aboutsummaryrefslogtreecommitdiffstats
path: root/security
Commit message (Expand)AuthorAgeFilesLines
* Document a buffer overflow in ImageMagick's EXIF parser.simon2004-11-111-0/+26
* Correct recent Apache 2 entry to not match Apache 1.X.simon2004-11-111-1/+2
* Change the libident dependency from BUILD_DEPENDS to LIB_DEPENDS.knu2004-11-111-1/+2
* Document vulnerability in Apache 2 (CAN-2004-0942).josef2004-11-111-0/+26
* Update the libxml vulnerability to indicate the fixed version.marcus2004-11-111-1/+2
* Update to DAT 4406jeh2004-11-112-3/+3
* Bump 29 ports that use GCONF_SCHEMAS. Somehow, the diff of GNOME 2.8.x hasmezz2004-11-102-2/+2
* Add pear-File_Passwd, class to manipulate and authenticate against standard U...pav2004-11-104-0/+38
* Document a format string vulnerability in socat.simon2004-11-101-0/+33
* - Update to 2.0.2pav2004-11-102-3/+3
* Document remote buffers overflow in libxml and libxml2.simon2004-11-101-0/+32
* - Add a hint on complete removal when deinstallingsem2004-11-102-0/+39
* - Add a hint on complete removal when deinstallingsem2004-11-102-0/+39
* The bugs discovered by Chris Evans have been fixednectar2004-11-101-2/+2
* Add security/sks - SKS OpenPGP Key Server:sergei2004-11-108-0/+134
* Massive ports move to better categories.skv2004-11-093-7/+3
* Update to DAT 4405jeh2004-11-092-3/+3
* warn to create sasldb2 by yourself in BATCH mode.ume2004-11-091-0/+4
* Remove the md5crk port. The cracking effort was ended after atrevor2004-11-094-45/+0
* - Update to 2.2.0sem2004-11-0811-18/+820
* Fix pkgnames for mod_include vulnerability.josef2004-11-081-6/+6
* Update to KDE 3.3.1lofi2004-11-084-6/+24
* Document a virus detection evasion in p5-Archive-Zip.simon2004-11-081-0/+27
* Add gnomekeyringmanager.marcus2004-11-081-0/+1
* Bump PORTREVISIONS for all ports that depend on atk or pango to ease in themarcus2004-11-0811-7/+11
* Add some files missed in the previous GNOME 2.8 update.marcus2004-11-0812-0/+184
* Presenting GNOME 2.8 for FreeBSD (2.8.1 to be exact).marcus2004-11-0810-14/+96
* - Update to 20041106pav2004-11-062-3/+3
* - Fix plistpav2004-11-062-1/+2
* Document mod_include vulnerability in apache and related ports.josef2004-11-061-0/+54
* - Upgrade to 2.2.0sem2004-11-0614-21/+2082
* - drop objects for win and vmsdinoex2004-11-061-0/+14
* - cleanup fipsdinoex2004-11-063-6/+17
* Update to 1.1kevlo2004-11-062-3/+3
* Document an insecure temporary file creation in postgresql-contrib.simon2004-11-061-0/+31
* Bump modified date in the entry for the last commit.simon2004-11-061-0/+1
* Update latest mpg123 entry to note that the port is fixed in the mostsimon2004-11-061-1/+1
* - Update to 2.2.0pav2004-11-064-21/+8
* There was a gd 1.X port with portepoch 2 for a while, so let the gdsimon2004-11-051-0/+1
* Document an integer overflow in the GD Graphics Library.simon2004-11-051-0/+33
* Add p5-POE-Component-SSLify 0.03, integrate SSL into POE.skv2004-11-055-0/+43
* Add p5-Filter-Crypto 1.00,skv2004-11-055-0/+75
* - Update to 20041101pav2004-11-0511-161/+181
* Add pinentry-gtk2, a GTK+ 2.0 version of the GnuPG password dialoglofi2004-11-052-0/+21
* Fix some brainos.lofi2004-11-051-6/+7
* Add hooks for new -gtk2 slaveport.lofi2004-11-053-4/+42
* - Update to 2.0.1pav2004-11-042-3/+3
* Correct entry date for the putty entry.simon2004-11-041-1/+1
* Document vulnerability in puttyjosef2004-11-041-0/+28
* - add patch files and unbreak this portleeym2004-11-044-8/+25
* Add an entry for a wzdftpd remote DoS.simon2004-11-041-0/+22
* Updates to the bogofilter entry:simon2004-11-041-1/+4
* Update to DAT 4404jeh2004-11-042-3/+3
* - Update to 4.0.5pav2004-11-032-3/+3
* - Update to 2.0.0pav2004-11-034-32/+23
* Update linux-openmotif to 2.2.4 to fix the security.mezz2004-11-021-1/+4
* A long-overdue dequoting of COMMENT. D'oh, I thought I'd done this,roam2004-11-023-3/+3
* - update to 1.1clsung2004-11-012-3/+3
* Update to 1.7.6.marcus2004-10-313-18/+17
* Add a sudo dependency and dependency on libutil.cy2004-10-303-0/+9
* Correct some tty handling problems.cy2004-10-306-18/+375
* Update to DAT 4403jeh2004-10-302-3/+3
* Update to DAT 4402jeh2004-10-292-3/+3
* Repair handling of ptys.cy2004-10-296-0/+129
* Introduce sudosh (sudo shell) into the Ports Tree.cy2004-10-2913-0/+100
* - Security Update to 0.56dinoex2004-10-282-3/+3
* Document rssh format string vulnerability.josef2004-10-281-0/+26
* - Update to 0.23pav2004-10-283-10/+10
* Update to DAT 4401jeh2004-10-282-3/+3
* Remove a DAT file that didn't completely download because it is not usefuljeh2004-10-281-11/+11
* Fix build on 4-stablevanilla2004-10-2718-3/+165
* Fix build on 4-stable.vanilla2004-10-276-3/+42
* Create a VuXML entry for Horde XSS help window vulnerability to replacenectar2004-10-272-1/+28
* - update to 1.0clsung2004-10-272-4/+4
* - Bugfix update to 0.9.7edinoex2004-10-276-59/+49
* Add an entry for a vulnerability fixed in horde-2.2.7.thierry2004-10-271-0/+1
* Chase libraries for new devel/libidn version.krion2004-10-262-2/+4
* Document a denial-of-service issue in bogofilter.nectar2004-10-261-0/+33
* Fix integer overflow vulnerabilities.nork2004-10-261-1/+4
* Document xpdf 2 and xpdf 3 vulnerabilities.nectar2004-10-261-0/+38
* Document several security issues in gaim, fixed in various versions fromnectar2004-10-261-5/+222
* Note that the Red Hat based linux_base ports containnectar2004-10-261-1/+2
* Braino: install the file with correct name.des2004-10-251-1/+4
* Clean up time for email addresses MIA!edwin2004-10-251-1/+1
* Add Auth_HTTP 2.0 from PEAR.des2004-10-254-0/+32
* Update to 2.1.20.ume2004-10-256-98/+91
* Document SSL_Cypherbypass vulnerability in mod_ssljosef2004-10-251-0/+71
* Add entries for vulnerabilites in imported xpdf code in kdegraphicslofi2004-10-241-0/+2
* fix unprev. IPv6 for FreeBSD 4oliver2004-10-242-3/+216
* - fix building problem and unbreak this portleeym2004-10-244-23/+27
* - Document more buffer overflows in mpg123.simon2004-10-241-0/+37
* I suck. (Correct a typo that would have been readily detected ifnectar2004-10-221-1/+1
* Add CVE name for cabextract issue.nectar2004-10-221-0/+2
* Fix a copy/paste typo in last commit.simon2004-10-221-1/+1
* Document DoS in Apache 2 SSL handling.simon2004-10-221-0/+37
* Mark deprecated due to no maintainer and unpatched denial-of-servicenectar2004-10-221-0/+3
* Note that xpm has been fixed.nectar2004-10-221-2/+8
* - bump PORTREVISION after update dependency.leeym2004-10-211-0/+1
* add procmail into dependency list.leeym2004-10-211-1/+2
* - Fix OPTIONS handlingpav2004-10-211-2/+2
* Update entry regarding INN 2.4.x buffer overflow:nectar2004-10-211-2/+3
* Document remote command execution vulnerability in phpMyAdmin.simon2004-10-211-0/+32
* - don't delete the virus database on deinstalldinoex2004-10-211-2/+2
* Update 1.3.4 --> 1.3.5cy2004-10-2120-196/+16
* Document insecure directory handling in cabextract.simon2004-10-211-0/+24
* - Update to 1.1 (final). For changes since 1.1-beta see the ChangeLogmarius2004-10-219-119/+159
* Chase the Gaim 1.0.2 upgrade.marcus2004-10-212-2/+2
* Update to DAT 4400jeh2004-10-212-3/+3
* Base if the last update was successful on the dontents of file_id.diz,jeh2004-10-211-2/+2
* Fix code so it is favored by both GCCs (2.x and 3.x), and unbreak the build.danfe2004-10-2012-4/+454
* - Update to 0.0.14pav2004-10-202-3/+3
* - Update to 0.0.18pav2004-10-203-8/+23
* - Update to 20041019sergei2004-10-202-3/+3
* Set correct entry date for the a2ps issue.simon2004-10-201-1/+1
* Document insecure command line argument handling in a2ps.simon2004-10-201-0/+41
* Document a vulnerability in ifmail. (There does not existnectar2004-10-201-0/+25
* - update to version 3.75eik2004-10-205-22/+7
* Document a vulnerability in imwheel.nectar2004-10-191-0/+35
* Add CVE names for FreeRADIUS vulnerabilities.nectar2004-10-191-1/+6
* Updated to 0.7askv2004-10-194-7/+7
* Document NTLM authentication vulnerability in squidjosef2004-10-191-0/+26
* Document a SQL command injection in Cacti.simon2004-10-191-0/+26
* - update to 0.80 releaseeik2004-10-182-3/+3
* Document a format string vulnerability in the apache13 mod_ssl proxysimon2004-10-181-0/+46
* - Change a few uses of <url> into <mlist>.simon2004-10-171-3/+3
* - Quick update to 0.0.8.1, bugfix release, because 0.0.8 was removedpav2004-10-174-6/+6
* - Update to 1.8.12 and unbreak on 5.xpav2004-10-162-8/+4
* Add clamassassinleeym2004-10-164-0/+46
* - Document remote DoS and loss of anonymity in Tor.simon2004-10-161-1/+35
* [1]:oliver2004-10-167-234/+154
* Update to 2.4.2.1krion2004-10-162-3/+3
* Kill off automake18, switching to automake19. Requiem Mors Pacem.ade2004-10-161-1/+2
* - Don't clobber portsentry.ignore on upgradepav2004-10-162-2/+4
* - pwauth must have a SUID bitclement2004-10-151-0/+1
* - Reduce dependency with perl-5.8.kuriyama2004-10-151-6/+11
* -Update to 2.1.3.mezz2004-10-1512-12/+565
* Update to 0.3.4.marcus2004-10-152-3/+3
* lesstif has been upgraded to a version that is not affected by thenectar2004-10-151-1/+1
* Recommit my changes from 1.298 which was accidently removed in 1.299.simon2004-10-151-2/+3
* Document two seperate security vulnerabilities injosef2004-10-151-3/+52
* Change the Xerces-C++ entry to match the xerces-c2 port.simon2004-10-151-2/+3
* Update to DAT 4399jeh2004-10-152-3/+3
* - bump PORTREVISIONclsung2004-10-142-1/+2
* - update to 0.80rc4eik2004-10-1411-147/+121
* Add security/pwauth 2.2.8,clement2004-10-147-0/+105
* Upgrade to 2.1.2.vanilla2004-10-143-15/+6
* Upgrade to 2.0.2vanilla2004-10-149-801/+144
* Upgrade to 2.0.2.vanilla2004-10-149-381/+351
* - drop maintainershipdinoex2004-10-143-3/+3
* - add a line why this port existdinoex2004-10-142-1/+3
* - update to 0.9.6clsung2004-10-145-26/+24
* Document vulnerability in freeradius.josef2004-10-141-0/+26
* - Document DoS in Xerces-C++.simon2004-10-141-1/+31
* It turns out that lesstif has libXpm sneakily embedded. There are atnectar2004-10-141-1/+5
* Document XSS in wordpress.simon2004-10-141-0/+24
* Document integer overflows in libtiff.nectar2004-10-141-0/+25
* - Document a CUPS local information disclosure.simon2004-10-141-0/+32
* Document a vulnerability in Zinf (freeamp).josef2004-10-141-0/+27
* Update to DAT 4398jeh2004-10-142-3/+3
* - Update to 20041012pav2004-10-142-3/+3
* - Update to 4.4.7pav2004-10-142-3/+3
* Document libtiff RLE decoder issues.nectar2004-10-141-0/+26
* Update to 1.33krion2004-10-132-3/+3
* - update to version 3.71-PRE1eik2004-10-132-8/+15
* Update to version 1.5markus2004-10-132-5/+5
* The sharutils buffer overflows has been fixed in sharutils 4.2.1_2.simon2004-10-131-1/+1
* - Update to 1.0.21sergei2004-10-132-9/+17
* Use libtool 15arved2004-10-131-1/+1
* Adjust patch.lofi2004-10-131-3/+3
* Update: security/samhain 1.8.10b -> 1.8.11edwin2004-10-132-8/+8
* - add USE_GCC=2.95 and unbreak this portleeym2004-10-131-4/+4
* Document a vulnerability in sharutils.simon2004-10-131-0/+31
* Document 2 DoS attacks possible againstjosef2004-10-131-0/+27
* - Update to 1.1.3leeym2004-10-134-15/+11
* ale@ reports that the only ports affected are php[45], php[45]-cgi,nectar2004-10-121-124/+2
* Note squid SNMP DoS. Based on an entry that wasnectar2004-10-121-0/+32
* add WITH_AUTHDAEMON option to allow use of courier authdaemond.ume2004-10-121-0/+4
* Update to version 0.3.6krion2004-10-124-22/+5
* Update to 4397jeh2004-10-122-3/+3
* Update to 1.4mat2004-10-122-3/+12
* Update to 1.1.8.linimon2004-10-122-3/+3
* - Upgrade to 2.2.0 [1]sergei2004-10-124-44/+45
* - Explicitly specify prefix for iconv and gettext librariessergei2004-10-122-3/+11
* Update to 1.1.7.linimon2004-10-122-3/+3
* Add an entry for a XSS vulnerability fixed in IMP-3.2.6.thierry2004-10-121-0/+1
* - new option WITH_OPENSSH_CHROOTdinoex2004-10-124-48/+124
* - cleanup patchesdinoex2004-10-1210-42/+42
* - add patch to support AES-192-CBC and AES-256-CBCdinoex2004-10-121-0/+210
* [MAINTAINER UPDATE] security/freebsd-updateedwin2004-10-122-0/+12
* The documented xv vulnerabilities were fixed by dinoex@nectar2004-10-121-1/+2
* Note that the image decoding vulnerabilities in gdk-pixbuf have beennectar2004-10-121-2/+5
* Document older cyrus-sasl bug affecting DIGEST-MD5.nectar2004-10-121-0/+23
* Update the description of and list of packages affected by the PHP filenectar2004-10-121-14/+134
* Update to 0.5.6lofi2004-10-122-3/+3
* Update to 1.9.11lofi2004-10-123-4/+4
* Update to 0.9.9lofi2004-10-122-3/+3
* Update to 0.6.7lofi2004-10-122-3/+3
* Update to 2.31.marcus2004-10-126-6/+18
* - Update to 0.0.8pav2004-10-126-14/+16
* - Update to 2.0pav2004-10-124-5/+36
* - Update to 1.34pav2004-10-122-8/+6
* - Update to 2.4.0pav2004-10-122-3/+3
* Fix build with bind9 in the base system.marcus2004-10-111-3/+8
* Fix build on ia64krion2004-10-101-3/+8
* fix http://vuxml.freebsd.org/92268205-1947-11d9-bc4a-000c41e2cdad.htmlume2004-10-092-1/+17
* Document unsafe use of environmental variable SASL_PATH in cyrus-sasl.nectar2004-10-091-0/+31
* Mark IGNORE because the package somehow includes a dangling symlink, i.e.kris2004-10-071-0/+2
* Fix the code so GCC 3.4.2 likes it better, and unbreak.danfe2004-10-062-7/+10
* Add some more apache ports.trhodes2004-10-061-2/+14
* Add imp3 issue, add apache13-ssl issue, correct a tag.trhodes2004-10-061-2/+31
* Note that older packages of bmon were dangerously installed set-user-ID.nectar2004-10-051-0/+25
* Document GnuTLS denial-of-service (already mentioned in portaudit'snectar2004-10-051-0/+39
* Record another PHP vulnerability.nectar2004-10-051-0/+45
* Record another PHP security issue.nectar2004-10-051-1/+50
* Note that xv should not be used.nectar2004-10-051-0/+40
* Note a symlink vulnerability in getmail.nectar2004-10-051-0/+28
* Fill in empty topic from previous commit.nectar2004-10-051-1/+1
* Record FreeBSD-SA-04:15.syscons.nectar2004-10-051-0/+38
* Add missing PORTEPOCH for samba.nectar2004-10-041-1/+1
* Note racoon certificate verification bug.nectar2004-10-041-0/+26
* Note distcc IP address ACL bug.nectar2004-10-031-1/+27
* Remove a duplicate entry.nectar2004-10-031-56/+5
* Correct the version number for latest Mozilla entry.nectar2004-10-011-4/+4
* Document the last few of the relatively recent Mozilla vulnerabilities.nectar2004-10-011-0/+110
* Correct mangled CVE name: s/8983/0903/nectar2004-10-011-1/+2
* Add another two older vulnerabilities affecting Mozilla & co.nectar2004-10-011-8/+161
* Don't forget `ja-samba' also.nectar2004-10-011-0/+1
* Note samba file disclosure vulnerability.nectar2004-10-011-0/+31
* Increase USE_GCC to 3.4 for those ports which compile with it.kris2004-09-302-2/+2
* Fix apache version number entry, bump modified date for apache as well.trhodes2004-09-301-2/+2
* BROKEN on 5.x: Does not compilekris2004-09-291-0/+4
* BROKEN on 5.x: Does not compilekris2004-09-291-1/+7
* Make an initial attempt at covering all Mozilla/Firefox/Thunderbirdnectar2004-09-291-9/+36
* Correct spelling of phpnuke package name.nectar2004-09-281-1/+2
* Note BMP decoder flaws in Mozilla/Firefox/Thunderbird.nectar2004-09-281-0/+48
* Note stack buffer overflow in Mozilla mail.nectar2004-09-281-1/+41
* Document Mozilla/Firefox/Thunderbird heap buffer overflows.nectar2004-09-281-0/+57
* Correct the package name for phpMyAdmin.nectar2004-09-281-1/+2
* Correct another typo. :-(kris2004-09-281-1/+1
* Correct typo in previouskris2004-09-281-1/+1
* Now builds on amd64kris2004-09-281-2/+2
* Add CERT Vulnerability Note references to xpm entry.nectar2004-09-271-1/+3
* Note two older vulnerabilities in PHP.nectar2004-09-271-0/+111
* Note subversion information disclosure vulnerability.nectar2004-09-271-0/+36
* Add missing PORTEPOCH in a mozilla entry.nectar2004-09-271-3/+5
* BROKEN on 5.x: Does not compilekris2004-09-264-1/+19
* BROKEN: Does not buildkris2004-09-261-0/+2
* BROKEN on 5.x: Does not compilekris2004-09-261-1/+7
* Forgot to add <modified> element for last commit.nectar2004-09-251-0/+1
* Add missing PORTEPOCH on one of the mozilla entries.nectar2004-09-251-1/+1