aboutsummaryrefslogtreecommitdiffstats
path: root/security
Commit message (Expand)AuthorAgeFilesLines
* Document NSS SSLv2 server buffer overflow (already referenced innectar2004-08-272-1/+37
* Document ripMIME decoding bug (already referenced in portaudit.txt).nectar2004-08-272-2/+38
* Update to 0.41mat2004-08-273-5/+6
* Argh. Duplicate entry for "Scorched 3D server chat box format string vulnerab...eik2004-08-271-2/+1
* Mozilla / NSS S/MIME DoS vulnerability & Scorched 3D server chat box format s...eik2004-08-271-0/+2
* Remove <modified/> from the gnomevfs vulnerability since it was the samemarcus2004-08-271-1/+0
* Update the gnomevfs entry to reflect the fixed versions.marcus2004-08-271-2/+3
* Add entry for moinmoin ACL bypass.trhodes2004-08-271-0/+28
* Note sanitize_path bug in rsync (already referenced in portaudit.txt).nectar2004-08-272-1/+32
* Unsafe URI handling in gnome-vfs, MidnightCommander.nectar2004-08-271-0/+38
* Document buffer overflows in SoX (already referenced in portaudit.txt).nectar2004-08-272-1/+30
* Document cookie bug in Konqueror (already referenced in portaudit.txt).nectar2004-08-272-1/+45
* Update to 2.1.1sem2004-08-274-17/+26
* The tarball was rerolled because of security fix.sem2004-08-271-2/+2
* - Update to 0.6.6pav2004-08-272-4/+4
* Add missed file in pkg-plistsem2004-08-271-0/+1
* Update to 2.1.2sem2004-08-2710-15/+728
* support building nmap-3.59a5 WITH_PRERELEASE=yeseik2004-08-262-0/+6
* - Update to 1.4.0clsung2004-08-265-31/+60
* I forgot to change filename, which md5 info is correct for 0.6.clsung2004-08-261-2/+2
* Update to DAT 4388jeh2004-08-262-3/+3
* Update to 20040825vs2004-08-262-3/+3
* - Fix "make validate" problem when textproc/xhtml-basic ishrs2004-08-254-9/+12
* Remove libxine issue which is now documented in the FreeBSD VuXMLnectar2004-08-251-1/+0
* update to 3.9.2. Fixes a remote exploitable buffer overflow:eik2004-08-253-5/+4
* nss library SSL remote buffer overfloweik2004-08-251-0/+1
* multiple buffer overflows in xveik2004-08-251-2/+3
* - update to 0.6clsung2004-08-252-3/+3
* - Removed now-unneeded patchsergei2004-08-241-11/+0
* - Update to 1.0sergei2004-08-242-10/+10
* Konqueror cross-domain cookie injectioneik2004-08-241-0/+1
* handle some duplicateseik2004-08-243-2/+71
* Place port name in the description.trhodes2004-08-241-1/+2
* fix "too many open files" error when using the -r flageik2004-08-242-2/+2
* Add libxine vcd URL handling issue.nectar2004-08-241-0/+39
* Add DoS in SpamAssassin.nectar2004-08-231-0/+30
* Add <modified> date for previous commit.nectar2004-08-231-0/+1
* fidogate-ds was also affected by the ``write files as `news' user''nectar2004-08-231-0/+4
* Off-by-one error in courier-imap entry.nectar2004-08-231-1/+1
* Add a more useful reference for the Qt issue.nectar2004-08-231-0/+1
* Add Qt heap overflow issue.nectar2004-08-231-0/+31
* Add a security issue affected courier-imap when run with certain debugnectar2004-08-231-0/+26
* Add fidogate issue.nectar2004-08-231-0/+26
* Add an issue covering a vulnerability in mysqlhotcopy.nectar2004-08-231-0/+32
* Cancel a VuXML entry for an Apache vulnerability that does not affectnectar2004-08-231-42/+1
* Fix CC, CFLAGSarved2004-08-231-0/+1
* Revert previous commit, I lost the race with arved who fixed the port.kris2004-08-221-6/+1
* that should fix the build on freebsd-6oliver2004-08-221-1/+19
* Fix the WITHOUT_ knobs to be compliant with the GNOME frameworksem2004-08-212-12/+10
* a2ps: Possible execution of shell commands as local user.eik2004-08-211-1/+2
* Delete files forgotten in last repocopyeik2004-08-219-152/+0
* cancelled 6fd9a1e9-efd3-11d8-9837-000c41e2cdad: does not affect FreeBSDeik2004-08-211-27/+1
* BROKEN on 5.x: Does not compile with gcc 3.4.2kris2004-08-211-1/+6
* Fix build with gcc 3.4arved2004-08-211-2/+10
* Update to 1.1.6sem2004-08-202-3/+3
* correct topic of eda0ade6-f281-11d8-81b0-000347a4fa7deik2004-08-201-1/+1
* QT 3.x BMP (and possibly other graphics formats) heap-based overfloweik2004-08-201-0/+1
* Update to 1.6.8mharo2004-08-204-21/+9
* My territory, suggested by ijliao. :pclsung2004-08-203-3/+3
* Add revelation, a password manager for the GNOME 2 desktop. It stores allmarcus2004-08-205-0/+123
* Update to 1.25mat2004-08-193-29/+67
* potential security flaws in mod_ssleik2004-08-191-4/+6
* Update to DAT 4387jeh2004-08-192-3/+3
* patch-kmpstat.c is not necessary anymore.sumikawa2004-08-192-28/+0
* - update to 3.9p1dinoex2004-08-1812-126/+92
* Update to 1.27krion2004-08-182-3/+3
* Upgrade to 20040818a.sumikawa2004-08-184-6/+6
* Add a pointer to Przemyslaw Frasunek's advisory.nectar2004-08-181-0/+1
* For the lukemftpd/tnftpd issue, add a reference to NetBSD securitynectar2004-08-181-0/+1
* Note a vulnerability in lukemftpd/tnftpd.nectar2004-08-181-0/+47
* Don't require a particular version of libexpat. Use sh(1)'s `echo *'mi2004-08-182-3/+3
* multiple CVS vulnerabilitieseik2004-08-171-0/+51
* move a800386e-ef7e-11d8-81b0-000347a4fa7d to xmleik2004-08-173-9/+36
* Correct the version numbers and dates in the last entry.knu2004-08-171-4/+4
* Add an entry for:knu2004-08-171-0/+30
* Document a setgid "games" security issue in xonix. Based on a VuXMLnectar2004-08-171-0/+30
* - Fix build with gcc 3.4pav2004-08-172-5/+14
* Update to 2.29.marcus2004-08-176-8/+10
* Upgrade to 2.1.0.vanilla2004-08-176-47/+51
* ruby CGI::Session insecure file creationeik2004-08-161-1/+2
* Update to 1.0mat2004-08-163-6/+6
* Update to DAT 4386jeh2004-08-162-3/+3
* The distfile is now fetchable again, so rescue this port from death row.kris2004-08-161-4/+0
* Don't check the base system when PACKAGE_BUILDINGeik2004-08-161-0/+2
* BROKEN: Unfetchablekris2004-08-161-0/+2
* multiple phpGroupWare vulnerabilitieseik2004-08-161-0/+2
* phpGedView, jftpgweik2004-08-163-0/+29
* Correct the version number range affected for ja-samba.nectar2004-08-151-4/+4
* Fix build with gcc 3.4arved2004-08-151-0/+10
* Correct the version number range affected for Mozilla 1.8 alphas.nectar2004-08-151-4/+13
* Remove -a from the default fetch(1) flags, so that the daily securityeik2004-08-152-2/+2
* Update to 0.6perky2004-08-153-3/+6
* take care of $PREFIX/libdata/pkgconfigoliver2004-08-151-0/+1
* Fix build with gcc-3.4krion2004-08-152-0/+28
* Fix plist.krion2004-08-152-3/+3
* Fix plist.krion2004-08-151-2/+3
* Fix plist.krion2004-08-153-0/+6
* Fix build with gcc 3.4arved2004-08-141-0/+28
* Format string vulnerability in jftpgw.trhodes2004-08-141-0/+28
* apply xlist not to the own fileseik2004-08-142-10/+15
* fix man page nits,eik2004-08-143-36/+61
* Fix RUN_DEPENDSkrion2004-08-141-1/+1
* fix some vuxml duplicates, add sympa unauthorized list creationeik2004-08-143-8/+680
* Change MAINTAINER to perl@.nork2004-08-138-8/+8
* - Add WITHOUT_NESSUS_GTK knob.vs2004-08-138-40/+88
* - Add WITHOUT_NESSUS_GTK knob.vs2004-08-138-40/+88
* Repair broken URL.nectar2004-08-131-1/+1
* Add another entry for kdelibs3 due to another missed patch.lofi2004-08-131-0/+1
* Correct entries for recent kde vuln's and add new entry for kdelibslofi2004-08-131-1/+3
* Add two issues covering three KDE advisories: two temporary filenectar2004-08-131-0/+67
* The last commit should have changed the comparison tag from <le> to <lt>.marcus2004-08-131-1/+1
* Update Gaim vulnerability (5b8f9a02-ec93-11d8-b913-000c41e2cdad) to indicatemarcus2004-08-131-1/+2
* The MSN component of Gaim contains remotely exploitable buffernectar2004-08-131-0/+25
* The Adobe Acrobat Reader can be coerced into executing arbitrarynectar2004-08-131-0/+36
* Under certain configurations of POPfile may allow an attacker tonectar2004-08-131-0/+25
* Correct version information syntax in a number of entries. VuXML-usingnectar2004-08-131-22/+40
* Doorman is a port knocking implementation which allows a server to runsem2004-08-136-0/+101
* give the ImageMagick png vulnerability an own entryeik2004-08-121-6/+28
* fix security hole in non-chroot rsync daemon.eik2004-08-121-0/+1
* 9fb5bb32-d6fa-11d8-b479-02e0185c0b53 is a duplicate of 40800696-c3b0-11d8-864...eik2004-08-122-2/+5
* - Update to 1.8.10bpav2004-08-122-48/+38
* f72ccf7c-e607-11d8-9b0a-000347a4fa7d is a duplicate of 6f955451-ba54-11d8-b88...eik2004-08-123-4/+13
* - Don't pretend we support anything older than perl 5.8.2. Support forsem2004-08-126-31/+30
* - Install additional documentationpav2004-08-122-7/+5
* Update to DAT 4385jeh2004-08-122-3/+3
* Upgrade to 3.1.1.kuriyama2004-08-123-7/+12
* Update to 0.21.nork2004-08-114-6/+5
* Update to 0.1.4krion2004-08-113-3/+19
* Update to 20040810vs2004-08-112-3/+3
* Factor out all but one of the build switches of the KDE main module portslofi2004-08-1111-350/+160
* add a reference for linux-png-1.0.x to 3a408f6f-9c52-11d8-9366-0020ed76ef5aeik2004-08-101-3/+4
* libine "vcd:" input source buffer overfloweik2004-08-101-0/+1
* Update to 0.6.5kevlo2004-08-102-3/+3
* Fix plist.kuriyama2004-08-102-1/+5
* SpamAssassin DoS & cfengine authentication heap corruptioneik2004-08-101-2/+4
* Update to DAT 4384jeh2004-08-102-3/+3
* add ImageMagick to the list of png-vulnerable portseik2004-08-091-1/+6
* Update to 0.98vs2004-08-094-45/+16
* - Update to 0.18vanilla2004-08-092-3/+3
* Add pft 1.2,krion2004-08-0922-0/+947
* Bump PORTREVISIONs to chase Gaim update.marcus2004-08-092-0/+2
* Update to version 0.0.17krion2004-08-092-4/+3
* Update to version 0.0.13krion2004-08-093-3/+7
* Upgrade to 1.1.4.thierry2004-08-095-48/+21
* respect CC/CFLAGS.sf2004-08-081-1/+5
* - Update to 0.75.1pav2004-08-082-3/+3
* CVStrac arbitrary remote code executioneik2004-08-071-1/+2
* correct typoeik2004-08-071-2/+2
* - Remove 2 patches no longer neededsergei2004-08-072-24/+0
* - Update to 2.5.5sergei2004-08-072-5/+5
* - Update to 0.2.10sergei2004-08-073-6/+8
* Add an entry for Thunderbird to the libpng vulnerability.marcus2004-08-071-0/+4
* - update to 2.0petef2004-08-063-9/+7
* fold entry 7eded4b8-e6fe-11d8-b12f-0a001f31891a into 2de14f7a-dad9-11d8-b59a-...eik2004-08-062-1/+4
* Update to 4.4.4vs2004-08-062-4/+4
* putty local command executiondinoex2004-08-061-0/+1
* Fix plist.lofi2004-08-061-2/+0
* move abe47a5a-e23c-11d8-9b0a-000347a4fa7d to vuxml, add mozilla to the list o...eik2004-08-062-1/+47
* o Security Update to 2.2.10-ja-1.0.nork2004-08-061-0/+1
* add Opera "location" object write access vulnerabilityeik2004-08-051-0/+1
* move f9e3e60b-e650-11d8-9b0a-000347a4fa7d to vuxml, add mozilla to the list o...eik2004-08-052-3/+93
* back out last commitdinoex2004-08-051-1/+0
* putty local command executiondinoex2004-08-051-0/+1
* - Upgrade to 0.3.5.kuriyama2004-08-054-23/+23
* Update to DAT 4383jeh2004-08-052-3/+3
* libPNG stack-based buffer overflow and other code concernseik2004-08-051-0/+3
* Update to 0.5.5lofi2004-08-043-11/+15
* Update to 1.9.10lofi2004-08-048-63/+23
* Update to 0.6.6lofi2004-08-045-33/+6
* Chase bumped libksba shared library versionlofi2004-08-042-2/+2
* Update to 0.9.7lofi2004-08-043-5/+5
* Acrobat Reader handling of malformed uuencoded pdf fileseik2004-08-041-0/+1
* Squid NTLM authentication helper overfloweik2004-08-041-0/+1
* ripMIME attachment extraction bypasseik2004-08-041-4/+5
* - Security update to 0.55dinoex2004-08-043-22/+22
* Update to 0.1.3krion2004-08-042-3/+3
* Link with openldap library only when WITH_LDAP knob is specifiedkuriyama2004-08-042-2/+6
* [MAINTAINER] security/clamsmtp: update to 0.5edwin2004-08-042-3/+3
* - Upgrade to 1.2.5.kuriyama2004-08-036-44/+18
* Fix LIB_DEPENDSkrion2004-08-032-22/+14
* Update to version 0.0.12krion2004-08-033-21/+8
* GnuTLS certificate chain verification DoSeik2004-08-031-1/+3
* Update to 0.0.16krion2004-08-023-6/+9
* * lcrzoex tools was renamed to netwoxsem2004-08-011-1/+0
* * lcrzo library was renamed to netwibsem2004-08-011-1/+0
* Correct a configure-misdetection which went unnoticed until now, but causeslofi2004-08-012-0/+8
* phpMyAdmin configuration manipulation and code injectioneik2004-07-311-1/+2
* Security fix.clement2004-07-313-15/+5
* - fix spellingdinoex2004-07-311-3/+1
* Register a vulnerability in mail/imp3.thierry2004-07-311-0/+1
* Mozilla Firefox certificate spoofingeik2004-07-301-0/+1
* Mozilla / Firefox user interface spoofing vulnerabilityeik2004-07-301-0/+42
* DansGuardian banned extension filter bypass vulnerabilityeik2004-07-301-0/+1
* Add clamsmtp 0.4, an ClamAV anti-virus SMTP Filter.vanilla2004-07-307-0/+115
* Remove pgp signature checking.lofi2004-07-302-22/+2
* Update to 1.26erwin2004-07-302-3/+3
* add a reference to the SoX buffer overflow entryeik2004-07-291-1/+1
* Update to 1.25erwin2004-07-292-3/+3
* SoX buffer overflows when handling .WAV fileseik2004-07-291-1/+2
* - Update to 0.75pav2004-07-292-4/+4
* Update to DAT 4382jeh2004-07-292-3/+3
* LCDProc buffer overflow/format string vulnerabilitieseik2004-07-281-0/+1
* . Add support for FreeBSD 4.10.glewis2004-07-281-0/+12
* Update to 20040727krion2004-07-282-4/+5
* Add p5-Crypt-SmbHash 0.02, Perl module implementing lanman and nt md4mat2004-07-275-0/+37
* Use &amp; instead of naked &.des2004-07-271-1/+1
* Add CVE name and correct URL to iDEFENSE advisory for the SSLtelnet issue.des2004-07-271-1/+2
* pavuk digest auth buffer overfloweik2004-07-271-0/+1
* add Nessus "adduser" race condition and Dropbear DSS verification bugeik2004-07-271-2/+5
* Mark BROKEN: Runtime breakage exists.krion2004-07-271-0/+2
* Update to DAT 4381jeh2004-07-272-3/+3
* Remove references to mirror.ac.ukvs2004-07-261-2/+1
* Fix LDAP detection. For everybody who has a the defaultadamw2004-07-262-2/+2
* Add manipulate_data, a set of tools to search data on a harddrive/partition/f...pav2004-07-267-0/+68
* - Update to 1.1.3pav2004-07-267-26/+144
* - Update to 4.4.3pav2004-07-262-3/+3
* - Update to 20040725pav2004-07-262-3/+3
* -Update to 2.0.12.mezz2004-07-2510-47/+1575
* New option -r: restrict listed entries to selected references.eik2004-07-243-4/+25
* -Update to 2.1.1.mezz2004-07-249-15/+1038
* - Add the X_WINDOW_SYSTEM={xorg,xfree86-4,xfree86-3} variable to bsd.port.mk,anholt2004-07-241-4/+2
* Update to 0.6.4arved2004-07-244-8/+7
* Update to 4.31vs2004-07-235-59/+42
* - add some referenceseik2004-07-231-7/+20
* l2tpd BSS-based buffer overfloweik2004-07-231-0/+1
* Fix an XML tag.trhodes2004-07-221-1/+1
* Mark the 2.2.x series of Samba as vulnerable.trhodes2004-07-221-2/+5
* Recently announced Samba issue.trhodes2004-07-221-0/+26
* phpBB cross site scripting vulnerabilitieseik2004-07-221-0/+1
* Update to DAT 4380jeh2004-07-222-3/+3
* Fix building (well, make install) since a dependency didn't makeedwin2004-07-211-0/+1
* add subversion-perl, subversion-pythoneik2004-07-201-0/+1
* Fix WWW-tagvs2004-07-201-1/+1
* Revert to honoring PREFIX. No revision bump, cause it will be picked upjeh2004-07-201-1/+1
* subversion access control bypasseik2004-07-201-0/+1
* Undo yesterdays change after sysutils/porttools suddenly failed.edwin2004-07-203-7/+5
* Update to 2.28.marcus2004-07-206-10/+30
* Update to DAT 4379jeh2004-07-202-3/+3
* Fix to use update.ini, since readme.txt no longer has version information.jeh2004-07-201-2/+2
* Update to 20040719:vs2004-07-202-3/+3
* Add a new shared extension for PHP.ale2004-07-193-0/+29
* Add a new shared extension for PHP.ale2004-07-192-0/+15
* Add a new shared extension for PHP.ale2004-07-191-0/+1
* Add a new shared extension for PHP.ale2004-07-193-0/+29
* Add a new shared extension for PHP.ale2004-07-192-0/+15
* Add a new shared extension for PHP.ale2004-07-192-0/+15
* Add a new shared extension for PHP.ale2004-07-191-0/+1
* [PATCH] security/sudo: Utilize EXAMPLESDIRedwin2004-07-193-5/+7
* New port: devel/slb_rf60edwin2004-07-197-0/+107
* - update MASTER_SITESdinoex2004-07-191-2/+2