* Add FreeBSD-SA-05:09.htt.nectar2005-05-141-0/+50
* $EDITOR should not be quoted. It might be "emacsclient -a vi" ornectar2005-05-131-1/+1
* MAINTAINER -> security@FreeBSD.orgnectar2005-05-131-1/+1
* Update some leafnode references.nectar2005-05-131-3/+45
* Document two new vulnerabilities in mozilla/firefox.simon2005-05-121-0/+183
* Document mozilla -- code execution via javascript: IconURL vulnerability.simon2005-05-121-0/+100
* Document some vulnerabilities in groff.okazaki2005-05-091-0/+55
* - gnu-radius exploitation was fixed in maintenance release 1.2.94sem2005-05-031-1/+2
* . Update the version for the jar(1) vulnerability so that 1.2.2p11_4 isglewis2005-05-031-2/+3
* Document sharutils -- unshar insecure temporary file creationremko2005-05-011-0/+30
* Document rsnapshot -- local privilege escalationremko2005-05-011-0/+31
* coppermine -- IP spoofing and XSS vulnerabilitybrooks2005-05-011-0/+35
* . Correct the range of vulnerable jdk14 ports for the jar(1) vulnerabilityglewis2005-04-291-2/+2
* Document ImageMagick -- ReadPNMImage() heap overflow vulnerability.simon2005-04-281-0/+30
* Bump modified date for last commit.simon2005-04-281-1/+2
* . Adjust ranges so that jdk-1.3.1p9_5 is no longer marked as vulnerable toglewis2005-04-281-2/+3