aboutsummaryrefslogtreecommitdiffstats
path: root/security
Commit message (Collapse)AuthorAgeFilesLines
* Update to 20100624garga2010-06-252-5/+6
| | | | Feature safe: yes
* - Cancelled movemail symlink vulnerability (doesnt affect our ports)niels2010-06-241-61/+36
| | | | | | | | - Added entry for multiple vulnerabilities in cacti 0.8.7f - Updated ziproxy entry to satisfy "make tidy" Approved by: itetcu (mentor, implicit) Feature safe: yes
* Updated to version 1.41bniels2010-06-242-4/+4
| | | | | Approved by: itetcu (mentor, implicit), maintainer (implicit) Feature safe: yes
* RF -> RG Conversion (Part II)pgollucci2010-06-241-1/+1
| | | | | | | | | | PR: ports/147844 Submitted by: pgollucci (myself) Reviewed by: portmgr (flz) Discussed with: portmgr (pav) Tested by: make checksum Feature safe: yes
* - Document mozilla -- multiple vulnerabilitiesbeat2010-06-241-0/+66
| | | | | Feature safe: yes Approved by: delphij
* Update to 3.28.lx2010-06-232-5/+4
| | | | | | PR: ports/148008 Submitted by: ehaupt@ Feature safe: yes
* - Update security/gpgme to version 1.3.0.dougb2010-06-237-77/+521
| | | | | | | | | | | | | | | | | | | - No shlib bump. - This version works with libassuan 2.x and is needed to fix the build of security/gpa due to dependency conflicts. - Add LICENSE PR: ports/148061 - Fix the build of security/gpa with libassuan 2.x - Patch for server.c taken from gpa svn. - Add LICENSE while here. PR: ports/148062 Submitted by: Jason E. Hale <bsdkaffee@gmail.com> (maintainer) Feature safe: yes
* - Update to version 3.3.1, now with Qt4 GUI instead of Gtk+2!danfe2010-06-225-76/+40
| | | | | | | | | | - Introduce OPTIONS (enable GUI, but disable graph rendering since `x11-toolkits/qwt5' is built with Qt Designer plugin by default, which pulls rather heavy `devel/qt4-designer' dependency) - Remove now-inaccurate pkg-message; please consult README instead - Get rid of pkg-plist and simplify port overall Feature safe: yes
* Update to 20100201rene2010-06-222-6/+4
| | | | | | | PR: ports/147863 Submitted by: maintainer Approved by: tabthorpe (mentor) Feature safe: yes
* - Update to version 1.7.6danfe2010-06-223-10/+13
| | | | | | - Use ${ECHO_CMD} instead of ${ECHO} directly Feature safe: yes
* - Update to 5.2imiwi2010-06-204-41/+32
| | | | | | PR: 147778 Submitted by: Gerard Seibert <gerard@seibercom.net> (maintainer) Feature safe: yes
* Reset jmelo@FreeBSD.org due to many months of inactivity and no responselinimon2010-06-192-2/+2
| | | | | | | to PRs. Hat: portmgr Feature safe: yes
* - Unbreak with fixed pkg-plistglarkin2010-06-192-6/+3
| | | | | | | PR: ports/147130 Submitted by: Damian Gerow <dgerow at afflictions dot org> Approved by: maintainer timeout (skv - 3 weeks) Feature safe: yes
* vuln 4e8344a3-ca52-11de-8ee8-00215c6a37bb has been fixed withdelphij2010-06-181-2/+2
| | | | | | php4-gd-4.4.9_4. Requested by: Michael Gmelin <mg bindone de>
* Update to version 2.0.15, which has the following changes:dougb2010-06-182-13/+10
| | | | | | | | | | | | | * New command --passwd for GPG. * Fixes a regression in 2.0.14 which prevented unprotection of new or changed gpg-agent passphrases. * Make use of libassuan 2.0 which is available as a DSO. For the port: * Since libassuan is now a shared lib, move it LIB_DEPENDS * Remove now-spurious CONFLICTS Approved by: maintainer
* Upgrade to version 1.1.0, which has the following changes:dougb2010-06-182-8/+19
| | | | | | | | | | | | | | | * Fixed a resource problem with LDAP CRLs. * Fixed a bad EOF detection with HTTP CRLs. * Made "dirmngr-client --url --load-crl URL" work. * New option --ignore-cert-extension. * Make use of libassuan 2.0 which is available as a DSO. For the port: * Add the verify target to check the PGP signature of the distfile * Since libassuan is now a shared lib, move it LIB_DEPENDS * The infrastructure for disabling NLS was already present, so add an OPTION Approved by: maintainer
* Update to week 24 snapshotjpaetzel2010-06-172-5/+6
| | | | | | PR: 147850 Submitted by: Eric F Crist <ecrist@secure-computing.net> Approved by: itetcu@ (mentor)
* Fix typo in previous revision.erwin2010-06-161-1/+1
|
* - Cleanup, Formatingmiwi2010-06-161-12/+11
|
* add CVE-2009-2347 tiffdinoex2010-06-161-0/+36
|
* Document linux-flashplugin -- multiple vulnerabilities.nox2010-06-161-0/+66
| | | | Reviewed by: tmclaugh
* - Adopt unmaintained ports.ashish2010-06-1430-30/+30
| | | | Approved by: pgj, tabthorpe (mentors)
* Check that at least one frontend is selectedmakc2010-06-141-1/+5
| | | | Allow slave ports to override PORTREVISION
* - Update to 1.2.6gahr2010-06-142-6/+9
| | | | | PR: 147846 Submitted by: Sofian Brabez <sbrabez@gmail.com> (maintainer)
* Add LICENSE information to my ports where the right answer is obviousdougb2010-06-142-0/+4
|
* Fix port name on the LEFT side of the : for BUILD_DEPENDSdougb2010-06-143-3/+3
| | | | While I'm here update to the current version of libassuan-1 (1.0.5)
* - Cleanup / Whitespace fixesmiwi2010-06-141-15/+14
|
* Update security/libassuan to version 2.0.0, which is required by gnupg 2.0.15dougb2010-06-1411-21/+73
| | | | | | | | | | | | | | | Unfortunately version 2.0.0 is largely incompatible with version 1.x, so it is necessary to have a stopgap measure while ports that depend on libassuan can be updated. In conversation with the maintainers of the dependent ports it was originally considered ideal to prepare updates for the ports first, then upgrade everything to libassuan 2.x en masse. Since no action has arisen on that front, go with plan B: Copy security/libassuan to security/libassuan-1, and update the dependent ports accordingly. Because this is (intended to be) a _temporary_ measure, and because no updates for libassuan 1.x are anticipated, and because the hope is that it can be removed sooner rather than later, it's a copy instead of a repocopy.
* Update to 3.7.1wxs2010-06-134-11/+10
| | | | | PR: ports/147663 Submitted by: Marko Njezic <sf@maxempire.com> (maintainer)
* Add LICENSE* informationlioux2010-06-131-0/+3
|
* Switch MAINTAINER line to FreeBSD address.mandree2010-06-131-1/+1
| | | | Approved by: garga (mentor, implicit)
* Remove empty package in previous revision.erwin2010-06-131-4/+0
|
* - report FAX3 decoder buffer overrundinoex2010-06-131-0/+40
|
* Fix typo: s/WITHOUT_/NO/ale2010-06-121-2/+2
|
* This port is useless with FreeBSD < 7.ale2010-06-121-2/+6
|
* set UNIQUENAME, thus fix slave ports after switching to USE_LDCONFIG.makc2010-06-121-0/+2
| | | | Reported by: pointyhat
* Fix the build on powerpc64. By adding CPU_ARCH detection.kwm2010-06-122-1/+48
| | | | | | | And by adding some G5-specific code in mpcpucache.c to detect cacheline sizes. PR: ports/147696 Submitted by: nwhitehorn@
* - ease fetchingdinoex2010-06-121-5/+5
|
* - update dtls-heartbeats.patchdinoex2010-06-121-3/+3
| | | | | PR: 147787 Submitted by: Nagilum
* - Update to 0.20 [1]skv2010-06-112-6/+7
| | | | | | | | | - Fix BUILD_DEPENDS - Change maintainer to perl@ Changes: http://cpansearch.perl.org/src/APOCAL/POE-Component-SSLify-0.20/Changes PR: ports/147510 [1] Submitted by: Jase Thew <freebsd@beardz.net> [1]
* - Change my maintainer address.ashish2010-06-111-1/+1
| | | | Approved by: pgj (mentor)
* - Update to 0.5.0gahr2010-06-112-4/+4
| | | | | PR: 147432 Submitted by: Sofian Brabez <sbrabez@gmail.com>
* - add COPYRIGHTdinoex2010-06-112-0/+5
|
* - Pass to ruby@pgollucci2010-06-111-1/+1
| | | | Approved by: daniel@roe.ch (previous maintainer) via private e-mail
* - Update to 0.4.4avl2010-06-115-28/+5
|
* - Update to 1.10pgollucci2010-06-102-4/+4
| | | | | With Hat: perl@ Changes: http:/search.cpan.org/dist/PerlCryptLib/Changes
* - Parameterized more command names and paths to ensure that installationglarkin2010-06-104-14/+15
| | | | works with non-standard build settings.
* Convert LDCONFIG_DIRS to USE_LDCONFIG.makc2010-06-091-2/+2
| | | | | | PR: based on ports/146365 Submitted by: Alex Kozlov <spam at rm-rf.kiev.ua> Approved by: maintainers timeout (two weeks)
* Add missing shibboleth2-sp entry.wxs2010-06-091-0/+1
| | | | Noticed by: itetcu@
* - Drop maintainershipgabor2010-06-0830-30/+30
|
* - Use BerkeleyDB 4.2 if compiled with WITH_BDB. Using 4.1, which wasgabor2010-06-081-1/+2
| | | | | | | | indirectly pulled in by dependencies, has a serious performance problem. - Bum PORTREVISION Requested by: Andy Dills <andy@xecu.net> (via private mail)
* - Use LOCAL macropgollucci2010-06-082-6/+2
| | | | | | - Kill 2 dead mirrors in security/ruby-blowfish With Hat: ruby@
* - Convert to RF macropgollucci2010-06-081-2/+1
| | | | With Hat: ruby@
* PBKDF2 is a secure password hashing algorithm that uses the techniques ofmiwi2010-06-075-0/+71
| | | | | | | | | | | | | | | | | "key strengthening" to make the complexity of a brute-force attack arbitrarily high. PBKDF2 uses any other cryptographic hash or cipher (by convention, usually HMAC-SHA1, but Crypt::PBKDF2 is fully pluggable), and allows for an arbitrary number of iterations of the hashing function, and a nearly unlimited output hash size (up to 2**32 - 1 times the size of the output of the backend hash). The hash is salted, as any password hash should be, and the salt may also be of arbitrary size. See also: RFC2898, PKCS#5 version 2.0: http://tools.ietf.org/html/rfc2898 WWW: http://search.cpan.org/dist/Crypt-PBKDF2/ PR: ports/146847 Submitted by: Victor Popov <v.a.popov at gmail.com>
* - update to openssl-1.0.0adinoex2010-06-064-75/+19
| | | | | Security: CVE-2010-1633 this problem was already fixed in 1.0.0 with option WITH_DTLS_BUGS
* - Update to 0.5miwi2010-06-062-4/+4
| | | | | PR: 146833 Submitted by: Joris Dedieu <joris.dedieu@gmail.com> (maintainer)
* - Update to 2.0.23pgollucci2010-06-062-4/+4
|
* - Pass maintainership to submittermiwi2010-06-061-1/+1
| | | | | PR: 147478 Submitted by: Anderson Eduardo <anderson@secover.com.br>
* The update utility is designed to download and save updates and modulesmiwi2010-06-065-0/+67
| | | | | | | | | | | | | | | of the Kaspersky Lab's applications into a separate folder. With the help of the utility you can download updates for selected Kaspersky Lab's applications installed either in your network or at a home PC. The utility has a function for saving downloaded updates and autopatches in a local folder, a network folder connected as a disc to the computer file system, or onto a flash-carrier. WWW: http://support.kaspersky.com/updater?level=2 PR: ports/147116 Submitted by: Gvozdikov Veniamin <g.veniamin at googlemail.com>
* - Update to 20100601miwi2010-06-062-4/+7
| | | | | PR: 147433 Submitted by: Bapt <baptiste.daroussin@gmail.com> (maintainer)
* LICENSE GPLv2dinoex2010-06-062-0/+4
|
* - Update to 1.0.4miwi2010-06-062-4/+4
| | | | | PR: 147443 Submitted by: Anish Mistry <amistry@am-productions.biz> (maintainer)
* Perl encrypt stuff simplymiwi2010-06-065-0/+41
| | | | | | | WWW: http://search.cpan.org/dist/Crypt-Simple/ PR: ports/147284 Submitted by: Alexander Kriventsov <avk at vl.ru>
* Fix bashisms (source FILE -> . FILE)mandree2010-06-051-0/+4
| | | | | | | | | | | replace shebang-lines /bin/bash -> /bin/sh bump portrevision (changed files) based on: PR: ports/147472 Submitted by: Olli Hauer <ohauer@gmx.de> Approved by: miwi (mentor)
* LICENSE BSDdinoex2010-06-041-0/+2
|
* - LICENSE GPLv3dinoex2010-06-041-0/+2
|
* - Update to 0.5.19wen2010-06-042-5/+4
|
* Does not compile on sparc64.linimon2010-06-041-0/+4
| | | | Hat: portmgr
* Mark broken on sparc64.linimon2010-06-041-0/+4
| | | | Hat: portmgr
* - Update to 0.28wen2010-06-042-4/+4
|
* Update to latest snapshotjpaetzel2010-06-043-5/+6
| | | | | | PR: ports/147330 Submitted by: Eric F Crist <ecrist@secure-computing.net> Approved by: itetcu@ (mentor)
* - Update to 2.0.22pgollucci2010-06-042-4/+4
|
* Mark as broken on powerpc.linimon2010-06-031-1/+7
| | | | Hat: portmgr
* - Update to 2.0.21pgollucci2010-06-032-4/+4
|
* Update to 1.7.2p7.wxs2010-06-032-5/+5
| | | | Security: d42e5b66-6ea0-11df-9c8d-00e0815b8da8
* Document sudo secure path vulnerability. We are not vulnerable to this bywxs2010-06-031-0/+37
| | | | | default but a user could build sudo with SUDO_SECURE_PATH defined or turn it on in sudoers.
* - Chase net-snmp shlib bumpsylvio2010-06-032-2/+4
|
* - Update to 3.0.1pav2010-06-021-0/+27
| | | | | PR: ports/147195 Submitted by: Pavel Pankov <pankov_p@mail.ru> (maintainer)
* - Document two mediawiki security vulnerabilitieswen2010-06-021-0/+34
| | | | Approved by: delphij@(ports-security override)
* Attempt to fix build on powerpc.linimon2010-06-021-0/+11
| | | | Hat: portmgr
* Present KDE SC 4.4.4 for FreeBSD.makc2010-06-024-8/+6
|
* Update to 2.7.0.lx2010-06-022-4/+6
|
* Quantis is a physical random number generator exploitingale2010-06-017-0/+159
| | | | | | | | | an elementary quantum optics process. This port contains the user library and a CLI/GUI application to access such devices. WWW: http://www.idquantique.com/
* Quantis is a physical random number generator exploitingale2010-06-015-0/+72
| | | | | | | | | an elementary quantum optics process. This port contains the kernel driver to access Quantis PCI and PCIe devices. WWW: http://www.idquantique.com/
* Bounce PORTREVISION for gettext-related ports. Have fun, ya'll.ade2010-05-3138-20/+38
|
* - Mark BROKEN: Does not fetch.sylvio2010-05-311-0/+2
| | | | | PR: ports/146148 Submitted by: Gavin <ggcameron@gmail.com>
* Fix build error.cy2010-05-312-2/+2
|
* Add LICENSE and LICENSE_FILE to my ports.arved2010-05-313-0/+9
|
* - Update to 2.25sylvio2010-05-293-17/+8
| | | | | PR: ports/146933 Submitted by: Damian Gerow <dgerow@afflictions.org> (maintainer)
* - Update to 1.0.0wen2010-05-282-7/+7
| | | | - Pass maintainership to miwi@
* - Update to 2.0.16pgollucci2010-05-282-4/+4
|
* Make it buildable with db50.ume2010-05-272-0/+26
|
* - Mass conversion of RF -> RG for MASTER_SITE for rubygem- portspgollucci2010-05-272-2/+2
| | | | | | | | | [RG aka rubygems.org] PR: ports/147005 Submitted by: pgollucci (myself) Approved by: portmgr (pav) With Hat: ruby@
* - Update to 1.2.16johans2010-05-273-22/+95
| | | | - Remove dynamic plist generation
* - Update to 1.1.6wen2010-05-262-5/+5
| | | | - Update my mail to FreeBSD
* - Update to 0.2.1.26miwi2010-05-252-4/+4
|
* Update 4.0.0 build-2877 to 4.0.1 build-2929.cy2010-05-255-10/+21
|
* Update 4.0.0 --> 4.0.1.cy2010-05-255-8/+19
|
* Apply patch for MIT KRB5 security vulnerability MITKRB5-SA-2010-005.cy2010-05-252-1/+6
| | | | | | PR: 146939 Submitted by: wollman Security: MIT krb5 Security Advisory 2010-005
* Rename the following Haskell ports to bring them in sync with thepgj2010-05-257-47/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | HackageDB: archivers/hs-zip-archive-ghc -> archivers/hs-zip-archive devel/hs-binary-ghc -> devel/hs-binary devel/darcs -> devel/hs-darcs devel/hs-language-c-ghc -> devel/hs-language-c devel/hs-lazysmallcheck-ghc -> devel/hs-lazysmallcheck devel/hs-pcre-light-ghc -> devel/hs-pcre-light devel/hs-utf8-string-ghc -> devel/hs-utf8-string graphics/hs-HGL-ghc -> graphics/hs-HGL ports-mgmt/porte -> ports-mgmt/hs-porte security/hs-digest-ghc -> security/hs-digest textproc/hs-haxml -> textproc/hs-HaXml textproc/hs-highlighting-kate-ghc -> textproc/hs-highlighting-kate textproc/hs-polyparse-ghc -> textproc/hs-polyparse textproc/pandoc -> textproc/hs-pandoc x11/hs-x11-ghc -> x11/hs-X11 x11/hs-x11-xft-ghc -> x11/hs-X11-xft x11/xmobar -> x11/hs-xmobar x11-toolkits/hs-opengl-ghc -> x11-toolkits/hs-OpenGL x11-toolkits/hs-OpenGLRaw-ghc -> x11-toolkits/hs-OpenGLRaw x11-toolkits/hs-GLURaw-ghc -> x11-toolkits/hs-GLURaw x11-toolkits/hs-glut-ghc -> x11-toolkits/hs-GLUT x11-wm/xmonad -> x11-wm/hs-xmonad x11-wm/xmonad-contrib -> x11-wm/hs-xmonad-contrib
* Unbreak.cy2010-05-242-4/+0
|
* Updated to version 0.4.3niels2010-05-244-132/+41
| | | | Approved by: itetcu (mentor, implicit)
* - Update gss to 1.0.1johans2010-05-244-16/+17
| | | | | - Update MASTER_SITE (GNU) - Note: shlib version bumped
* - Update shishi to 1.0.0johans2010-05-245-28/+10
| | | | | | - Update MASTER_SITE (GNU) - Remove custom patch (fixed upstream) - Note: shlib version bumped
* Fix an autotools dependency issue.cy2010-05-244-4/+4
| | | | | Thans to Mike Harding <mvharding@gmail.com> for allowing me to use one of his systems to debug this problem.
* The Tiny Encryption Algorithm in Perl and JavaScript.wen2010-05-245-0/+37
| | | | | | | WWW: http://search.cpan.org/~pjb/Crypt-Tea/ PR: ports/145303 Submitted by: Steve Wills <steve@mouf.net>
* - No longer broken on -current b/c of utmpx changespgollucci2010-05-241-4/+0
| | | | | | PR: ports/146384 Submitted by: pgollucci@ (myself), others Approved by: maintainer timeout (cy@, 16 days)
* Over to new volunteer.linimon2010-05-241-1/+1
|
* Reset perky@FreeBSD.org due to maintainer-timeouts and no responselinimon2010-05-242-2/+2
| | | | | | to email. Hat: portmgr
* - Mark BROKEN: does not configurepav2010-05-242-0/+4
| | | | Reported by: pointyhat
* - Fix to tap device in amd64sylvio2010-05-231-2/+11
| | | | | | PR: ports/146102 Submitted by: Alex Forencich <alex@alexforencich.com> Approved by: maintainer (timeout > 14days)
* Updated to version 1.3.03niels2010-05-232-4/+4
| | | | Approved by: itetcu (mentor, implicit)
* - Fix OPTIONS support for Cabal ports by introducingpgj2010-05-231-0/+2
| | | | | | | bsd.cabal.options.mk - Fix ports broken with non-default options Triggered by: Yuri Pankov <yuri.pankov@gmail.com>
* - Update to version 1.7.5 and the latest contributed patchset [*]danfe2010-05-224-39/+36
| | | | | | | | | - Prefer HTTP mirrors as they are generally more accessible than FTP ones - Install support scripts in addition to datafiles - Simplify PORTDOCS handling, utilize BUILD_WRKSRC, and clean up things PR: ports/146114 [*] Submitted by: lme
* Update Pidgin and friends to 2.7.0. Seemarcus2010-05-221-2/+2
| | | | | | | | http://developer.pidgin.im/wiki/ChangeLog for the list of changes. Also, enable Tcl 8.5 support. PR: 146607 Submitted by: dougb
* Fix build with OpenSSL 1.0makc2010-05-223-28/+283
| | | | | PR: ports/146615 Reported by: Gerard Seibert <gerard at seibercom.net>
* The xz utils and lzma library have been imported into base, so makenaddy2010-05-222-2/+2
| | | | | | the dependency on the archivers/xz port conditional on OSVERSION. Approved by: MAINTAINER
* Gcc 4.2+ is only needed to build clamav with LLVM/JIT support, remove thisgarga2010-05-212-2/+2
| | | | | | dependency when LLVM is not set. Submitted by: Guy Antony Halse <G.Halse@ru.ac.za>
* - update to 1.5.0dinoex2010-05-212-4/+4
|
* Update to 0.9.31 release.ale2010-05-202-4/+4
|
* Update to 2.7.1garga2010-05-202-6/+5
|
* A bunch of changes for the SQLITE3 backend:ale2010-05-207-87/+129
| | | | | | | | | 1) fix for bug #528467 (C_UnwrapKey didn't work with DSA and EC private keys) 2) fix for bug #526231 (C_GetAttributeValue didn't correctly work) 3) partial fix for bug #564011 (object ID race on keypairgen) 4) use sqlite3 in ports (there is no reason to compile the bundled one) Approved by: no objections by marcus and gnome team
* Fix HTTP headers handling. Bump PORTREVISION.tobez2010-05-202-0/+24
| | | | | | | This bug has been known for years, but have been ignored upstream (see https://rt.cpan.org/Public/Bug/Display.html?id=33954). Submitted by: brian
* - Fix when a Swatch rule has an "exec" action, child processes are notsylvio2010-05-201-0/+11
| | | | | | | | correctly cleaned up. PR: ports/136611 Submitted by: Thomas Quinot <thomas@cuivre.fr.eu.org> Approved by: Joseph Scott <joseph@josephscott.org> (maintainer)
* Update to 0.96.1garga2010-05-203-36/+6
|
* - Mark BROKEN: bad plistpav2010-05-181-0/+2
| | | | Reported by: pointyhat
* - Update to 1.4.1.1pgj2010-05-163-5/+32
| | | | - Import OPTIONS
* Update to week 19 tarballjpaetzel2010-05-152-4/+4
| | | | | | PR: ports/146594 Submitted by: Eric F Crist <ecrist@secure-computing.net> Approved by: itetcu@ (mentor)
* - Document multiple redmine vulnerabilitiesdecke2010-05-151-0/+26
| | | | | Approved by: miwi (secteam), beat (co-mentor) Security: http://www.redmine.org/news/39
* Properly install the missing org.freedesktop.secrets.service file.marcus2010-05-144-0/+22
| | | | | Reported by: Jonathan Chen <jonc@chen.org.nz> Obtained from: https://bugzilla.gnome.org/show_bug.cgi?id=611002
* Add AUTOTOOLS dependency when using packages as opposed to portscy2010-05-144-4/+4
| | | | to satisfy dependencies.
* Remove unnecessary dependency on autoconf/automakejohans2010-05-131-1/+0
|
* Updated tomcat entry (CVE-2010-1157) with fixed version information.niels2010-05-131-2/+2
| | | | | | | This makes sure that the correct older versions are marked vulnerable Approved by: itetcu (mentor, implicit) Security: http://www.vuxml.org/freebsd/3383e706-4fc3-11df-83fb-0015587e2cc1.html
* Introduce a new (and hopefully better) ports infrastructure for Haskell Cabalpgj2010-05-136-213/+40
| | | | | | ports which makes possible the direct translation of Cabal package descriptions to FreeBSD ports. It promises both easier addition and maintenance for Cabal-based ports.
* - Added 109 missing CVE names to 60 VuXML entriesniels2010-05-121-24/+171
| | | | | | | | - Fixed Tomcat55 entry to mark current PORTREVISION vulnerable PR: ports/146418 Approved by: itetcu (mentor, implicit) Security: http://people.freebsd.org/~niels/vuxml/
* Resolve autotools issue.cy2010-05-124-0/+4
| | | | Thanks to: pointyhat
* Switch to PLIST_FILESdougb2010-05-122-5/+2
| | | | | PR: ports/146508 Submitted by: Sunpoet Po-Chuan Hsieh <sunpoet@sunpoet.net>
* Add the info for the .sig filedougb2010-05-121-0/+3
|
* Adopt the orphan, add the verify target for the PGP signaturedougb2010-05-121-1/+6
|
* Update to 0.4.0.anders2010-05-122-4/+4
| | | | The new version has a much welcomed and useful search ability.
* - The FreeBSD KDE team is pleased to announce KDE SC 4.4.3 for FreeBSDfluffy2010-05-116-66/+88
| | | | With hat on: kde@
* Presenting GNOME 2.30.1 for FreeBSD. The offical release notes for thiskwm2010-05-1122-144/+284
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | release can be found at http://library.gnome.org/misc/release-notes/2.30/ . This release brings initial PackageKit support, Upower (replaces power management part of hal), cuse4bsd integration with HAL and cheese, and a faster Evolution. Sadly GNOME 2.30.x will be the last release with FreeBSD 6.X support. This will also be the last of the 2.x releases. The next release will be the highly-anticipated GNOME 3.0 which will bring with it a new UI experience. Currently, there are a few bugs with GNOME 2.30 that may be of note for our users. Be sure to consult the UPGRADING note or the 2.30 upgrade FAQ at http://www.freebsd.org/gnome/docs/faq230.html for specific upgrading instructions, and the up-to-date list of known issues. This release features commits by avl, ahze, bland, marcus, mezz, and myself. The FreeBSD GNOME Team would like to thank Anders F Bjorklund for doing the initual packagekit porting. And the following contributors & testers for there help with this release: Eric L. Chen Vladimir Grebenschikov Sergio de Almeida Lenzi DomiX walder crsd Kevin Oberman Michal Varga Pavel Plesov Bapt kevin and ITetcu for two exp-run PR: ports/143852 ports/145347 ports/144980 ports/145830 ports/145511
* Updated port to version 1.34bniels2010-05-112-4/+4
| | | | Approved by: maintainer, itetcu (mentor, implicit)
* This is a adaptation of pam_chroot to BSD jails : it dropps users in jailsmiwi2010-05-105-0/+48
| | | | | | | after login. PR: ports/145302 Submitted by: Damien Bobillot
* pulledpork is a Perl script which helps to update your Snort 2.8+ rules.miwi2010-05-105-0/+135
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The sample config file comes predefined with the new settings for snort.org downloads, which will change in June 2010. BE SURE to read through the master pulledpork.conf file thoroughly, as there are many changes as of snort 2.8.6.0 that WILL affect you, even if you are NOT yet running 2.8.6.0! Features: * Flowbit tracking! * capability to specify base ruleset (see README.RULESETS) in master pulledpork.conf file. * Handle preprocessor and sensitive-information rulesets * Ability to define sid ranges in any of the sid modification .conf files * Ability to specify references in any of the sid modification .conf files * Ability to ignore entire rule categories (i.e. not include them) * Specify locally stored rules files that need their meta data included in sid-msg.map * Ability to specify your arch for so_rules * Rules are written to only two distinct files * Support metadata based VRT recommended rulesets * Maintain an optional rule changelog * Support for setting rules to Drop * Support for multi-line rules * Rule modification, i.e. disabling of specific rules within rule sets * Outputs changes in rules files if any rules have been added / modified * Compares new rules files with current rule sets * Automated retrieval of certain variables (Distro, Snort Version.. etc) * Downloads latest rules file * Verifies MD5 of local rules file * If MD5 has not changed from snort.org.. doesn't fetch files again * handle both rules and so_rules * Capability to generate stub files WWW: http://code.google.com/p/pulledpork/ PR: ports/146239 Submitted by: Olli Hauer
* - Update to 2.14wen2010-05-102-4/+4
|
* - Update to 1.4.5miwi2010-05-0912-5/+174
| | | | | PR: 145635 Submitted by: olli hauer <ohauer@gmx.de>
* - Update to 4.26miwi2010-05-093-6/+7
| | | | | PR: 146312 Submitted by: Ports Fury
* Added wireshark (DoS) and piwik (XSS) issuesniels2010-05-081-0/+57
| | | | | | | Approved by: itetcu (mentor, implicit) Security: http://www.wireshark.org/security/wnpa-sec-2010-03.html Security: http://www.wireshark.org/security/wnpa-sec-2010-04.html Security: http://piwik.org/blog/2010/04/piwik-0-6-security-advisory/
* Added spamass-milter remote command execution vulnerabilityniels2010-05-071-1/+31
| | | | | | Approved by: itetcu (mentor, implicit) Security: CVE-2010-1132 Security: http://archives.neohapsis.com/archives/fulldisclosure/2010-03/0139.html
* Update to 0.4.3skv2010-05-064-85/+14
| | | | | | Changes: http://www.keepassx.org/changelog PR: ports/146259 Submitted by: Gvozdikov Veniamin <g.veniamin xx googlemail.com>
* - Added mediawiki and lxr vulnerabilitiesniels2010-05-061-1/+68
| | | | | | | | | - Fixed vlc topic format (lower case, portname first) PR: ports/146337 Approved by: itetcu (mentor, implicit) Security: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-April/000090.html Security: http://sourceforge.net/mailarchive/message.php?msg_name=E1NS2s4-0001PE-F2%403bkjzd1.ch3.sourceforge.com
* - fix path in c_rehashdinoex2010-05-054-4/+50
| | | | | | | | Submitted by: Matthias Andree Obtained from: http://rt.openssl.org/Ticket/Display.html?id=2234 - add more DTLS bugfixes Obtained from: http://sctp.fh-muenster.de/
* - Update to 1.33jadawin2010-05-052-4/+4
| | | | - Changelog: http://search.cpan.org/src/SULLR/IO-Socket-SSL-1.33/Changes
* Add security/p5-Crypt-CAST5 0.05, a Perl module that implementstobez2010-05-055-0/+39
| | | | CAST5 block cipher.
* Update 1.3.r7 --> 4.2.cy2010-05-056-46/+11
| | | | | PR: 146072 Submitted by: plosher
* Update 3.0.7 --> 4.0.0.cy2010-05-057-148/+332
|
* Welcome the new fwbuilder-devel and libfwbuilder-devel ports.cy2010-05-051-0/+2
|
* Welcome the new fwbuilder-devel port.cy2010-05-054-57/+219
|
* Welcome the new libfwbuilder-devel port.cy2010-05-053-90/+117
|
* Added 38 missing CVE names to 24 VuXML entriesniels2010-05-051-5/+62
| | | | | | | (256 CVE names to go) Approved by: itetcu (mentor, implicit) Security: http://people.freebsd.org/~niels/vuxml/
* - Update to 20100504garga2010-05-052-5/+5
| | | | - Try to fix build on sparc64 disabling LLVM/JIT build
* Disable LLVM/JIT build for sparc64, it should unbreak it on this archgarga2010-05-051-1/+1
|
* Fix build issue WITH_OPENSSL_PORT.nork2010-05-041-0/+1
| | | | | PR: ports/146289 Submitted by: Dan Lukes dan obluda cz
* Fix build issue WITH_OPENSSL_PORT.nork2010-05-041-0/+2
| | | | | PR: ports/146288 Submitted by: Dan Lukes dan obluda cz
* Fix build issue WITH_OPENSSL_PORT.nork2010-05-041-0/+2
| | | | | PR: ports/146286 Submitted by: Dan Lukes dan obluda cz
* Fix build issue WITH_OPENSSL_PORT.nork2010-05-041-0/+2
| | | | | PR: ports/146285 Submitted by: Dan Lukes dan obluda cz
* - Annotate the combination of X509 and KERB_GSSAPI patches as brokenpav2010-05-041-0/+4
| | | | | | PR: ports/142819 Submitted by: Scot Hetzel <swhetzel@gmail.com> Approved by: maintainer timeout (1 month)
* Fix build error WITH_OPENSSL_PORT.nork2010-05-041-0/+2
| | | | | PR: 146283 Submitted by: Dan Lukes dan obluda cz
* - Use @dirrmtry instead of @dirrmwen2010-05-041-3/+3
| | | | | PR: ports/144965 Submitted by: Kimo <kimor79@yahoo.com>
* Update to 2.6.novel2010-05-042-4/+4
|
* Update to 2.8.6.novel2010-05-043-4/+5
|
* Update to 2.9.10.novel2010-05-044-26/+57
|
* - Update to 1.5.0sahil2010-05-032-5/+4
| | | | | | PR: ports/146234 Submitted by: Petr Rehor <prehor@gmail.com> (maintainer) Approved by: wxs@ (mentor)
* Added 34 missing CVE names to 24 VuXML entriesniels2010-05-021-7/+60
| | | | | | | (294 CVE names to go) Approved by: miwi (secteam) Security: http://people.freebsd.org/~niels/vuxml/
* Update to version 1.07 (unbreak port)niels2010-05-023-20/+31
| | | | Approved by: itetcu (mentor, implicit)
* - Update to 0.2.2.13-alphamiwi2010-05-022-4/+4
| | | | | PR: 146091 Submitted by: Andrei Lavreniyuk <andy.lavr@gmail.com> (maintainer)
* 2010-04-30 audio/py-flac: has been marked IGNORE for past 24 monthsmiwi2010-05-027-111/+0
| | | | | | | | | | | | | | | | | 2010-02-20 databases/mysql-connector-java50: Old version: please use databases/mysql-connector-java instead 2010-04-15 databases/p5-DBIx-Class-HTML-FormFu: This module is obsoleted by www/p5-HTML-FormFu-Model-DBIC 2010-04-29 devel/py-rbtree: "does not build with new pyrex and it's not active maintained" 2010-04-08 devel/tavrasm: No longer maintained, use devel/avra instead 2010-04-27 mail/postfix23: it's no longer maintened by upstream developer 2010-04-30 math/libgmp4: Use math/gmp instead. 2010-04-04 misc/ezload: does not build with new USB stack in 8-STABLE 2010-01-31 misc/gkrellmbgchg: use misc/gkrellmbgchg2 2010-03-04 multimedia/kbtv: no longer under development by author 2010-02-16 net/plb: broken; abandoned by author; use net/relayd or www/nginx instead 2010-04-30 security/vpnd: This software is no longer developed 2010-03-15 textproc/isearch: abandoned upstream, uses an obsolete version of GCC, not used by any other port 2010-04-02 www/caudium12: No longer maintained upstream, please switch to www/caudium14 2010-03-08 www/p5-Catalyst-Plugin-Cache-FileCache: Deprecated by module author in favor of www/p5-Catalyst-Plugin-Cache
* - VideoLAN has released 1.0.6 to address serveral vulnerabilities they ↵sylvio2010-05-021-0/+27
| | | | | | | discoverd while working towards the 1.1.0 release. These vulnerabilities could potentially allow for a specially crafted file to execute code. PR: ports/146099 Submitted by: Joseph S. Atkinson <jsa@wickedmachine.net> (maintainer)
* Updated port to version 1.06niels2010-05-023-18/+57
| | | | Approved by: itetcu (mentor, implicit)
* Update to version 1.33bniels2010-05-022-4/+5
| | | | | Reviewed by: Ryan Steinmetz (maintainer) Approved by: itetcu (mentor, implicit)
* Update to 1.2.15johans2010-04-302-4/+4
|
* - fix version for apache+mod_ssldinoex2010-04-301-1/+1
|
* - fix info for apache+mod_ssldinoex2010-04-301-1/+1
|
* - Assign to new volunteerpgollucci2010-04-301-1/+1
|
* - fix dependencyclsung2010-04-291-0/+2
| | | | | | | - bump PORTREVISION PR: ports/144709 Submitted by: Rainer Duffner <rainer_AT_ultra-secure dot de>
* Fix the 'nss-config --libs' by remove the '-Wl,-R/usr/local/lib/nss' to allowmezz2010-04-292-1/+2
| | | | | | | other gecko applications to be able to build with nss. PR: ports/144994 Submitted by: mi
* Mark kdebase3 as safe now.makc2010-04-291-1/+1
|
* - Re-assign all my rubygem-* ports to ruby@pgollucci2010-04-284-6/+6
| | | | | | | | | this gives us more eyes and brings us inline with perl@ Current ruby@ members (stas, dinoex, pgollucci) http://wiki.freebsd.org/Ruby Discussed with: stas on #bsdports
* - Documented multiple Joomla! vulnerabilitiesniels2010-04-271-0/+52
| | | | | | | - Added new reference to the recent cacti issue Approved by: remko (secteam) Security: http://developer.joomla.org/security/
* Welcome to krb5-appl-1.0. MIT split the Kerberos applications from thecy2010-04-2625-597/+57
| | | | base Kerberos distribution, creating krb5-appl.
* Welcome the new krb5-1.8.1. Significant changes include the removal ofcy2010-04-2616-574/+193
| | | | the MIT KRB5 applications (now in a separate tarball and port).
* Krb5-17 has been merged into krb5 and a new krb5-appl has been repocopiedcy2010-04-261-1/+1
| | | | | | | from krb5-l7. The old krb5-17 port has been removed. All this is in preparation for the krb5 1.8.1 commit. PR: 145968
* Remove krb5-17, which has been merged into the krb5 port.cy2010-04-2626-1061/+0
|
* MFkrb5-17.cy2010-04-2612-220/+89
|
* - Update to 201017sylvio2010-04-262-4/+4
| | | | | PR: ports/145762 Submitted by: Eric F Crist <ecrist@secure-computing.net> (maintainer)
* Documented vulnerabilities in moodle, tomcat55, tomcat66 and cactiniels2010-04-251-0/+94
| | | | | | | | | PR: ports/146021 PR: ports/146022 Approved by: remko (secteam) Security: http://seclists.org/bugtraq/2010/Apr/200 Security: http://docs.moodle.org/en/Moodle_1.9.8_release_notes Security: http://www.bonsai-sec.com/en/research/vulnerability.php
* - Update to 5.3sahil2010-04-255-50/+10
| | | | | | | | | - Use ${PORTNAME} variable where possible PR: ports/145524 Submitted by: Laurent LEVIER <llevier@argosnet.com> (maintainer) Tweaked by: sahil@ (myself) Approved by: wxs@ (mentor)
* Documented emacs movemail vulnerability and marked the seperateniels2010-04-241-0/+67
| | | | | | | mail/movemail port vulnerable to an old format string vulnerability. Approved by: remko (secteam) Security: http://www.ubuntu.com/usn/USN-919-1
* - PHP 5.2 slave portdinoex2010-04-242-0/+15
| | | | | PR: 145772 Submitted by: Alex Keda
* - PHP 5.2 slave portdinoex2010-04-243-0/+29
| | | | | PR: 145772 Submitted by: Alex Keda
* - PHP 5.2 slave portdinoex2010-04-241-0/+1
| | | | | PR: 145772 Submitted by: Alex Keda
* - PHP 5.2 slave portdinoex2010-04-234-0/+54
| | | | | PR: 145772 Submitted by: Alex Keda
* - PHP 5.2 slave portdinoex2010-04-231-0/+1
| | | | | PR: 145772 Submitted by: Alex Keda
* - Update MASTER_SITESkrion2010-04-231-3/+1
| | | | | PR: ports/145730 Submitted by: sylvio@FreeBSD.org
* Added krb5 double free vulnerabilityniels2010-04-221-0/+30
| | | | | | Approved by: remko (secteam) Security: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-004.txt Security: CVE-2010-1320
* Upgraded to version 1.05niels2010-04-213-118/+202
| | | | Approved by: itetcu (mentor)
* JBroFuzz is a web application fuzzer for requests being made overniels2010-04-216-0/+74
| | | | | | | | | HTTP or HTTPS. Its purpose is to provide a single, portable application that offers stable web protocol fuzzing capabilities. WWW: http://www.owasp.org/index.php/Category:OWASP_JBroFuzz Approved by: itetcu (mentor)
* Upgraded to version 1.32bniels2010-04-212-4/+4
| | | | | Reviewed by: Ryan Steinmetz (maintainer) Approved by: itetcu (mentor)
* Documented the following vulnerabilities:niels2010-04-211-0/+161
| | | | | | | | | | | | | | | | | | - png: libpng decompression denial of service - e107: code execution and XSS vulnerabilities - pidgin: multiple remote denial of service vulnerabilities - fetchmail: denial of service vulnerability PR: ports/145885 PR: ports/145857 Approved by: remko (secteam) Security: CVE-2010-0996 Security: CVE-2010-0997 Security: CVE-2010-1167 Security: CVE-2010-0277 Security: CVE-2010-0420 Security: CVE-2010-0423 Security: CVE-2010-0205
* - fix LIB_DEPENDS about libnetclsung2010-04-202-5/+6
| | | | | | | | | - snortsam patch for snort has changed - ref: http://lists.snortsam.net/pipermail/snortsam-discussion/2010-March/000502.html - bump PORTREVISION PR: ports/145632 Submitted by: olli hauer <ohauer_AT_gmx dot de>
* Documented the following vulnerabilities:niels2010-04-201-0/+111
| | | | | | | | | | | | - curl: libcurl buffer overflow vulnerability - irssi: multiple vulnerabilities - ejabberd: queue overload denial of service vulnerability Approved by: remko (secteam) Security: http://curl.haxx.se/docs/adv_20100209.html Security: http://support.process-one.net/browse/EJAB-1173 Security: http://xforce.iss.net/xforce/xfdb/57790 Security: http://xforce.iss.net/xforce/xfdb/57791
* New port: Fuzzdb is a comprehensive set of fuzzing patterns thatniels2010-04-195-0/+152
| | | | | | | | can be used during discovery or security testing of web applications. WWW: http://code.google.com/p/fuzzdb/ Approved by: itetcu (mentor)
* Switch to use newer GMP version.ale2010-04-1912-19/+24
| | | | | | PR: ports/144487 Submitted by: ale Approved by: portmgr (-exp run by erwin)
* - Added three krb5 vulnerabilitiesniels2010-04-191-6/+80
| | | | | | | | | | - Fixed indent on mahara entry - Fixed title of KDM entry Approved by: remko (secteam) Security: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-001.txt Security: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-002.txt Security: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-003.txt
* Mark BROKEN on 9.x: does not builderwin2010-04-191-0/+4
|
* Mark BROKEN on 9.x: leaves files behind on deinstallerwin2010-04-191-0/+4
|
* Document mahara sql injection vulnerabilityniels2010-04-191-0/+32
| | | | | Approved by: remko (secteam) Security: http://www.debian.org/security/2010/dsa-2030
* Upgrade to version 1.31bniels2010-04-182-4/+4
| | | | | Reviewed by: Ryan Steinmetz (maintainer) Approved by: itetcu (mentor)
* - Fix pkg-plist so directories installed out of PREFIX are removedglarkin2010-04-171-0/+1
| | | | | | | when empty PR: ports/145741 Submitted by: sahil
* Update to 1.2.5 and hand maintainership to Sofian Brabez.lx2010-04-172-5/+54
| | | | | PR: ports/145760 Submitted by: sbrabez@gmail.com
* Update to stunnel-4.33; hopefully, the stability problems are fixed now.roam2010-04-165-16/+13
|
* Correct CVE entry. The advisory from Todd[0] says CVE 2010-0426, which iswxs2010-04-161-1/+1
| | | | | | | | | the entry assigned to the original sudoedit vulnerability[1]. The new one (CVE-2010-1163) was just assigned. I believe the one assigned by CVE folks is the proper one to use. [0]: http://sudo.ws/sudo/alerts/sudoedit_escalate2.html [1]: 018a84d0-2548-11df-b4a3-00e0815b8da8
* - Update to 1.7.2p6 (security fix).wxs2010-04-162-5/+5
| | | | Security: 1a9f678d-48ca-11df-85f8-000c29a67389
* - Document sudo privilege escalation bug. This is similar towxs2010-04-161-0/+36
| | | | 018a84d0-2548-11df-b4a3-00e0815b8da8.
* Mark FORBDDEN due to security vulnerabilities.cy2010-04-152-0/+2
| | | | Security: MITKRB5-SA-2010-001, MITKRB5-SA-2010-002, MITKRB5-SA-2010-003.
* - Do not match x11/kdebase4 in latest KDM vulnerability.avilla2010-04-151-1/+2
| | | | Approved by: tabthorpe (mentor)
* - Mark BROKEN: does not compilepav2010-04-154-0/+8
| | | | Reported by: pointyhat
* - Document KDM local privilege escalation vulnerability.avilla2010-04-151-0/+35
| | | | Approved by: tabthorpe (mentor), delphij (secteam)
* - Fix build with opensslwen2010-04-141-3/+11
| | | | | PR: ports/145620 Submitted by: Sergei Vyshenski <svysh@pn.sinp.msu.ru> (maintainer)
* Bumped PORTREVISION due to new patchniels2010-04-141-0/+1
| | | | Approved by: miwi (mentor)
* Fix plugins location patchniels2010-04-141-9/+3
| | | | Approved by: miwi (mentor)
* - update to 1.0.13dinoex2010-04-142-4/+4
|
* - Unbreak after recent PHP 5.3.2 updateglarkin2010-04-131-3/+42
| | | | | Reported by: pointyhat Approved by: portmgr (itetcu, erwin - blanket)
* - Update to 20100412garga2010-04-123-5/+6
| | | | | - Use ${TOUCH} instead of touch - Fix pkg-plist to delete directories installed out of PREFIX (on /var)
* - Use ${TOUCH} instead of touchgarga2010-04-122-1/+3
| | | | | | | | - Fix pkg-plist to delete directories installed out of PREFIX (on /var) [1] - Bump PORTREVISION because of [1] PR: ports/145448 [1] Submitted by: sahil@ [1]
* Unit tests require python built with thread support, disable make check whengarga2010-04-122-2/+34
| | | | | | | local python doesn't have this PR: ports/145520 Submitted by: Michael Scheidell <scheidell at secnap.net>
* New port: WhatWeb can be used to detect the software packages thatniels2010-04-126-0/+264
| | | | | | | | | | are used for a website. It can detect content management systems (CMS), blogging platforms, stats/analytics packages, javascript libraries, servers, etc.. WWW: http://www.morningstarsecurity.com/research/whatweb Approved by: itetcu (mentor)
* Removed old patch to fix previous commit:niels2010-04-121-30/+0
| | | | | | | | Upgraded to version 1.30b Submitted by: Ryan Steinmetz (maintainer) Approved by: itetcu (mentor) Reported by: QAT
* Upgraded to version 1.30bniels2010-04-125-17/+36
| | | | | Submitted by: Ryan Steinmetz (maintainer) Approved by: itetcu (mentor)
* Add forgotten dependency on gnutlsjohans2010-04-111-1/+3
|
* - Update to 3.12.6beat2010-04-104-27/+26
| | | | Approved by: marcus
* - Update to 1.1.4sylvio2010-04-102-6/+4
| | | | | | PR: ports/145523 Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer) Approved by: itetcu (mentor, implicit)
* Python and gmake are just necessary when LLVM option is setgarga2010-04-101-14/+16
|
* Python and gmaker are needed just if LLVM option is setgarga2010-04-101-14/+16
|
* Update to 0.9.30 release.ale2010-04-092-4/+4
|
* Update to PHP 5.3.2 release!ale2010-04-093-31/+1
|
* - Remove nmap-i18n-man - security/nmap now comes with translated manual pagesamdmi32010-04-085-180/+0
| | | | | PR: 145439 Submitted by: Daniel Roethlisberger <daniel@roe.ch> (maintainer)
* - add option WITHOUT_ASMdinoex2010-04-071-0/+7
|
* - Document dojo - cross-site scripting and other vulnerabilitiesglarkin2010-04-071-0/+72
| | | | | | | | - Document ZendFramework - security issues in bundled Dojo library Approved by: secteam (remko) Security: http://dojotoolkit.org/blog/post/dylan/2010/03/dojo-security-advisory/ Security: http://framework.zend.com/security/advisory/ZF2010-07