aboutsummaryrefslogtreecommitdiffstats
path: root/security
Commit message (Expand)AuthorAgeFilesLines
* - Security Update to 0.56Dirk Meyer2004-10-282-3/+3
* Document rssh format string vulnerability.Josef El-Rayes2004-10-281-0/+26
* - Update to 0.23Pav Lucistnik2004-10-283-10/+10
* Update to DAT 4401James E. Housley2004-10-282-3/+3
* Remove a DAT file that didn't completely download because it is not usefulJames E. Housley2004-10-281-11/+11
* Fix build on 4-stableVanilla I. Shu2004-10-2718-3/+165
* Fix build on 4-stable.Vanilla I. Shu2004-10-276-3/+42
* Create a VuXML entry for Horde XSS help window vulnerability to replaceJacques Vidrine2004-10-272-1/+28
* - update to 1.0Cheng-Lung Sung2004-10-272-4/+4
* - Bugfix update to 0.9.7eDirk Meyer2004-10-276-59/+49
* Add an entry for a vulnerability fixed in horde-2.2.7.Thierry Thomas2004-10-271-0/+1
* Chase libraries for new devel/libidn version.Kirill Ponomarev2004-10-262-2/+4
* Document a denial-of-service issue in bogofilter.Jacques Vidrine2004-10-261-0/+33
* Fix integer overflow vulnerabilities.Norikatsu Shigemura2004-10-261-1/+4
* Document xpdf 2 and xpdf 3 vulnerabilities.Jacques Vidrine2004-10-261-0/+38
* Document several security issues in gaim, fixed in various versions fromJacques Vidrine2004-10-261-5/+222
* Note that the Red Hat based linux_base ports containJacques Vidrine2004-10-261-1/+2
* Braino: install the file with correct name.Dag-Erling Smørgrav2004-10-251-1/+4
* Clean up time for email addresses MIA!Edwin Groothuis2004-10-251-1/+1
* Add Auth_HTTP 2.0 from PEAR.Dag-Erling Smørgrav2004-10-254-0/+32
* Update to 2.1.20.Hajimu UMEMOTO2004-10-256-98/+91
* Document SSL_Cypherbypass vulnerability in mod_sslJosef El-Rayes2004-10-251-0/+71
* Add entries for vulnerabilites in imported xpdf code in kdegraphicsMichael Nottebrock2004-10-241-0/+2
* fix unprev. IPv6 for FreeBSD 4Oliver Lehmann2004-10-242-3/+216
* - fix building problem and unbreak this portYen-Ming Lee2004-10-244-23/+27
* - Document more buffer overflows in mpg123.Simon L. B. Nielsen2004-10-241-0/+37
* I suck. (Correct a typo that would have been readily detected ifJacques Vidrine2004-10-221-1/+1
* Add CVE name for cabextract issue.Jacques Vidrine2004-10-221-0/+2
* Fix a copy/paste typo in last commit.Simon L. B. Nielsen2004-10-221-1/+1
* Document DoS in Apache 2 SSL handling.Simon L. B. Nielsen2004-10-221-0/+37
* Mark deprecated due to no maintainer and unpatched denial-of-serviceJacques Vidrine2004-10-221-0/+3
* Note that xpm has been fixed.Jacques Vidrine2004-10-221-2/+8
* - bump PORTREVISION after update dependency.Yen-Ming Lee2004-10-211-0/+1
* add procmail into dependency list.Yen-Ming Lee2004-10-211-1/+2
* - Fix OPTIONS handlingPav Lucistnik2004-10-211-2/+2
* Update entry regarding INN 2.4.x buffer overflow:Jacques Vidrine2004-10-211-2/+3
* Document remote command execution vulnerability in phpMyAdmin.Simon L. B. Nielsen2004-10-211-0/+32
* - don't delete the virus database on deinstallDirk Meyer2004-10-211-2/+2
* Update 1.3.4 --> 1.3.5Cy Schubert2004-10-2120-196/+16
* Document insecure directory handling in cabextract.Simon L. B. Nielsen2004-10-211-0/+24
* - Update to 1.1 (final). For changes since 1.1-beta see the ChangeLogMarius Strobl2004-10-219-119/+159
* Chase the Gaim 1.0.2 upgrade.Joe Marcus Clarke2004-10-212-2/+2
* Update to DAT 4400James E. Housley2004-10-212-3/+3
* Base if the last update was successful on the dontents of file_id.diz,James E. Housley2004-10-211-2/+2
* Fix code so it is favored by both GCCs (2.x and 3.x), and unbreak the build.Alexey Dokuchaev2004-10-2012-4/+454
* - Update to 0.0.14Pav Lucistnik2004-10-202-3/+3
* - Update to 0.0.18Pav Lucistnik2004-10-203-8/+23
* - Update to 20041019Sergei Kolobov2004-10-202-3/+3
* Set correct entry date for the a2ps issue.Simon L. B. Nielsen2004-10-201-1/+1
* Document insecure command line argument handling in a2ps.Simon L. B. Nielsen2004-10-201-0/+41
* Document a vulnerability in ifmail. (There does not existJacques Vidrine2004-10-201-0/+25
* - update to version 3.75Oliver Eikemeier2004-10-205-22/+7
* Document a vulnerability in imwheel.Jacques Vidrine2004-10-191-0/+35
* Add CVE names for FreeRADIUS vulnerabilities.Jacques Vidrine2004-10-191-1/+6
* Updated to 0.7aSergey Skvortsov2004-10-194-7/+7
* Document NTLM authentication vulnerability in squidJosef El-Rayes2004-10-191-0/+26
* Document a SQL command injection in Cacti.Simon L. B. Nielsen2004-10-191-0/+26
* - update to 0.80 releaseOliver Eikemeier2004-10-182-3/+3
* Document a format string vulnerability in the apache13 mod_ssl proxySimon L. B. Nielsen2004-10-181-0/+46
* - Change a few uses of <url> into <mlist>.Simon L. B. Nielsen2004-10-171-3/+3
* - Quick update to 0.0.8.1, bugfix release, because 0.0.8 was removedPav Lucistnik2004-10-174-6/+6
* - Update to 1.8.12 and unbreak on 5.xPav Lucistnik2004-10-162-8/+4
* Add clamassassinYen-Ming Lee2004-10-164-0/+46
* - Document remote DoS and loss of anonymity in Tor.Simon L. B. Nielsen2004-10-161-1/+35
* [1]:Oliver Lehmann2004-10-167-234/+154
* Update to 2.4.2.1Kirill Ponomarev2004-10-162-3/+3
* Kill off automake18, switching to automake19. Requiem Mors Pacem.Ade Lovett2004-10-161-1/+2
* - Don't clobber portsentry.ignore on upgradePav Lucistnik2004-10-162-2/+4
* - pwauth must have a SUID bitClement Laforet2004-10-151-0/+1
* - Reduce dependency with perl-5.8.Jun Kuriyama2004-10-151-6/+11
* -Update to 2.1.3.Jeremy Messenger2004-10-1512-12/+565
* Update to 0.3.4.Joe Marcus Clarke2004-10-152-3/+3
* lesstif has been upgraded to a version that is not affected by theJacques Vidrine2004-10-151-1/+1
* Recommit my changes from 1.298 which was accidently removed in 1.299.Simon L. B. Nielsen2004-10-151-2/+3
* Document two seperate security vulnerabilities inJosef El-Rayes2004-10-151-3/+52
* Change the Xerces-C++ entry to match the xerces-c2 port.Simon L. B. Nielsen2004-10-151-2/+3
* Update to DAT 4399James E. Housley2004-10-152-3/+3
* - bump PORTREVISIONCheng-Lung Sung2004-10-142-1/+2
* - update to 0.80rc4Oliver Eikemeier2004-10-1411-147/+121
* Add security/pwauth 2.2.8,Clement Laforet2004-10-147-0/+105
* Upgrade to 2.1.2.Vanilla I. Shu2004-10-143-15/+6
* Upgrade to 2.0.2Vanilla I. Shu2004-10-149-801/+144
* Upgrade to 2.0.2.Vanilla I. Shu2004-10-149-381/+351
* - drop maintainershipDirk Meyer2004-10-143-3/+3
* - add a line why this port existDirk Meyer2004-10-142-1/+3
* - update to 0.9.6Cheng-Lung Sung2004-10-145-26/+24
* Document vulnerability in freeradius.Josef El-Rayes2004-10-141-0/+26
* - Document DoS in Xerces-C++.Simon L. B. Nielsen2004-10-141-1/+31
* It turns out that lesstif has libXpm sneakily embedded. There are atJacques Vidrine2004-10-141-1/+5
* Document XSS in wordpress.Simon L. B. Nielsen2004-10-141-0/+24
* Document integer overflows in libtiff.Jacques Vidrine2004-10-141-0/+25
* - Document a CUPS local information disclosure.Simon L. B. Nielsen2004-10-141-0/+32
* Document a vulnerability in Zinf (freeamp).Josef El-Rayes2004-10-141-0/+27
* Update to DAT 4398James E. Housley2004-10-142-3/+3
* - Update to 20041012Pav Lucistnik2004-10-142-3/+3
* - Update to 4.4.7Pav Lucistnik2004-10-142-3/+3
* Document libtiff RLE decoder issues.Jacques Vidrine2004-10-141-0/+26
* Update to 1.33Kirill Ponomarev2004-10-132-3/+3
* - update to version 3.71-PRE1Oliver Eikemeier2004-10-132-8/+15
* Update to version 1.5Markus Brueffer2004-10-132-5/+5
* The sharutils buffer overflows has been fixed in sharutils 4.2.1_2.Simon L. B. Nielsen2004-10-131-1/+1
* - Update to 1.0.21Sergei Kolobov2004-10-132-9/+17
* Use libtool 15Tilman Keskinoz2004-10-131-1/+1
* Adjust patch.Michael Nottebrock2004-10-131-3/+3
* Update: security/samhain 1.8.10b -> 1.8.11Edwin Groothuis2004-10-132-8/+8
* - add USE_GCC=2.95 and unbreak this portYen-Ming Lee2004-10-131-4/+4
* Document a vulnerability in sharutils.Simon L. B. Nielsen2004-10-131-0/+31
* Document 2 DoS attacks possible againstJosef El-Rayes2004-10-131-0/+27
* - Update to 1.1.3Yen-Ming Lee2004-10-134-15/+11
* ale@ reports that the only ports affected are php[45], php[45]-cgi,Jacques Vidrine2004-10-121-124/+2
* Note squid SNMP DoS. Based on an entry that wasJacques Vidrine2004-10-121-0/+32
* add WITH_AUTHDAEMON option to allow use of courier authdaemond.Hajimu UMEMOTO2004-10-121-0/+4
* Update to version 0.3.6Kirill Ponomarev2004-10-124-22/+5
* Update to 4397James E. Housley2004-10-122-3/+3
* Update to 1.4Mathieu Arnold2004-10-122-3/+12
* Update to 1.1.8.Mark Linimon2004-10-122-3/+3
* - Upgrade to 2.2.0 [1]Sergei Kolobov2004-10-124-44/+45
* - Explicitly specify prefix for iconv and gettext librariesSergei Kolobov2004-10-122-3/+11
* Update to 1.1.7.Mark Linimon2004-10-122-3/+3
* Add an entry for a XSS vulnerability fixed in IMP-3.2.6.Thierry Thomas2004-10-121-0/+1
* - new option WITH_OPENSSH_CHROOTDirk Meyer2004-10-124-48/+124
* - cleanup patchesDirk Meyer2004-10-1210-42/+42
* - add patch to support AES-192-CBC and AES-256-CBCDirk Meyer2004-10-121-0/+210
* [MAINTAINER UPDATE] security/freebsd-updateEdwin Groothuis2004-10-122-0/+12
* The documented xv vulnerabilities were fixed by dinoex@Jacques Vidrine2004-10-121-1/+2
* Note that the image decoding vulnerabilities in gdk-pixbuf have beenJacques Vidrine2004-10-121-2/+5
* Document older cyrus-sasl bug affecting DIGEST-MD5.Jacques Vidrine2004-10-121-0/+23
* Update the description of and list of packages affected by the PHP fileJacques Vidrine2004-10-121-14/+134
* Update to 0.5.6Michael Nottebrock2004-10-122-3/+3
* Update to 1.9.11Michael Nottebrock2004-10-123-4/+4
* Update to 0.9.9Michael Nottebrock2004-10-122-3/+3
* Update to 0.6.7Michael Nottebrock2004-10-122-3/+3
* Update to 2.31.Joe Marcus Clarke2004-10-126-6/+18
* - Update to 0.0.8Pav Lucistnik2004-10-126-14/+16
* - Update to 2.0Pav Lucistnik2004-10-124-5/+36
* - Update to 1.34Pav Lucistnik2004-10-122-8/+6
* - Update to 2.4.0Pav Lucistnik2004-10-122-3/+3
* Fix build with bind9 in the base system.Joe Marcus Clarke2004-10-111-3/+8
* Fix build on ia64Kirill Ponomarev2004-10-101-3/+8
* fix http://vuxml.freebsd.org/92268205-1947-11d9-bc4a-000c41e2cdad.htmlHajimu UMEMOTO2004-10-092-1/+17
* Document unsafe use of environmental variable SASL_PATH in cyrus-sasl.Jacques Vidrine2004-10-091-0/+31
* Mark IGNORE because the package somehow includes a dangling symlink, i.e.Kris Kennaway2004-10-071-0/+2
* Fix the code so GCC 3.4.2 likes it better, and unbreak.Alexey Dokuchaev2004-10-062-7/+10
* Add some more apache ports.Tom Rhodes2004-10-061-2/+14
* Add imp3 issue, add apache13-ssl issue, correct a tag.Tom Rhodes2004-10-061-2/+31
* Note that older packages of bmon were dangerously installed set-user-ID.Jacques Vidrine2004-10-051-0/+25
* Document GnuTLS denial-of-service (already mentioned in portaudit'sJacques Vidrine2004-10-051-0/+39
* Record another PHP vulnerability.Jacques Vidrine2004-10-051-0/+45
* Record another PHP security issue.Jacques Vidrine2004-10-051-1/+50
* Note that xv should not be used.Jacques Vidrine2004-10-051-0/+40
* Note a symlink vulnerability in getmail.Jacques Vidrine2004-10-051-0/+28
* Fill in empty topic from previous commit.Jacques Vidrine2004-10-051-1/+1
* Record FreeBSD-SA-04:15.syscons.Jacques Vidrine2004-10-051-0/+38
* Add missing PORTEPOCH for samba.Jacques Vidrine2004-10-041-1/+1
* Note racoon certificate verification bug.Jacques Vidrine2004-10-041-0/+26
* Note distcc IP address ACL bug.Jacques Vidrine2004-10-031-1/+27
* Remove a duplicate entry.Jacques Vidrine2004-10-031-56/+5
* Correct the version number for latest Mozilla entry.Jacques Vidrine2004-10-011-4/+4
* Document the last few of the relatively recent Mozilla vulnerabilities.Jacques Vidrine2004-10-011-0/+110
* Correct mangled CVE name: s/8983/0903/Jacques Vidrine2004-10-011-1/+2
* Add another two older vulnerabilities affecting Mozilla & co.Jacques Vidrine2004-10-011-8/+161
* Don't forget `ja-samba' also.Jacques Vidrine2004-10-011-0/+1
* Note samba file disclosure vulnerability.Jacques Vidrine2004-10-011-0/+31
* Increase USE_GCC to 3.4 for those ports which compile with it.Kris Kennaway2004-09-302-2/+2
* Fix apache version number entry, bump modified date for apache as well.Tom Rhodes2004-09-301-2/+2
* BROKEN on 5.x: Does not compileKris Kennaway2004-09-291-0/+4
* BROKEN on 5.x: Does not compileKris Kennaway2004-09-291-1/+7
* Make an initial attempt at covering all Mozilla/Firefox/ThunderbirdJacques Vidrine2004-09-291-9/+36
* Correct spelling of phpnuke package name.Jacques Vidrine2004-09-281-1/+2
* Note BMP decoder flaws in Mozilla/Firefox/Thunderbird.Jacques Vidrine2004-09-281-0/+48
* Note stack buffer overflow in Mozilla mail.Jacques Vidrine2004-09-281-1/+41
* Document Mozilla/Firefox/Thunderbird heap buffer overflows.Jacques Vidrine2004-09-281-0/+57
* Correct the package name for phpMyAdmin.Jacques Vidrine2004-09-281-1/+2
* Correct another typo. :-(Kris Kennaway2004-09-281-1/+1
* Correct typo in previousKris Kennaway2004-09-281-1/+1
* Now builds on amd64Kris Kennaway2004-09-281-2/+2
* Add CERT Vulnerability Note references to xpm entry.Jacques Vidrine2004-09-271-1/+3
* Note two older vulnerabilities in PHP.Jacques Vidrine2004-09-271-0/+111
* Note subversion information disclosure vulnerability.Jacques Vidrine2004-09-271-0/+36
* Add missing PORTEPOCH in a mozilla entry.Jacques Vidrine2004-09-271-3/+5
* BROKEN on 5.x: Does not compileKris Kennaway2004-09-264-1/+19
* BROKEN: Does not buildKris Kennaway2004-09-261-0/+2
* BROKEN on 5.x: Does not compileKris Kennaway2004-09-261-1/+7
* Forgot to add <modified> element for last commit.Jacques Vidrine2004-09-251-0/+1
* Add missing PORTEPOCH on one of the mozilla entries.Jacques Vidrine2004-09-251-1/+1
* Document vulnerabilities in lha.Jacques Vidrine2004-09-231-0/+41
* Lately it seems I like to use dashes in topics... but I should atJacques Vidrine2004-09-231-19/+19
* Document mysql buffer overflow.Jacques Vidrine2004-09-231-0/+27
* Update to pam_alreadyloggedin-0.3 to unbreak. There should be noBrian Feldman2004-09-232-12/+4
* Document Mozilla security icon spoofing vulnerability.Jacques Vidrine2004-09-231-0/+39
* Document Mozilla vulnerability involving NULL bytes in FTP URLs.Jacques Vidrine2004-09-231-1/+46
* Document Mozilla automatic file upload vulnerability.Jacques Vidrine2004-09-221-3/+28
* Document mozilla certificate import denial-of-service vulnerability.Jacques Vidrine2004-09-221-0/+48
* Note a file name disclosure issue in rssh.Jacques Vidrine2004-09-221-0/+38
* - replace "@dirrm ..." with "@unexec rmdir ..."Yen-Ming Lee2004-09-221-1/+1
* Add entry describe GNU Radius denial-of-service vulnerability.Jacques Vidrine2004-09-211-0/+36
* Add sudoedit vulnerability.Jacques Vidrine2004-09-211-0/+24
* In latest CVS entry, remove the reference to the exploit. It doesJacques Vidrine2004-09-201-1/+0
* Oh yeah, add affected FreeBSD versions for CVS issues.Jacques Vidrine2004-09-201-1536/+1534
* Update CVS entry with some details.Jacques Vidrine2004-09-201-13/+31
* Add an entry for the mod_proxy buffer overflow existant in apache13.Tom Rhodes2004-09-201-0/+25
* Update to 1.6.8p1Michael Haro2004-09-192-4/+4
* - unbreak this port on 5.xYen-Ming Lee2004-09-192-9/+27
* BROKEN on 5.x: Does not compileKris Kennaway2004-09-194-4/+28
* Note some fixes for XPM image decoding vulnerabilities.Jacques Vidrine2004-09-181-4/+16
* BROKEN on 5.x: Does not compileKris Kennaway2004-09-181-1/+7
* BROKEN: Broken pkg-plistKris Kennaway2004-09-181-0/+2
* Update to gdk-pixbuf vulnerability to reflect the fixed version of gtk20.Joe Marcus Clarke2004-09-171-1/+2
* Note that a patched version of webmin 1.150 is now available, thanksJacques Vidrine2004-09-161-2/+4
* Note gdk-pixbuf image decoding issues.Jacques Vidrine2004-09-161-0/+36
* clement@ has patched Apache 2.Jacques Vidrine2004-09-161-3/+3
* Note CUPS printer queue browser denial-of-service.Jacques Vidrine2004-09-161-0/+24
* Note Apache 2 IPv6 address parsing bug.Jacques Vidrine2004-09-151-0/+28
* Note new libXpm vulnerabilities.Jacques Vidrine2004-09-151-0/+46
* I appear to have deleted a line at the last minute. Restore it.Jacques Vidrine2004-09-151-0/+1
* Add mod_dav denial-of-service issue.Jacques Vidrine2004-09-151-0/+28
* Oops, forgot to note that the previous issue affects only the Apache 2.xJacques Vidrine2004-09-151-1/+1
* Add Apache 2 vulnerability concerning environmental variables inJacques Vidrine2004-09-151-0/+34
* Repair three <freebsdpr> elements. The content of these elementsJacques Vidrine2004-09-151-3/+3
* Note that some versions of OpenOffice have been corrected.Jacques Vidrine2004-09-151-1/+2
* Fix botched date entry and correct iDefense URL.Tom Rhodes2004-09-141-2/+2
* Really add Samba 3 vulnerability.Tom Rhodes2004-09-141-1/+26
* Correct version. Note my last commit here was for mpg123 instead ofTom Rhodes2004-09-141-1/+1
* - There is a WITHOUT_X11 version of ImageMagick that needs to beJacques Vidrine2004-09-141-2/+221
* Update for recent Samba3 vulnerabilities.Tom Rhodes2004-09-141-0/+27
* - Update to 1.0.20, fixing GnuTLS certificate chain verification DoSSergei Kolobov2004-09-103-6/+5
* Typo-fix in a commentChristian Brueffer2004-09-091-1/+1
* - star-devel: privilege escalationOliver Eikemeier2004-09-092-1/+7
* - XSS vulnerability in phpGroupWare wiki moduleOliver Eikemeier2004-09-072-8/+42
* managed to break this just in time for the ports freeze.Tilman Keskinoz2004-09-041-2/+0
* multiple vulnerabilities in LHAOliver Eikemeier2004-09-041-0/+36
* Nuke the gnupg sigchecking code. There are bugs and I don't have the timeTilman Keskinoz2004-09-042-16/+0
* grrrr... left the test case intactOliver Eikemeier2004-09-041-1/+1
* - update to version 0.5.9Oliver Eikemeier2004-09-043-14/+34
* - add some referencesOliver Eikemeier2004-09-043-8/+142
* Fix build when using ccacheOliver Eikemeier2004-09-041-1/+31
* Update to 3.23.0. This release of super fixes a potential root exploit:David E. O'Brien2004-09-044-17/+12
* Add CONFLICTS with openvpn-develVolker Stolz2004-09-043-0/+6
* - update to 0.19.Cheng-Lung Sung2004-09-032-3/+3
* Implement a "mgrate" facility that lets one migrate/overwrite the LDAPJoe Marcus Clarke2004-09-032-8/+59
* Fix the bus error on startup in -CURRENT and 5.x-BETA. It turns outPeter Pentchev2004-09-022-1/+32
* - Update to 20040826 snapshotVolker Stolz2004-09-024-93/+46
* Adjust the affected version for imlib now that the 2nd instance of BMPJacques Vidrine2004-09-021-1/+2
* - Update to 0.44Pav Lucistnik2004-09-022-5/+3
* Update to DAT 4389James E. Housley2004-09-022-4/+3
* Fix MIT krb5 Security Advisory 2004-002: double-free vulnerabilitiesCy Schubert2004-09-0212-4/+128
* The recent commit to the krb5 port brought the version to 1.3.4_1 butJacques Vidrine2004-09-021-1/+1
* Fix MITKRB5-SA-2004-003: ASN.1 decoder denial-of-service.Cy Schubert2004-09-018-0/+56
* - update to 0.7Cheng-Lung Sung2004-09-012-3/+3
* Note recent MIT Kerberos 5 vulnerabilities.Jacques Vidrine2004-09-011-0/+74
generated by cgit (git 2.34.1) at 2025-02-24 08:34:13 +0800