aboutsummaryrefslogtreecommitdiffstats
path: root/security
Commit message (Collapse)AuthorAgeFilesLines
* Add mod_dav denial-of-service issue.nectar2004-09-151-0/+28
| | | | Approved by: portmgr
* Oops, forgot to note that the previous issue affects only the Apache 2.xnectar2004-09-151-1/+1
| | | | | | series. Approved by: portmgr
* Add Apache 2 vulnerability concerning environmental variables innectar2004-09-151-0/+34
| | | | | | configuration files. Approved by: portmgr
* Repair three <freebsdpr> elements. The content of these elementsnectar2004-09-151-3/+3
| | | | | | | must be e.g. "ports/46613", not just "46613". Reported by: Matthew Seaman <m.seaman@infracaninophile.co.uk> Approved by: portmgr
* Note that some versions of OpenOffice have been corrected.nectar2004-09-151-1/+2
| | | | Approved by: portmgr
* Fix botched date entry and correct iDefense URL.trhodes2004-09-141-2/+2
| | | | Approved by: portmgr
* Really add Samba 3 vulnerability.trhodes2004-09-141-1/+26
| | | | | | | Remove incorrect URL in mpg123 entry. Approved by: portmgr URL noticed: nectar
* Correct version. Note my last commit here was for mpg123 instead oftrhodes2004-09-141-1/+1
| | | | | | | samba3. Noticed by: nectar Approved by: portmgr
* - There is a WITHOUT_X11 version of ImageMagick that needs to benectar2004-09-141-2/+221
| | | | | | | | | | | | | | | | | taken into account. - Fix transposed characters in `isakmpd'. Noticed by: Dan Langille <dan@langille.org> - Add CVE name reference for ImageMagick. - Add webmin temporary file handling issue. - Add OpenOffice temporary file handling issue. - Widen the `KDE frame injection' issue to cover Mozilla, Firebird, Netscape, and Opera as well - Add Mozilla/Firebird/Netscape SOAPParameter vulnerability - Add Mozilla/Thunderbird/Netscape POP client vulnerability Approved by: portmgr
* Update for recent Samba3 vulnerabilities.trhodes2004-09-141-0/+27
| | | | Approved by: portmgr
* - Update to 1.0.20, fixing GnuTLS certificate chain verification DoSsergei2004-09-103-6/+5
| | | | | | | | | | | vulnerability (portaudit ID: 84ab58cf-e4ac-11d8-9b0a-000347a4fa7d), described in the following advisories: - http://www.hornik.sk/SA/SA-20040802.txt - http://secunia.com/advisories/12156 PR: ports/71502 Submitted by: Koop Mast <kwm@rainbow-runner.nl> Approved by: portmgr (eik, marcus)
* Typo-fix in a commentbrueffer2004-09-091-1/+1
| | | | Approved by: portmgr (krion)
* - star-devel: privilege escalationeik2004-09-092-1/+7
| | | | | | | | - multi-gnome-terminal: information leak - usermin: remote shell command injection and insecure installation - mpg123: layer 2 decoder buffer overflow Approved by: portmgr (implicit)
* - XSS vulnerability in phpGroupWare wiki moduleeik2004-09-072-8/+42
| | | | | | - add some references Approved by: portmgr (implicit)
* managed to break this just in time for the ports freeze.arved2004-09-041-2/+0
| | | | | Submitted by: lofi, eik Approved by: portmgr (eik)
* multiple vulnerabilities in LHAeik2004-09-041-0/+36
|
* Nuke the gnupg sigchecking code. There are bugs and I don't have the timearved2004-09-042-16/+0
| | | | | | | to work on this now. PR: 66417 Submitted by: Lupe Christoph <lupe@lupe-christoph.de>
* grrrr... left the test case intacteik2004-09-041-1/+1
|
* - update to version 0.5.9eik2004-09-043-14/+34
| | | | (first attempts to check the base system for vulnerabilities)
* - add some referenceseik2004-09-043-8/+142
| | | | | | | | | | - extend ImageMagick entry - squid ntlm authentication helper DoS - multiple vpopmail vulnerabilities - first attempts to check the base system for vulnerabilities: + cvs server code + zlib DoS - BSD license portaudit.xml
* Fix build when using ccacheeik2004-09-041-1/+31
| | | | | PR: 71343 Submitted by: Michael Johnson <ahze@ahze.net>
* Update to 3.23.0. This release of super fixes a potential root exploit:obrien2004-09-044-17/+12
| | | | | | | http://xforce.iss.net/xforce/xfdb/16458 PR: 71328 Submitted by: Piet Delport <pjd@point45.com>
* Add CONFLICTS with openvpn-develvs2004-09-043-0/+6
| | | | | PR: ports/71337 Submitted by: maintainer
* - update to 0.19.clsung2004-09-032-3/+3
| | | | Approved by: vanilla (co-mentor)
* Implement a "mgrate" facility that lets one migrate/overwrite the LDAPmarcus2004-09-032-8/+59
| | | | | | | | | | | | | | | | | | userPassword field of the user being authenticated. The PAM and LDAP usernames must be the same. This makes "pam_ldap migrate" similar to "pam_smbpass migrate". This has been submitted to PADL in http://bugzilla.padl.com/show_bug.cgi?id=178. [1] Allow pam_ldap to change user passwords under certain circumstances. This has been submitted to PADL in http://bugzilla.padl.com/show_bug.cgi?id=177. [2] All of this is documented further at http://www.iem.pw.edu.pl/~wielebap/ldap/pam_ldap/pam_ldap_doc.pdf. PR: 71289 [1] 71287 [2] Submitted by: Pawel Wieleba <wielebap@iem.pw.edu.pl>
* Fix the bus error on startup in -CURRENT and 5.x-BETA. It turns outroam2004-09-022-1/+32
| | | | | | | | | | | | | that the OpenSSL ENGINE code is, well, somewhat less than stellar, especially in combo with malloc's 'j' option. Even without it, though, there are some problems that I don't have time to look into right now. So, disable the OpenSSL ENGINE activation on FreeBSD 5.x, unless the WITH_STUNNEL_SSL_ENGINE knob is turned on. Also, while I'm here, fix the CONFIGURE_TARGET so the GNU configure script does not complain quite so loudly. Bump PORTREVISION for the functionality change (well, I guess you could say "not working" -> "working" is a functionality change ;)
* - Update to 20040826 snapshotvs2004-09-024-93/+46
| | | | | | | | | - Fix fetching - Fix -pthread/-lc_r issue for good (courtesy of bsd.autotools.mk, who'd have guessed...) PR: ports/71168 Submitted by: Rob Evers (maintainer), me
* Adjust the affected version for imlib now that the 2nd instance of BMPnectar2004-09-021-1/+2
| | | | loader has been corrected.
* - Update to 0.44pav2004-09-022-5/+3
| | | | | PR: ports/71249 Submitted by: Luiz Eduardo Roncato Cordeiro <cordeiro@nic.br> (maintainer)
* Update to DAT 4389jeh2004-09-022-4/+3
|
* Fix MIT krb5 Security Advisory 2004-002: double-free vulnerabilitiescy2004-09-0212-4/+128
| | | | | | in KDC and libraries Heads-up by: nectar
* The recent commit to the krb5 port brought the version to 1.3.4_1 butnectar2004-09-021-1/+1
| | | | | did not correct one of the existing vulnerabilities. Update the affected range to compensate.
* Fix MITKRB5-SA-2004-003: ASN.1 decoder denial-of-service.cy2004-09-018-0/+56
| | | | Heads-up by: nectar
* - update to 0.7clsung2004-09-012-3/+3
| | | | | | | | | | | | | - From ChangeLog - Added support for ESMTP [Andreas Steinmetz] - Fixed crash when too many connections established - Announce ourselves as 'clamsmtp' in EHLO/HELO responses which fixes 'loopback' problems with certain versions of Postfix 1.x - Better IO performance under heavy load - Fixed most warnings when compiled with -Wall - Fixed other minor bugs Approved by: vanilla (co-mentor)
* Note recent MIT Kerberos 5 vulnerabilities.nectar2004-09-011-0/+74
|
* - update to version 3.70 (birthday edition, try the verbose mode)eik2004-09-012-9/+3
|
* Document imlib2 BMP decoder bug.nectar2004-08-311-0/+27
|
* Document BMP decoder bugs in imlib1 and ImageMagick.nectar2004-08-311-0/+50
|
* Update to 1.2.6.osa2004-08-316-58/+58
| | | | | | Utilize DOCSDIR and DATADIR macros. Approved by: kuriyama (maintainer)
* Update to 1.7.1.marcus2004-08-312-3/+3
|
* samba printer change notification request DoSeik2004-08-311-0/+1
|
* Update to 0.3.3.marcus2004-08-313-3/+11
| | | | | PR: 71156 Submitted by: maintainer
* Update to KDE 3.3lofi2004-08-316-190/+56
|
* Correct bogus date in mysql entry. (It should be YYYY-MM-DD, notnectar2004-08-301-2/+2
| | | | | | DD-MM-YYYY.) Reported by: robert@openbsd.org
* Add more references (particularly CVE names) for issues affectingnectar2004-08-301-8/+24
| | | | | | | SpamAssassin, tnftpd, ruby, mysql. Place text taken from another source inside <blockquote cite="..."> for ruby issue.
* Fix location of pkg-config data.vs2004-08-302-1/+12
| | | | | | PR: ports/69149 Submitted by: Konstantin Oznobihin Approved by: maintainer timeout
* correct/add some referenceseik2004-08-301-35/+48
|
* add some references, add ru-gaimeik2004-08-301-2/+4
|
* multiple vulnerabilities in gaimeik2004-08-301-4/+4
|
* I have been having a problem since the update to use update.ini insteadjeh2004-08-302-10/+23
| | | | | of readme.txt of flipping between two version of DAT. 'update_dat' now compares the current value with the new one, before updating.
* security bug in rscsi client codeeik2004-08-301-0/+4
| | | | Submitted by: marius
* Update to 2.30.marcus2004-08-304-6/+6
| | | | | PR: 71092 Submitted by: maintainer
* - Update to 1.1.7pav2004-08-304-17/+26
| | | | | PR: ports/71119 Submitted by: bugghy <bugghy@rootshell.be> (maintainer)
* Remove -P option from tar. This patch has already been incorporatedlinimon2004-08-291-0/+1
| | | | | | | into the upstream sources. PR: ports/70806 Submitted by: SANETO Takanori <sanewo at ba2 dot so-net dot ne dot jp>
* Add opieprintmharo2004-08-295-17/+40
| | | | output postscript with 100 OPIE passwords credit card sized
* Patch the default installation locations to be FreeBSD-friendly. Bumplinimon2004-08-2816-2/+201
| | | | | | | portrevision. Users should take care when upgrading. PR: ports/70424 Submitted by: Jean Milanez Melo <jmelo at freebsdbrasil dot com dot br> (maintainer)
* Add WWW line.linimon2004-08-281-0/+2
|
* Document NSS SSLv2 server buffer overflow (already referenced innectar2004-08-272-1/+37
| | | | portaudit.txt).
* Document ripMIME decoding bug (already referenced in portaudit.txt).nectar2004-08-272-2/+38
|
* Update to 0.41mat2004-08-273-5/+6
| | | | | | PR: 70258 Submitted by: skv Approved by: maintainer timeout
* Argh. Duplicate entry for "Scorched 3D server chat box format string ↵eik2004-08-271-2/+1
| | | | vulnerabilty"
* Mozilla / NSS S/MIME DoS vulnerability & Scorched 3D server chat box format ↵eik2004-08-271-0/+2
| | | | string vulnerability
* Remove <modified/> from the gnomevfs vulnerability since it was the samemarcus2004-08-271-1/+0
| | | | | | as <entry/> and it needed to be last anyway. Suggested by: nectar
* Update the gnomevfs entry to reflect the fixed versions.marcus2004-08-271-2/+3
|
* Add entry for moinmoin ACL bypass.trhodes2004-08-271-0/+28
|
* Note sanitize_path bug in rsync (already referenced in portaudit.txt).nectar2004-08-272-1/+32
|
* Unsafe URI handling in gnome-vfs, MidnightCommander.nectar2004-08-271-0/+38
|
* Document buffer overflows in SoX (already referenced in portaudit.txt).nectar2004-08-272-1/+30
|
* Document cookie bug in Konqueror (already referenced in portaudit.txt).nectar2004-08-272-1/+45
|
* Update to 2.1.1sem2004-08-274-17/+26
| | | | | PR: ports/70933 Submitted by: maintainer
* The tarball was rerolled because of security fix.sem2004-08-271-2/+2
| | | | | PR: ports/70978 Submitted by: Omer Faruk Sen <ofsen@enderunix.org>
* - Update to 0.6.6pav2004-08-272-4/+4
| | | | | PR: ports/70941 Submitted by: Janos Mohacsi <janos.mohacsi@bsd.hu> (maintainer)
* Add missed file in pkg-plistsem2004-08-271-0/+1
|
* Update to 2.1.2sem2004-08-2710-15/+728
| | | | | | | make portlint happy PR: ports/70951 Submitted by: maintainer
* support building nmap-3.59a5 WITH_PRERELEASE=yeseik2004-08-262-0/+6
|
* - Update to 1.4.0clsung2004-08-265-31/+60
| | | | | | | | - Change MASTER_SITES - fixed build error in 5.x (compare to ports/69194) PR: ports/70444 Approved by: vanilla (co-mentor)
* I forgot to change filename, which md5 info is correct for 0.6.clsung2004-08-261-2/+2
| | | | Approved by: vanilla (co-mentor)
* Update to DAT 4388jeh2004-08-262-3/+3
|
* Update to 20040825vs2004-08-262-3/+3
| | | | | PR: ports/70947 Submitted by: Tim Bishop (maintainer)
* - Fix "make validate" problem when textproc/xhtml-basic ishrs2004-08-254-9/+12
| | | | | | | | installed by adding an SGML declaration and DTDDECL. - Remove the --catalogs option for xmllint(1) in validate.sh. Approved by: nectar (maintainer) PR: ports/63035
* Remove libxine issue which is now documented in the FreeBSD VuXMLnectar2004-08-251-1/+0
| | | | | | document. Reminded by: eik
* update to 3.9.2. Fixes a remote exploitable buffer overflow:eik2004-08-253-5/+4
| | | | <http://www.freebsd.org/ports/portaudit/207f8ff3-f697-11d8-81b0-000347a4fa7d.html>
* nss library SSL remote buffer overfloweik2004-08-251-0/+1
|
* multiple buffer overflows in xveik2004-08-251-2/+3
|
* - update to 0.6clsung2004-08-252-3/+3
| | | | | | | - Proper adding of customized header - Fixes to documentation Approved by: vanilla (co-mentor)
* - Removed now-unneeded patchsergei2004-08-241-11/+0
|
* - Update to 1.0sergei2004-08-242-10/+10
|
* Konqueror cross-domain cookie injectioneik2004-08-241-0/+1
|
* handle some duplicateseik2004-08-243-2/+71
|
* Place port name in the description.trhodes2004-08-241-1/+2
| | | | Suggested by: eik
* fix "too many open files" error when using the -r flageik2004-08-242-2/+2
| | | | Noted by: nectar
* Add libxine vcd URL handling issue.nectar2004-08-241-0/+39
|
* Add DoS in SpamAssassin.nectar2004-08-231-0/+30
|
* Add <modified> date for previous commit.nectar2004-08-231-0/+1
|
* fidogate-ds was also affected by the ``write files as `news' user''nectar2004-08-231-0/+4
| | | | issue.
* Off-by-one error in courier-imap entry.nectar2004-08-231-1/+1
| | | | Noticed by: oliver
* Add a more useful reference for the Qt issue.nectar2004-08-231-0/+1
|
* Add Qt heap overflow issue.nectar2004-08-231-0/+31
|
* Add a security issue affected courier-imap when run with certain debugnectar2004-08-231-0/+26
| | | | flags.
* Add fidogate issue.nectar2004-08-231-0/+26
|
* Add an issue covering a vulnerability in mysqlhotcopy.nectar2004-08-231-0/+32
| | | | Reported by: robert@openbsd.org
* Cancel a VuXML entry for an Apache vulnerability that does not affectnectar2004-08-231-42/+1
| | | | | | FreeBSD. Reminded by: recent conversations :-)
* Fix CC, CFLAGSarved2004-08-231-0/+1
| | | | | PR: 70824 Submitted by: Roman Bogorodskiy <bogorodskiy@inbox.ru>
* Revert previous commit, I lost the race with arved who fixed the port.kris2004-08-221-6/+1
| | | | Pointy hat to: kris
* that should fix the build on freebsd-6oliver2004-08-221-1/+19
| | | | Reported by: pointyhat (via kris)
* Fix the WITHOUT_ knobs to be compliant with the GNOME frameworksem2004-08-212-12/+10
| | | | | PR: ports/70451, ports/70452 Submitted by: maintainer
* a2ps: Possible execution of shell commands as local user.eik2004-08-211-1/+2
|
* Delete files forgotten in last repocopyeik2004-08-219-152/+0
| | | | | | | | | Fix typo <http://docs.freebsd.org/cgi/mid.cgi?200408010854.i718sxCc065477> <http://docs.freebsd.org/cgi/mid.cgi?200408010937.i719b446067158> Pointy hat to: sem
* cancelled 6fd9a1e9-efd3-11d8-9837-000c41e2cdad: does not affect FreeBSDeik2004-08-211-27/+1
| | | | <http://docs.FreeBSD.org/cgi/mid.cgi?20040817123651.GB930>
* BROKEN on 5.x: Does not compile with gcc 3.4.2kris2004-08-211-1/+6
|
* Fix build with gcc 3.4arved2004-08-211-2/+10
|
* Update to 1.1.6sem2004-08-202-3/+3
| | | | | PR: ports/70706 Submitted by: maintainer
* correct topic of eda0ade6-f281-11d8-81b0-000347a4fa7deik2004-08-201-1/+1
|
* QT 3.x BMP (and possibly other graphics formats) heap-based overfloweik2004-08-201-0/+1
|
* Update to 1.6.8mharo2004-08-204-21/+9
|
* My territory, suggested by ijliao. :pclsung2004-08-203-3/+3
| | | | Approved by: vanilla (co-mentor)
* Add revelation, a password manager for the GNOME 2 desktop. It stores allmarcus2004-08-205-0/+123
| | | | | | | | your account and passwords in a single, secure, place, and give you access to them all through a user-friendly graphical interface. PR: 70653 Submitted by: ports@c0decafe.net <ports@c0decafe.net>
* Update to 1.25mat2004-08-193-29/+67
| | | | | | | | use EXAMPLESDIR PR: 70093 Submitted by: Jeff Putsch <jdputsch@comcast.net> Approved by: maintainer timeout
* potential security flaws in mod_ssleik2004-08-191-4/+6
|
* Update to DAT 4387jeh2004-08-192-3/+3
|
* patch-kmpstat.c is not necessary anymore.sumikawa2004-08-192-28/+0
| | | | | | PR: ports/70620, ports/70622 Submitted by: Helge Oldach <racoonaug04@oldach.net>, Ying-Chieh Chen <yinjieh@csie.nctu.edu.tw>
* - update to 3.9p1dinoex2004-08-1812-126/+92
| | | | | | | set PORTVERSION 3.9.0.1 to avoid another bump of PORTEPOCH if 3.9.1p1 come out. - new option OPENSSH_SNAPSHOT
* Update to 1.27krion2004-08-182-3/+3
| | | | | PR: ports/70606 Submitted by: maintainer
* Upgrade to 20040818a.sumikawa2004-08-184-6/+6
|
* Add a pointer to Przemyslaw Frasunek's advisory.nectar2004-08-181-0/+1
|
* For the lukemftpd/tnftpd issue, add a reference to NetBSD securitynectar2004-08-181-0/+1
| | | | advisory now that it is available.
* Note a vulnerability in lukemftpd/tnftpd.nectar2004-08-181-0/+47
|
* Don't require a particular version of libexpat. Use sh(1)'s `echo *'mi2004-08-182-3/+3
| | | | | | instead of spawning off ls(1) in pkg_check.sh. Approved by: maintainer
* multiple CVS vulnerabilitieseik2004-08-171-0/+51
|
* move a800386e-ef7e-11d8-81b0-000347a4fa7d to xmleik2004-08-173-9/+36
|
* Correct the version numbers and dates in the last entry.knu2004-08-171-4/+4
|
* Add an entry for:knu2004-08-171-0/+30
| | | | Ruby insecure file permissions in the CGI session management
* Document a setgid "games" security issue in xonix. Based on a VuXMLnectar2004-08-171-0/+30
| | | | | | entry that was Submitted by: robert@OpenBSD.org
* - Fix build with gcc 3.4pav2004-08-172-5/+14
| | | | | | | - Unconfuse doc install PR: ports/70530 Submitted by: Yonatan <Yonatan@Xpert.com> (maintainer)
* Update to 2.29.marcus2004-08-176-8/+10
| | | | | PR: 70505 Submitted by: maintainer
* Upgrade to 2.1.0.vanilla2004-08-176-47/+51
| | | | | PR: ports/70526 Submitted by: maintainer
* ruby CGI::Session insecure file creationeik2004-08-161-1/+2
|
* Update to 1.0mat2004-08-163-6/+6
|
* Update to DAT 4386jeh2004-08-162-3/+3
|
* The distfile is now fetchable again, so rescue this port from death row.kris2004-08-161-4/+0
|
* Don't check the base system when PACKAGE_BUILDINGeik2004-08-161-0/+2
|
* BROKEN: Unfetchablekris2004-08-161-0/+2
|
* multiple phpGroupWare vulnerabilitieseik2004-08-161-0/+2
|
* phpGedView, jftpgweik2004-08-163-0/+29
|
* Correct the version number range affected for ja-samba.nectar2004-08-151-4/+4
| | | | | | Correct the version number range affected for Mozilla 1.8 alphas. Problem hinted at by: eik
* Fix build with gcc 3.4arved2004-08-151-0/+10
|
* Correct the version number range affected for Mozilla 1.8 alphas.nectar2004-08-151-4/+13
| | | | | | | | | | Problem hinted at by: eik While I'm here, add a CVE name reference and a couple of other relevant Bugzilla links. It is interesting that this security issue was reported as early as 1999. Also, replace the text plagiarized from the Secunia advisory without attribution with a more helpful (maybe?) description of the issue.
* Remove -a from the default fetch(1) flags, so that the daily securityeik2004-08-152-2/+2
| | | | | | report is not delayed when the distribution site is down. Submitted by: kuriyama
* Update to 0.6perky2004-08-153-3/+6
|
* take care of $PREFIX/libdata/pkgconfigoliver2004-08-151-0/+1
|
* Fix build with gcc-3.4krion2004-08-152-0/+28
|
* Fix plist.krion2004-08-152-3/+3
| | | | Pet portlint.
* Fix plist.krion2004-08-151-2/+3
|
* Fix plist.krion2004-08-153-0/+6
|
* Fix build with gcc 3.4arved2004-08-141-0/+28
|
* Format string vulnerability in jftpgw.trhodes2004-08-141-0/+28
| | | | Informed by: Robert Nagy <robert@openbsd.org>
* apply xlist not to the own fileseik2004-08-142-10/+15
|
* fix man page nits,eik2004-08-143-36/+61
| | | | | | | modify the vulnerability report depending on -q/-v (experimental) PR: 69935, 68942 Submitted by: Chris Pepper <pepper@reppep.com>, Johan Karlsson <k@numeri.campus.luth.se>
* Fix RUN_DEPENDSkrion2004-08-141-1/+1
| | | | | PR: ports/70419 Submitted by: maintainer
* fix some vuxml duplicates, add sympa unauthorized list creationeik2004-08-143-8/+680
|
* Change MAINTAINER to perl@.nork2004-08-138-8/+8
| | | | | | I welcome bsd.port.mk introduced soon. Inspired by: freebsd-perl@
* - Add WITHOUT_NESSUS_GTK knob.vs2004-08-138-40/+88
| | | | | | | | - Upgrade rc.d script to the rc-ng style; bump PORTREVISION for that. - Add CONFLICTS. PR: ports/69878 Submitted by: Udo Schweigert (maintainer)
* - Add WITHOUT_NESSUS_GTK knob.vs2004-08-138-40/+88
| | | | | | | | - Upgrade rc.d script to the rc-ng style; bump PORTREVISION for that. - Add CONFLICTS. PR: ports/69877 Submitted by: Udo Schweigert (maintainer)
* Repair broken URL.nectar2004-08-131-1/+1
| | | | Noticed by: simon
* Add another entry for kdelibs3 due to another missed patch.lofi2004-08-131-0/+1
|
* Correct entries for recent kde vuln's and add new entry for kdelibslofi2004-08-131-1/+3
| | | | (3.2.3_3 didn't have all patches).
* Add two issues covering three KDE advisories: two temporary filenectar2004-08-131-0/+67
| | | | handling issues, and a KHTML issue.
* The last commit should have changed the comparison tag from <le> to <lt>.marcus2004-08-131-1/+1
|
* Update Gaim vulnerability (5b8f9a02-ec93-11d8-b913-000c41e2cdad) to indicatemarcus2004-08-131-1/+2
| | | | that gaim-0.81_1 has a fix for this.
* The MSN component of Gaim contains remotely exploitable buffernectar2004-08-131-0/+25
| | | | overflows.
* The Adobe Acrobat Reader can be coerced into executing arbitrarynectar2004-08-131-0/+36
| | | | commands on UNIX systems.
* Under certain configurations of POPfile may allow an attacker tonectar2004-08-131-0/+25
| | | | | | retrieve files from the victim's machine. Reported by: Daniel Grund <mail@dgrund.de>
* Correct version information syntax in a number of entries. VuXML-usingnectar2004-08-131-22/+40
| | | | | tools are expected only to understand actual package names and version numbers, not globs such as `foo-{bar,baz}' or `1.*'.
* Doorman is a port knocking implementation which allows a server to runsem2004-08-136-0/+101
| | | | | | | | silently, invisibly, with all TCP ports closed except to those who know... the secret knock! PR: ports/70186 Submitted by: Aaron Dalton <aaron@daltons.ca>
* give the ImageMagick png vulnerability an own entryeik2004-08-121-6/+28
|
* fix security hole in non-chroot rsync daemon.eik2004-08-121-0/+1
| | | | <http://www.freebsd.org/ports/portaudit/2689f4cb-ec4c-11d8-9440-000347a4fa7d.html>
* 9fb5bb32-d6fa-11d8-b479-02e0185c0b53 is a duplicate of ↵eik2004-08-122-2/+5
| | | | 40800696-c3b0-11d8-864c-02e0185c0b53
* - Update to 1.8.10bpav2004-08-122-48/+38
| | | | | PR: ports/69387 Submitted by: David Thiel <lx@redundancy.redundancy.org> (maintainer)
* f72ccf7c-e607-11d8-9b0a-000347a4fa7d is a duplicate of ↵eik2004-08-123-4/+13
| | | | 6f955451-ba54-11d8-b88c-000d610a3b12, move references
* - Don't pretend we support anything older than perl 5.8.2. Support forsem2004-08-126-31/+30
| | | | | | | | | | | | | | | 5.00503 was severly broken and amavisd-new author officially only supports 5.8.2 and up. As an added bonus, this simplifies the makefile very much. - Install a usable amavisd.conf if none exists - On installation, remove amavisd.conf if it is equal to default one - On installation, create /var/amavis/tmp, because the new amavisd.conf uses this directory to store temporary files - Remove address extension options from the example configuration file. Neither sendmail nor postfix support address extensions on FreeBSD by default. PR: ports/70306 Submitted by: maintainer
* - Install additional documentationpav2004-08-122-7/+5
| | | | | | | | - Portlint PR: ports/69627 Submitted by: Radim Kolar <hsn@netmag.cz> Approved by: maintainer timeout (14 days)
* Update to DAT 4385jeh2004-08-122-3/+3
|
* Upgrade to 3.1.1.kuriyama2004-08-123-7/+12
| | | | Approved by: maintainer
* Update to 0.21.nork2004-08-114-6/+5
| | | | | PR: ports/70257 Submitted by: skv
* Update to 0.1.4krion2004-08-113-3/+19
|
* Update to 20040810vs2004-08-112-3/+3
| | | | | | | | | | | - W32/Mydoom.N@mm - W32/Mydoom.P@mm - W32/Bagle.AI@mm - W32/Sober.I@mm - W32/Mydoom.Q@mm PR: ports/70274 Submitted by: Tim Bishop (maintainer)
* Factor out all but one of the build switches of the KDE main module portslofi2004-08-1111-350/+160
| | | | | | | | | | | | | | | into separate ports. The OPTIONS will remain as of yet and trigger dependencies now, for easy transition. Update KOffice to version 1.3.2. Add patches to fix a number of issues, including: - fix kxkb on Xorg - fix kdemultimedia WITH_MPEGLIB (now mpeglib_artsplug) compilation on gcc 3.4.2 with optimizations greater than -O Add security related patches and entries to portaudit.txt.
* add a reference for linux-png-1.0.x to 3a408f6f-9c52-11d8-9366-0020ed76ef5aeik2004-08-101-3/+4
|
* libine "vcd:" input source buffer overfloweik2004-08-101-0/+1
|
* Update to 0.6.5kevlo2004-08-102-3/+3
| | | | | PR: 70212 Submitted by: MAINTAINER
* Fix plist.kuriyama2004-08-102-1/+5
| | | | Approved by: maintainer
* SpamAssassin DoS & cfengine authentication heap corruptioneik2004-08-101-2/+4
|
* Update to DAT 4384jeh2004-08-102-3/+3
|
* add ImageMagick to the list of png-vulnerable portseik2004-08-091-1/+6
|
* Update to 0.98vs2004-08-094-45/+16
| | | | | Closes PR: ports/68496 Submitted by: Wesley Shields, Yonatan Bokovza (maintainer)
* - Update to 0.18vanilla2004-08-092-3/+3
| | | | | | | - remove data/trustdb.gpg (GnuPG generates it automatically) PR: ports/70159 Submitted by: Cheng-Lung Sung <clsung@dragon2.dot.net>
* Add pft 1.2,krion2004-08-0922-0/+947
| | | | | | | | libPJL- Printer Job Language library A library and a command-line tool to use PJL- HP Printer Job Language PR: ports/69382 Submitted by: Yonatan <Yonatan@xpert.com>
* Bump PORTREVISIONs to chase Gaim update.marcus2004-08-092-0/+2
|
* Update to version 0.0.17krion2004-08-092-4/+3
| | | | | PR: ports/70173 Submitted by: Ports Fury
* Update to version 0.0.13krion2004-08-093-3/+7
| | | | | PR: ports/70172 Submitted by: Ports Fury
* Upgrade to 1.1.4.thierry2004-08-095-48/+21
| | | | | PR: ports/70149 Submitted by: maintainer.
* respect CC/CFLAGS.sf2004-08-081-1/+5
|
* - Update to 0.75.1pav2004-08-082-3/+3
| | | | | | PR: ports/69805 Submitted by: Marcus Grando <marcus@corp.grupos.com.br> Approved by: maintainer
* CVStrac arbitrary remote code executioneik2004-08-071-1/+2
|
* correct typoeik2004-08-071-2/+2
|
* - Remove 2 patches no longer neededsergei2004-08-072-24/+0
| | | | | Forgotten by: sergei Reminded by: marcus
* - Update to 2.5.5sergei2004-08-072-5/+5
| | | | - Switch to using libtool 1.5 installed from ports
* - Update to 0.2.10sergei2004-08-073-6/+8
| | | | - Switch to using libtool 1.5 installed from ports
* Add an entry for Thunderbird to the libpng vulnerability.marcus2004-08-071-0/+4
|
* - update to 2.0petef2004-08-063-9/+7
| | | | | | | - update maintainer email - update COMMENT & pkg-descr to match reality Submitted by: csjp
* fold entry 7eded4b8-e6fe-11d8-b12f-0a001f31891a into ↵eik2004-08-062-1/+4
| | | | 2de14f7a-dad9-11d8-b59a-00061bc2ad93
* Update to 4.4.4vs2004-08-062-4/+4
| | | | | PR: ports/70042 Submitted by: Tim Bishop (maintainer)
* putty local command executiondinoex2004-08-061-0/+1
|
* Fix plist.lofi2004-08-061-2/+0
|
* move abe47a5a-e23c-11d8-9b0a-000347a4fa7d to vuxml, add mozilla to the list ↵eik2004-08-062-1/+47
| | | | of vulnerable ports
* o Security Update to 2.2.10-ja-1.0.nork2004-08-061-0/+1
| | | | | | | o rcNG-ify obtained from net/samba3. PR: ports/70034 Submitted by: NAKAJI Hiroyuki <nakaji@jp.freebsd.org> (maintainer)
* add Opera "location" object write access vulnerabilityeik2004-08-051-0/+1
|
* move f9e3e60b-e650-11d8-9b0a-000347a4fa7d to vuxml, add mozilla to the list ↵eik2004-08-052-3/+93
| | | | of vulnerable ports
* back out last commitdinoex2004-08-051-1/+0
|
* putty local command executiondinoex2004-08-051-0/+1
|
* - Upgrade to 0.3.5.kuriyama2004-08-054-23/+23
| | | | | | - Add VSCAN_SAMBA_PORT knob to work with samba3 port. No response from: maintainer
* Update to DAT 4383jeh2004-08-052-3/+3
|
* libPNG stack-based buffer overflow and other code concernseik2004-08-051-0/+3
|
* Update to 0.5.5lofi2004-08-043-11/+15
|
* Update to 1.9.10lofi2004-08-048-63/+23
|
* Update to 0.6.6lofi2004-08-045-33/+6
|
* Chase bumped libksba shared library versionlofi2004-08-042-2/+2
|
* Update to 0.9.7lofi2004-08-043-5/+5
|
* Acrobat Reader handling of malformed uuencoded pdf fileseik2004-08-041-0/+1
|
* Squid NTLM authentication helper overfloweik2004-08-041-0/+1
|
* ripMIME attachment extraction bypasseik2004-08-041-4/+5
|
* - Security update to 0.55dinoex2004-08-043-22/+22
|
* Update to 0.1.3krion2004-08-042-3/+3
|
* Link with openldap library only when WITH_LDAP knob is specifiedkuriyama2004-08-042-2/+6
| | | | explicitly.
* [MAINTAINER] security/clamsmtp: update to 0.5edwin2004-08-042-3/+3
| | | | | | | | | | | | | - I'm maintainer (with another email) - Update to 0.5 - C&P from ChnageLog - Announce ourselves as 'clamsmtp' in banner to prevent loop warnings - Fixed endless loop that occurred on failure to connect out - Added option for leaving all files in temp directory (debugging purposes) - Prints version number when run with -v PR: ports/69971 Submitted by: Cheng-Lung Sung <clsung@freebsd.csie.nctu.edu.tw>
* - Upgrade to 1.2.5.kuriyama2004-08-036-44/+18
| | | | - Remove unnecessary "@unexec rmdir"s for locales.
* Fix LIB_DEPENDSkrion2004-08-032-22/+14
| | | | | PR: ports/69926 Submitted by: Ports Fury
* Update to version 0.0.12krion2004-08-033-21/+8
| | | | | PR: ports/69925 Submitted by: Ports Fury
* GnuTLS certificate chain verification DoSeik2004-08-031-1/+3
|
* Update to 0.0.16krion2004-08-023-6/+9
|
* * lcrzoex tools was renamed to netwoxsem2004-08-011-1/+0
| | | | | | | | * update to 5.20.0 and move to net-mgmt category * new maintainer PR: ports/69609 Submitted by: Janos Mohacsi <janos.mohacsi@bsd.hu>
* * lcrzo library was renamed to netwibsem2004-08-011-1/+0
| | | | | | | | * update to 5.20.0 and move to net category * new maintainer PR: ports/69608 Submitted by: Janos Mohacsi <janos.mohacsi@bsd.hu>
* Correct a configure-misdetection which went unnoticed until now, but causeslofi2004-08-012-0/+8
| | | | breakage with gcc 3.4.
* phpMyAdmin configuration manipulation and code injectioneik2004-07-311-1/+2
|
* Security fix.clement2004-07-313-15/+5
| | | | | | | - Update to 0.43 This release fixes a DSS verification vulnerability. See: http://www.freebsd.org/ports/portaudit/0316f983-dfb6-11d8-9b0a-000347a4fa7d.html
* - fix spellingdinoex2004-07-311-3/+1
| | | | | PR: 69831 Submitted by: glewis
* Register a vulnerability in mail/imp3.thierry2004-07-311-0/+1
| | | | | This vulnerability only exists when using the Internet Explorer to access IMP and only when using the inline MIME viewer for HTML messages.
* Mozilla Firefox certificate spoofingeik2004-07-301-0/+1
|
* Mozilla / Firefox user interface spoofing vulnerabilityeik2004-07-301-0/+42
|
* DansGuardian banned extension filter bypass vulnerabilityeik2004-07-301-0/+1
|
generated by cgit (git 2.34.1) at 2025-02-27 15:01:30 +0800