diff options
| author | eik <eik@FreeBSD.org> | 2004-02-19 10:19:33 +0800 |
|---|---|---|
| committer | eik <eik@FreeBSD.org> | 2004-02-19 10:19:33 +0800 |
| commit | cc07df308f5f0f9d2975ab026e1c4f178a040e7e (patch) | |
| tree | 8c74234fa89860e52c84c45aac1011714acb545f /ports-mgmt | |
| parent | 5b31a990cc10c1b4b03ab6921af6406a61c6d8e1 (diff) | |
| download | freebsd-ports-graphics-cc07df308f5f0f9d2975ab026e1c4f178a040e7e.tar.gz freebsd-ports-graphics-cc07df308f5f0f9d2975ab026e1c4f178a040e7e.tar.zst freebsd-ports-graphics-cc07df308f5f0f9d2975ab026e1c4f178a040e7e.zip | |
Disable auditfile.txt until we decide on a database format,
two databases cause more confusion than it is worth.
portaudit uses ports/security/vuxml/vuln.xml in the meantime,
please commit your changes there and send feedback wich format
you prefer.
Currently we have to migrate gnats, mailman, monkey and some
apache versions.
Diffstat (limited to 'ports-mgmt')
| -rw-r--r-- | ports-mgmt/portaudit/database/auditfile.txt | 53 |
1 files changed, 0 insertions, 53 deletions
diff --git a/ports-mgmt/portaudit/database/auditfile.txt b/ports-mgmt/portaudit/database/auditfile.txt deleted file mode 100644 index d3e1c987c5a..00000000000 --- a/ports-mgmt/portaudit/database/auditfile.txt +++ /dev/null @@ -1,53 +0,0 @@ -# -# auditfile.txt - FreeBSD ports vulnerabilities database -# -# $FreeBSD$ -# -# MAINTAINER=ports@FreeBSD.org -# -# Each entry consists of a single line containing the following three -# fields in the order named, separated with the pipe (`|') character: -# -# Package: A pattern that matches the name of the vulnurable -# package, see `man -M /usr/local/man pkg_info'. -# Reference: An URL where an advisory can be found -# Reason: The type of vulnurability found -# -# Keep this list sorted in the chronological order. New entries must -# be added at the end, old entries shouldn't be removed; this should -# document *all* known package vulnerabilities. -# -# This file does not have any designated maintainer, so feel free to -# commit to it yourself. However, it is generally a good idea to -# notify the maintainer of the affected package(s) -# - -gnupg>1.0.2<1.2.3_4|http://lists.gnupg.org/pipermail/gnupg-devel/2003-November/020570.html|ElGamal signing keys compromised -rsync<2.5.7|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0962|Buffer overflow in server -gaim<0.75_6|http://security.e-matters.de/advisories/012004.txt|12 vulnerabilities that allow remote compromise -proftpd<1.2.8_1|http://xforce.iss.net/xforce/alerts/id/154|ProFTPD ASCII File Remote Compromise Vulnerability -inn>=2.4<2.4.1|http://lists.litech.org/pipermail/inn-workers/2004q1/002763.html|Buffer overflow in control message handling -inn-stable>=2.4<20031022_1|http://lists.litech.org/pipermail/inn-workers/2004q1/002763.html|Buffer overflow in control message handling -apache>=2.0.35<2.0.48|http://www.apacheweek.com/features/security-20|Multiple security vulnerabilities -apache>=1.3<1.3.29|http://www.apacheweek.com/features/security-13|Multiple security vulnerabilities -apache+mod_ssl>=1.3<1.3.29|http://www.apacheweek.com/features/security-13|Multiple security vulnerabilities -apache+ipv6>=1.3<1.3.29|http://www.apacheweek.com/features/security-13|Multiple security vulnerabilities -ru-apache>=1.3<1.3.29|http://www.apacheweek.com/features/security-13|Multiple security vulnerabilities -ru-apache+mod_ssl>=1.3<1.3.29|http://www.apacheweek.com/features/security-13|Multiple security vulnerabilities -clamav<0.65_7|http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/62586|remote exploitable DOS vulnerability -apache+ssl>=1.3<1.3.29.1.53|http://www.apache-ssl.org/advisory-20040206.txt|optional client certificate vulnerability -monkey<0.8.2|http://monkeyd.sourceforge.net/|DoS bug caused by get_real_string() -mutt<1.4.2|http://www.securityfocus.com/archive/1/353428/2004-02-08/2004-02-14/0|buffer overflow that can be triggered by incoming messages -fspd<=2.8.1.3|http://fsp.sourceforge.net/|buffer overflow (CAN-2004-0011) and directory traversal (CAN-2003-1022) bugs -libtool>=1.3<1.3.5_2|http://www.securityfocus.com/archive/1/352519|symlink vulnerability -libtool>=1.4<1.4.3_3|http://www.securityfocus.com/archive/1/352519|symlink vulnerability -libtool>=1.5<1.5.2|http://www.securityfocus.com/archive/1/352333|symlink vulnerability -gnats<=3.113.1_9|http://www.securityfocus.com/archive/1/326337|Local privilege elevation -XFree86-Server>=4.1.0<4.3.0_14|http://www.xfree86.org/security/|Font file buffer overflows -XFree86-Server>=4.3.99<4.3.99.15_2|http://www.xfree86.org/security/|Font file buffer overflows -mailman<2.1.4|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0965|Cross-site scripting (XSS) vulnerability -bind<8.3.7|http://www.kb.cert.org/vuls/id/734644|negative cache poisoning -pine<4.58|http://www.idefense.com/application/poi/display?id=5&type=vulnerabilities|remote exploitable buffer overflow -zh-pine<4.58|http://www.idefense.com/application/poi/display?id=5&type=vulnerabilities|remote exploitable buffer overflow -iw-pine<4.58|http://www.idefense.com/application/poi/display?id=5&type=vulnerabilities|remote exploitable buffer overflow -samba>=3.0<3.0.1_2,1|http://www.samba.org/samba/whatsnew/samba-3.0.2.html|password initialization bug |