aboutsummaryrefslogtreecommitdiffstats
path: root/security
Commit message (Collapse)AuthorAgeFilesLines
* - Update to 0.0.8pav2004-10-126-14/+16
| | | | | PR: ports/72086 Submitted by: rik <freebsd-security@rikrose.net> (maintainer)
* - Update to 2.0pav2004-10-124-5/+36
| | | | | | | - Add gmp dependency on FreeBSD 5.x PR: ports/72172 Submitted by: Marcus Grando <marcus@corp.grupos.com.br>
* - Update to 1.34pav2004-10-122-8/+6
| | | | | | | - Please portlint PR: ports/72036 Submitted by: Daan van de Linde <daan@xs4all.nl>
* - Update to 2.4.0pav2004-10-122-3/+3
| | | | | PR: ports/71896 Submitted by: Olivier Tharan <olive@oban.frmug.org> (maintainer)
* Fix build with bind9 in the base system.marcus2004-10-111-3/+8
| | | | | Reported by: pointyhat via kris Approved by: portmgr (implicit)
* Fix build on ia64krion2004-10-101-3/+8
| | | | | | PR: ports/71741 Submitted by: maintainer Approved by: portmgr (implicit)
* fix http://vuxml.freebsd.org/92268205-1947-11d9-bc4a-000c41e2cdad.htmlume2004-10-092-1/+17
| | | | | | Reported by: nectar Approved by: portmgr (krion) Obtained from: https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/lib/common.c#rev1.104
* Document unsafe use of environmental variable SASL_PATH in cyrus-sasl.nectar2004-10-091-0/+31
| | | | Approved by: portmgr
* Mark IGNORE because the package somehow includes a dangling symlink, i.e.kris2004-10-071-0/+2
| | | | | | it is incomplete. Approved by: portmgr (self)
* Fix the code so GCC 3.4.2 likes it better, and unbreak.danfe2004-10-062-7/+10
| | | | | Reported by: kris Approved by: portmgr (krion), fjoe (mentor, implicit)
* Add some more apache ports.trhodes2004-10-061-2/+14
| | | | | | Fix two errors found by nectar. Approved by: portmgr
* Add imp3 issue, add apache13-ssl issue, correct a tag.trhodes2004-10-061-2/+31
| | | | Approved by: portmgr
* Note that older packages of bmon were dangerously installed set-user-ID.nectar2004-10-051-0/+25
| | | | Approved by: portmgr
* Document GnuTLS denial-of-service (already mentioned in portaudit'snectar2004-10-051-0/+39
| | | | | | database). Approved by: portmgr
* Record another PHP vulnerability.nectar2004-10-051-0/+45
| | | | Approved by: portmgr
* Record another PHP security issue.nectar2004-10-051-1/+50
| | | | Approved by: portmgr
* Note that xv should not be used.nectar2004-10-051-0/+40
| | | | Approved by: portmgr
* Note a symlink vulnerability in getmail.nectar2004-10-051-0/+28
| | | | | Submitted by: Shane Kinney <mod6@freebsdhackers.net> Approved by: portmgr
* Fill in empty topic from previous commit.nectar2004-10-051-1/+1
| | | | | Noticed by: Shane Kinney <mod6@freebsdhackers.net> Approved by: portmgr
* Record FreeBSD-SA-04:15.syscons.nectar2004-10-051-0/+38
| | | | Approved by: portmgr
* Add missing PORTEPOCH for samba.nectar2004-10-041-1/+1
| | | | | Noticed by: dinoex Approved by: portmgr
* Note racoon certificate verification bug.nectar2004-10-041-0/+26
| | | | | Submitted by: Jon Passki <cykyc@yahoo.com> Approved by: portmgr
* Note distcc IP address ACL bug.nectar2004-10-031-1/+27
| | | | | Submitted by: Jon Passi <cykyc@yahoo.com> Approved by: portmgr
* Remove a duplicate entry.nectar2004-10-031-56/+5
| | | | | Submitted by: Jon Passki <cykyc@yahoo.com> Approved by: portmgr
* Correct the version number for latest Mozilla entry.nectar2004-10-011-4/+4
| | | | | | (cut-n-paste damage) Approved by: portmgr
* Document the last few of the relatively recent Mozilla vulnerabilities.nectar2004-10-011-0/+110
| | | | Approved by: portmgr
* Correct mangled CVE name: s/8983/0903/nectar2004-10-011-1/+2
| | | | Approved by: portmgr
* Add another two older vulnerabilities affecting Mozilla & co.nectar2004-10-011-8/+161
| | | | | | | | | Continue to try hard to cover past package names: - I missed el-linux-mozillafirebird previously. - Move all the `obsolete' package names into one place for clarity. Approved by: portmgr
* Don't forget `ja-samba' also.nectar2004-10-011-0/+1
| | | | Approved by: portmgr
* Note samba file disclosure vulnerability.nectar2004-10-011-0/+31
| | | | Approved by: portmgr
* Increase USE_GCC to 3.4 for those ports which compile with it.kris2004-09-302-2/+2
| | | | Approved by: portmgr
* Fix apache version number entry, bump modified date for apache as well.trhodes2004-09-301-2/+2
| | | | Approved by: portmgr
* BROKEN on 5.x: Does not compilekris2004-09-291-0/+4
| | | | Approved by: portmgr (self)
* BROKEN on 5.x: Does not compilekris2004-09-291-1/+7
| | | | Approved by: portmgr (self)
* Make an initial attempt at covering all Mozilla/Firefox/Thunderbirdnectar2004-09-291-9/+36
| | | | | | | package names that we've had. Similar changes need to be made to many other entries, but let's use this one as a test subject first. Approved by: portmgr
* Correct spelling of phpnuke package name.nectar2004-09-281-1/+2
| | | | | Reported by: Dan Langille Approved by: portmgr
* Note BMP decoder flaws in Mozilla/Firefox/Thunderbird.nectar2004-09-281-0/+48
| | | | Approved by: portmgr
* Note stack buffer overflow in Mozilla mail.nectar2004-09-281-1/+41
| | | | Approved by: portmgr
* Document Mozilla/Firefox/Thunderbird heap buffer overflows.nectar2004-09-281-0/+57
| | | | Approved by: portmgr
* Correct the package name for phpMyAdmin.nectar2004-09-281-1/+2
| | | | | Reported by: Matthew Seaman <m.seaman@infracaninophile.co.uk> Approved by: portmgr
* Correct another typo. :-(kris2004-09-281-1/+1
| | | | | | Spotted by: eik Approved by: portmgr (self) XL pointy hat to: self
* Correct typo in previouskris2004-09-281-1/+1
| | | | | Approved by: portmgr (self) Pointy hat to: self
* Now builds on amd64kris2004-09-281-2/+2
| | | | Approved by: portmgr (self)
* Add CERT Vulnerability Note references to xpm entry.nectar2004-09-271-1/+3
| | | | Approved by: portmgr
* Note two older vulnerabilities in PHP.nectar2004-09-271-0/+111
| | | | | Submitted by: Jon Passki <cykyc@yahoo.com> Approved by: portmgr
* Note subversion information disclosure vulnerability.nectar2004-09-271-0/+36
| | | | | Submitted by: lev Approved by: portmgr
* Add missing PORTEPOCH in a mozilla entry.nectar2004-09-271-3/+5
| | | | | | | Correct package name in an apache entry. Reported by: Dan Langille <dan@langille.org> Approved by: portmgr
* BROKEN on 5.x: Does not compilekris2004-09-264-1/+19
| | | | Approved by: portmgr (self)
* BROKEN: Does not buildkris2004-09-261-0/+2
| | | | Approved by: portmgr (self)
* BROKEN on 5.x: Does not compilekris2004-09-261-1/+7
| | | | Approved by: portmgr (self)
* Forgot to add <modified> element for last commit.nectar2004-09-251-0/+1
| | | | Approved by: portmgr
* Add missing PORTEPOCH on one of the mozilla entries.nectar2004-09-251-1/+1
| | | | | Noticed by: Dan Langille <dan@langille.org> Approved by: portmgr
* Document vulnerabilities in lha.nectar2004-09-231-0/+41
| | | | | Reviewed by: dinoex Approved by: portmgr
* Lately it seems I like to use dashes in topics... but I should atnectar2004-09-231-19/+19
| | | | | | least be consistent with how many. s/---/--/ Approved by: portmgr
* Document mysql buffer overflow.nectar2004-09-231-0/+27
| | | | | Reported by: ale Approved by: portmgr
* Update to pam_alreadyloggedin-0.3 to unbreak. There should be nogreen2004-09-232-12/+4
| | | | | | | | | visible changes. This work was done by Jeremie Le Hen; thanks! Submitted by: Jeremie Le Hen <jeremie@le-hen.org> Approved by: portmgr
* Document Mozilla security icon spoofing vulnerability.nectar2004-09-231-0/+39
| | | | Approved by: portmgr
* Document Mozilla vulnerability involving NULL bytes in FTP URLs.nectar2004-09-231-1/+46
| | | | | | Also, correct s/firebird/firefox/ in a previously documented issue. Approved by: portmgr
* Document Mozilla automatic file upload vulnerability.nectar2004-09-221-3/+28
| | | | Approved by: portmgr
* Document mozilla certificate import denial-of-service vulnerability.nectar2004-09-221-0/+48
| | | | Approved by: portmgr
* Note a file name disclosure issue in rssh.nectar2004-09-221-0/+38
| | | | | Reported by: leeym Approved by: portmgr
* - replace "@dirrm ..." with "@unexec rmdir ..."leeym2004-09-221-1/+1
| | | | | | | | (p5-IO-INET6 will install files in SITE_PERL/PERL_ARCH/auto/IO/Socket/INET6) PR: 70640 Submitted by: leeym Approved by: portmgr (marcus)
* Add entry describe GNU Radius denial-of-service vulnerability.nectar2004-09-211-0/+36
| | | | Approved by: portmgr
* Add sudoedit vulnerability.nectar2004-09-211-0/+24
| | | | Approved by: portmgr
* In latest CVS entry, remove the reference to the exploit. It doesnectar2004-09-201-1/+0
| | | | | | | not apply to any of these vulnerabilities, but to the previous CVS vulnerability (CAN-2004-0396). Approved by: portmgr
* Oh yeah, add affected FreeBSD versions for CVS issues.nectar2004-09-201-1536/+1534
| | | | Approved by: portmgr
* Update CVS entry with some details.nectar2004-09-201-13/+31
| | | | Approved by: portmgr
* Add an entry for the mod_proxy buffer overflow existant in apache13.trhodes2004-09-201-0/+25
| | | | Approved by: portmgr
* Update to 1.6.8p1mharo2004-09-192-4/+4
| | | | | Submitted by: many people Approved by: portsmgr (marcus)
* - unbreak this port on 5.xleeym2004-09-192-9/+27
| | | | | | PR: 71853 Submitted by: leeym Approved by: portmgr (marcus)
* BROKEN on 5.x: Does not compilekris2004-09-194-4/+28
| | | | Approved by: portmgr (self)
* Note some fixes for XPM image decoding vulnerabilities.nectar2004-09-181-4/+16
| | | | | | | | Submitted by: lesi Add references to Chris Evans's advisories while I'm at it. Approved by: portmgr
* BROKEN on 5.x: Does not compilekris2004-09-181-1/+7
| | | | Approved by: portmgr (self)
* BROKEN: Broken pkg-plistkris2004-09-181-0/+2
| | | | Approved by: portmgr (self)
* Update to gdk-pixbuf vulnerability to reflect the fixed version of gtk20.marcus2004-09-171-1/+2
| | | | Approved by: portmgr( implicit)
* Note that a patched version of webmin 1.150 is now available, thanksnectar2004-09-161-2/+4
| | | | | | | | | | to olengi@. Submitted by: olengi Add a paragraph introducing the Webmin blockquote while I'm here. Approved by: portmgr
* Note gdk-pixbuf image decoding issues.nectar2004-09-161-0/+36
| | | | Approved by: portmgr
* clement@ has patched Apache 2.nectar2004-09-161-3/+3
| | | | Approved by: portmgr
* Note CUPS printer queue browser denial-of-service.nectar2004-09-161-0/+24
| | | | Approved by: portmgr
* Note Apache 2 IPv6 address parsing bug.nectar2004-09-151-0/+28
| | | | Approved by: portmgr
* Note new libXpm vulnerabilities.nectar2004-09-151-0/+46
| | | | Approved by: portmgr
* I appear to have deleted a line at the last minute. Restore it.nectar2004-09-151-0/+1
| | | | Approved by: portmgr
* Add mod_dav denial-of-service issue.nectar2004-09-151-0/+28
| | | | Approved by: portmgr
* Oops, forgot to note that the previous issue affects only the Apache 2.xnectar2004-09-151-1/+1
| | | | | | series. Approved by: portmgr
* Add Apache 2 vulnerability concerning environmental variables innectar2004-09-151-0/+34
| | | | | | configuration files. Approved by: portmgr
* Repair three <freebsdpr> elements. The content of these elementsnectar2004-09-151-3/+3
| | | | | | | must be e.g. "ports/46613", not just "46613". Reported by: Matthew Seaman <m.seaman@infracaninophile.co.uk> Approved by: portmgr
* Note that some versions of OpenOffice have been corrected.nectar2004-09-151-1/+2
| | | | Approved by: portmgr
* Fix botched date entry and correct iDefense URL.trhodes2004-09-141-2/+2
| | | | Approved by: portmgr
* Really add Samba 3 vulnerability.trhodes2004-09-141-1/+26
| | | | | | | Remove incorrect URL in mpg123 entry. Approved by: portmgr URL noticed: nectar
* Correct version. Note my last commit here was for mpg123 instead oftrhodes2004-09-141-1/+1
| | | | | | | samba3. Noticed by: nectar Approved by: portmgr
* - There is a WITHOUT_X11 version of ImageMagick that needs to benectar2004-09-141-2/+221
| | | | | | | | | | | | | | | | | taken into account. - Fix transposed characters in `isakmpd'. Noticed by: Dan Langille <dan@langille.org> - Add CVE name reference for ImageMagick. - Add webmin temporary file handling issue. - Add OpenOffice temporary file handling issue. - Widen the `KDE frame injection' issue to cover Mozilla, Firebird, Netscape, and Opera as well - Add Mozilla/Firebird/Netscape SOAPParameter vulnerability - Add Mozilla/Thunderbird/Netscape POP client vulnerability Approved by: portmgr
* Update for recent Samba3 vulnerabilities.trhodes2004-09-141-0/+27
| | | | Approved by: portmgr
* - Update to 1.0.20, fixing GnuTLS certificate chain verification DoSsergei2004-09-103-6/+5
| | | | | | | | | | | vulnerability (portaudit ID: 84ab58cf-e4ac-11d8-9b0a-000347a4fa7d), described in the following advisories: - http://www.hornik.sk/SA/SA-20040802.txt - http://secunia.com/advisories/12156 PR: ports/71502 Submitted by: Koop Mast <kwm@rainbow-runner.nl> Approved by: portmgr (eik, marcus)
* Typo-fix in a commentbrueffer2004-09-091-1/+1
| | | | Approved by: portmgr (krion)
* - star-devel: privilege escalationeik2004-09-092-1/+7
| | | | | | | | - multi-gnome-terminal: information leak - usermin: remote shell command injection and insecure installation - mpg123: layer 2 decoder buffer overflow Approved by: portmgr (implicit)
* - XSS vulnerability in phpGroupWare wiki moduleeik2004-09-072-8/+42
| | | | | | - add some references Approved by: portmgr (implicit)
* managed to break this just in time for the ports freeze.arved2004-09-041-2/+0
| | | | | Submitted by: lofi, eik Approved by: portmgr (eik)
* multiple vulnerabilities in LHAeik2004-09-041-0/+36
|
* Nuke the gnupg sigchecking code. There are bugs and I don't have the timearved2004-09-042-16/+0
| | | | | | | to work on this now. PR: 66417 Submitted by: Lupe Christoph <lupe@lupe-christoph.de>
* grrrr... left the test case intacteik2004-09-041-1/+1
|
* - update to version 0.5.9eik2004-09-043-14/+34
| | | | (first attempts to check the base system for vulnerabilities)
* - add some referenceseik2004-09-043-8/+142
| | | | | | | | | | - extend ImageMagick entry - squid ntlm authentication helper DoS - multiple vpopmail vulnerabilities - first attempts to check the base system for vulnerabilities: + cvs server code + zlib DoS - BSD license portaudit.xml
* Fix build when using ccacheeik2004-09-041-1/+31
| | | | | PR: 71343 Submitted by: Michael Johnson <ahze@ahze.net>
* Update to 3.23.0. This release of super fixes a potential root exploit:obrien2004-09-044-17/+12
| | | | | | | http://xforce.iss.net/xforce/xfdb/16458 PR: 71328 Submitted by: Piet Delport <pjd@point45.com>
* Add CONFLICTS with openvpn-develvs2004-09-043-0/+6
| | | | | PR: ports/71337 Submitted by: maintainer
* - update to 0.19.clsung2004-09-032-3/+3
| | | | Approved by: vanilla (co-mentor)
* Implement a "mgrate" facility that lets one migrate/overwrite the LDAPmarcus2004-09-032-8/+59
| | | | | | | | | | | | | | | | | | userPassword field of the user being authenticated. The PAM and LDAP usernames must be the same. This makes "pam_ldap migrate" similar to "pam_smbpass migrate". This has been submitted to PADL in http://bugzilla.padl.com/show_bug.cgi?id=178. [1] Allow pam_ldap to change user passwords under certain circumstances. This has been submitted to PADL in http://bugzilla.padl.com/show_bug.cgi?id=177. [2] All of this is documented further at http://www.iem.pw.edu.pl/~wielebap/ldap/pam_ldap/pam_ldap_doc.pdf. PR: 71289 [1] 71287 [2] Submitted by: Pawel Wieleba <wielebap@iem.pw.edu.pl>
* Fix the bus error on startup in -CURRENT and 5.x-BETA. It turns outroam2004-09-022-1/+32
| | | | | | | | | | | | | that the OpenSSL ENGINE code is, well, somewhat less than stellar, especially in combo with malloc's 'j' option. Even without it, though, there are some problems that I don't have time to look into right now. So, disable the OpenSSL ENGINE activation on FreeBSD 5.x, unless the WITH_STUNNEL_SSL_ENGINE knob is turned on. Also, while I'm here, fix the CONFIGURE_TARGET so the GNU configure script does not complain quite so loudly. Bump PORTREVISION for the functionality change (well, I guess you could say "not working" -> "working" is a functionality change ;)
* - Update to 20040826 snapshotvs2004-09-024-93/+46
| | | | | | | | | - Fix fetching - Fix -pthread/-lc_r issue for good (courtesy of bsd.autotools.mk, who'd have guessed...) PR: ports/71168 Submitted by: Rob Evers (maintainer), me
* Adjust the affected version for imlib now that the 2nd instance of BMPnectar2004-09-021-1/+2
| | | | loader has been corrected.
* - Update to 0.44pav2004-09-022-5/+3
| | | | | PR: ports/71249 Submitted by: Luiz Eduardo Roncato Cordeiro <cordeiro@nic.br> (maintainer)
* Update to DAT 4389jeh2004-09-022-4/+3
|
* Fix MIT krb5 Security Advisory 2004-002: double-free vulnerabilitiescy2004-09-0212-4/+128
| | | | | | in KDC and libraries Heads-up by: nectar
* The recent commit to the krb5 port brought the version to 1.3.4_1 butnectar2004-09-021-1/+1
| | | | | did not correct one of the existing vulnerabilities. Update the affected range to compensate.
* Fix MITKRB5-SA-2004-003: ASN.1 decoder denial-of-service.cy2004-09-018-0/+56
| | | | Heads-up by: nectar
* - update to 0.7clsung2004-09-012-3/+3
| | | | | | | | | | | | | - From ChangeLog - Added support for ESMTP [Andreas Steinmetz] - Fixed crash when too many connections established - Announce ourselves as 'clamsmtp' in EHLO/HELO responses which fixes 'loopback' problems with certain versions of Postfix 1.x - Better IO performance under heavy load - Fixed most warnings when compiled with -Wall - Fixed other minor bugs Approved by: vanilla (co-mentor)
* Note recent MIT Kerberos 5 vulnerabilities.nectar2004-09-011-0/+74
|
* - update to version 3.70 (birthday edition, try the verbose mode)eik2004-09-012-9/+3
|
* Document imlib2 BMP decoder bug.nectar2004-08-311-0/+27
|
* Document BMP decoder bugs in imlib1 and ImageMagick.nectar2004-08-311-0/+50
|
* Update to 1.2.6.osa2004-08-316-58/+58
| | | | | | Utilize DOCSDIR and DATADIR macros. Approved by: kuriyama (maintainer)
* Update to 1.7.1.marcus2004-08-312-3/+3
|
* samba printer change notification request DoSeik2004-08-311-0/+1
|
* Update to 0.3.3.marcus2004-08-313-3/+11
| | | | | PR: 71156 Submitted by: maintainer
* Update to KDE 3.3lofi2004-08-316-190/+56
|
* Correct bogus date in mysql entry. (It should be YYYY-MM-DD, notnectar2004-08-301-2/+2
| | | | | | DD-MM-YYYY.) Reported by: robert@openbsd.org
* Add more references (particularly CVE names) for issues affectingnectar2004-08-301-8/+24
| | | | | | | SpamAssassin, tnftpd, ruby, mysql. Place text taken from another source inside <blockquote cite="..."> for ruby issue.
* Fix location of pkg-config data.vs2004-08-302-1/+12
| | | | | | PR: ports/69149 Submitted by: Konstantin Oznobihin Approved by: maintainer timeout
* correct/add some referenceseik2004-08-301-35/+48
|
* add some references, add ru-gaimeik2004-08-301-2/+4
|
* multiple vulnerabilities in gaimeik2004-08-301-4/+4
|
* I have been having a problem since the update to use update.ini insteadjeh2004-08-302-10/+23
| | | | | of readme.txt of flipping between two version of DAT. 'update_dat' now compares the current value with the new one, before updating.
* security bug in rscsi client codeeik2004-08-301-0/+4
| | | | Submitted by: marius
* Update to 2.30.marcus2004-08-304-6/+6
| | | | | PR: 71092 Submitted by: maintainer
* - Update to 1.1.7pav2004-08-304-17/+26
| | | | | PR: ports/71119 Submitted by: bugghy <bugghy@rootshell.be> (maintainer)
* Remove -P option from tar. This patch has already been incorporatedlinimon2004-08-291-0/+1
| | | | | | | into the upstream sources. PR: ports/70806 Submitted by: SANETO Takanori <sanewo at ba2 dot so-net dot ne dot jp>
* Add opieprintmharo2004-08-295-17/+40
| | | | output postscript with 100 OPIE passwords credit card sized
* Patch the default installation locations to be FreeBSD-friendly. Bumplinimon2004-08-2816-2/+201
| | | | | | | portrevision. Users should take care when upgrading. PR: ports/70424 Submitted by: Jean Milanez Melo <jmelo at freebsdbrasil dot com dot br> (maintainer)
* Add WWW line.linimon2004-08-281-0/+2
|
* Document NSS SSLv2 server buffer overflow (already referenced innectar2004-08-272-1/+37
| | | | portaudit.txt).
* Document ripMIME decoding bug (already referenced in portaudit.txt).nectar2004-08-272-2/+38
|
* Update to 0.41mat2004-08-273-5/+6
| | | | | | PR: 70258 Submitted by: skv Approved by: maintainer timeout
* Argh. Duplicate entry for "Scorched 3D server chat box format string ↵eik2004-08-271-2/+1
| | | | vulnerabilty"
* Mozilla / NSS S/MIME DoS vulnerability & Scorched 3D server chat box format ↵eik2004-08-271-0/+2
| | | | string vulnerability
* Remove <modified/> from the gnomevfs vulnerability since it was the samemarcus2004-08-271-1/+0
| | | | | | as <entry/> and it needed to be last anyway. Suggested by: nectar
* Update the gnomevfs entry to reflect the fixed versions.marcus2004-08-271-2/+3
|
* Add entry for moinmoin ACL bypass.trhodes2004-08-271-0/+28
|
* Note sanitize_path bug in rsync (already referenced in portaudit.txt).nectar2004-08-272-1/+32
|
* Unsafe URI handling in gnome-vfs, MidnightCommander.nectar2004-08-271-0/+38
|
* Document buffer overflows in SoX (already referenced in portaudit.txt).nectar2004-08-272-1/+30
|
* Document cookie bug in Konqueror (already referenced in portaudit.txt).nectar2004-08-272-1/+45
|
* Update to 2.1.1sem2004-08-274-17/+26
| | | | | PR: ports/70933 Submitted by: maintainer
* The tarball was rerolled because of security fix.sem2004-08-271-2/+2
| | | | | PR: ports/70978 Submitted by: Omer Faruk Sen <ofsen@enderunix.org>
* - Update to 0.6.6pav2004-08-272-4/+4
| | | | | PR: ports/70941 Submitted by: Janos Mohacsi <janos.mohacsi@bsd.hu> (maintainer)
* Add missed file in pkg-plistsem2004-08-271-0/+1
|
* Update to 2.1.2sem2004-08-2710-15/+728
| | | | | | | make portlint happy PR: ports/70951 Submitted by: maintainer
* support building nmap-3.59a5 WITH_PRERELEASE=yeseik2004-08-262-0/+6
|
* - Update to 1.4.0clsung2004-08-265-31/+60
| | | | | | | | - Change MASTER_SITES - fixed build error in 5.x (compare to ports/69194) PR: ports/70444 Approved by: vanilla (co-mentor)
* I forgot to change filename, which md5 info is correct for 0.6.clsung2004-08-261-2/+2
| | | | Approved by: vanilla (co-mentor)
* Update to DAT 4388jeh2004-08-262-3/+3
|
* Update to 20040825vs2004-08-262-3/+3
| | | | | PR: ports/70947 Submitted by: Tim Bishop (maintainer)
* - Fix "make validate" problem when textproc/xhtml-basic ishrs2004-08-254-9/+12
| | | | | | | | installed by adding an SGML declaration and DTDDECL. - Remove the --catalogs option for xmllint(1) in validate.sh. Approved by: nectar (maintainer) PR: ports/63035
* Remove libxine issue which is now documented in the FreeBSD VuXMLnectar2004-08-251-1/+0
| | | | | | document. Reminded by: eik
* update to 3.9.2. Fixes a remote exploitable buffer overflow:eik2004-08-253-5/+4
| | | | <http://www.freebsd.org/ports/portaudit/207f8ff3-f697-11d8-81b0-000347a4fa7d.html>
* nss library SSL remote buffer overfloweik2004-08-251-0/+1
|
* multiple buffer overflows in xveik2004-08-251-2/+3
|
* - update to 0.6clsung2004-08-252-3/+3
| | | | | | | - Proper adding of customized header - Fixes to documentation Approved by: vanilla (co-mentor)
* - Removed now-unneeded patchsergei2004-08-241-11/+0
|
* - Update to 1.0sergei2004-08-242-10/+10
|
* Konqueror cross-domain cookie injectioneik2004-08-241-0/+1
|
* handle some duplicateseik2004-08-243-2/+71
|
* Place port name in the description.trhodes2004-08-241-1/+2
| | | | Suggested by: eik
* fix "too many open files" error when using the -r flageik2004-08-242-2/+2
| | | | Noted by: nectar
* Add libxine vcd URL handling issue.nectar2004-08-241-0/+39
|
* Add DoS in SpamAssassin.nectar2004-08-231-0/+30
|
* Add <modified> date for previous commit.nectar2004-08-231-0/+1
|
* fidogate-ds was also affected by the ``write files as `news' user''nectar2004-08-231-0/+4
| | | | issue.
* Off-by-one error in courier-imap entry.nectar2004-08-231-1/+1
| | | | Noticed by: oliver
* Add a more useful reference for the Qt issue.nectar2004-08-231-0/+1
|
* Add Qt heap overflow issue.nectar2004-08-231-0/+31
|
* Add a security issue affected courier-imap when run with certain debugnectar2004-08-231-0/+26
| | | | flags.
* Add fidogate issue.nectar2004-08-231-0/+26
|
* Add an issue covering a vulnerability in mysqlhotcopy.nectar2004-08-231-0/+32
| | | | Reported by: robert@openbsd.org
* Cancel a VuXML entry for an Apache vulnerability that does not affectnectar2004-08-231-42/+1
| | | | | | FreeBSD. Reminded by: recent conversations :-)
* Fix CC, CFLAGSarved2004-08-231-0/+1
| | | | | PR: 70824 Submitted by: Roman Bogorodskiy <bogorodskiy@inbox.ru>
* Revert previous commit, I lost the race with arved who fixed the port.kris2004-08-221-6/+1
| | | | Pointy hat to: kris
* that should fix the build on freebsd-6oliver2004-08-221-1/+19
| | | | Reported by: pointyhat (via kris)
* Fix the WITHOUT_ knobs to be compliant with the GNOME frameworksem2004-08-212-12/+10
| | | | | PR: ports/70451, ports/70452 Submitted by: maintainer
* a2ps: Possible execution of shell commands as local user.eik2004-08-211-1/+2
|
* Delete files forgotten in last repocopyeik2004-08-219-152/+0
| | | | | | | | | Fix typo <http://docs.freebsd.org/cgi/mid.cgi?200408010854.i718sxCc065477> <http://docs.freebsd.org/cgi/mid.cgi?200408010937.i719b446067158> Pointy hat to: sem
* cancelled 6fd9a1e9-efd3-11d8-9837-000c41e2cdad: does not affect FreeBSDeik2004-08-211-27/+1
| | | | <http://docs.FreeBSD.org/cgi/mid.cgi?20040817123651.GB930>
* BROKEN on 5.x: Does not compile with gcc 3.4.2kris2004-08-211-1/+6
|
* Fix build with gcc 3.4arved2004-08-211-2/+10
|
* Update to 1.1.6sem2004-08-202-3/+3
| | | | | PR: ports/70706 Submitted by: maintainer
* correct topic of eda0ade6-f281-11d8-81b0-000347a4fa7deik2004-08-201-1/+1
|
* QT 3.x BMP (and possibly other graphics formats) heap-based overfloweik2004-08-201-0/+1
|
* Update to 1.6.8mharo2004-08-204-21/+9
|
* My territory, suggested by ijliao. :pclsung2004-08-203-3/+3
| | | | Approved by: vanilla (co-mentor)
* Add revelation, a password manager for the GNOME 2 desktop. It stores allmarcus2004-08-205-0/+123
| | | | | | | | your account and passwords in a single, secure, place, and give you access to them all through a user-friendly graphical interface. PR: 70653 Submitted by: ports@c0decafe.net <ports@c0decafe.net>
* Update to 1.25mat2004-08-193-29/+67
| | | | | | | | use EXAMPLESDIR PR: 70093 Submitted by: Jeff Putsch <jdputsch@comcast.net> Approved by: maintainer timeout
* potential security flaws in mod_ssleik2004-08-191-4/+6
|
* Update to DAT 4387jeh2004-08-192-3/+3
|
* patch-kmpstat.c is not necessary anymore.sumikawa2004-08-192-28/+0
| | | | | | PR: ports/70620, ports/70622 Submitted by: Helge Oldach <racoonaug04@oldach.net>, Ying-Chieh Chen <yinjieh@csie.nctu.edu.tw>
* - update to 3.9p1dinoex2004-08-1812-126/+92
| | | | | | | set PORTVERSION 3.9.0.1 to avoid another bump of PORTEPOCH if 3.9.1p1 come out. - new option OPENSSH_SNAPSHOT
* Update to 1.27krion2004-08-182-3/+3
| | | | | PR: ports/70606 Submitted by: maintainer
* Upgrade to 20040818a.sumikawa2004-08-184-6/+6
|
* Add a pointer to Przemyslaw Frasunek's advisory.nectar2004-08-181-0/+1
|
* For the lukemftpd/tnftpd issue, add a reference to NetBSD securitynectar2004-08-181-0/+1
| | | | advisory now that it is available.
* Note a vulnerability in lukemftpd/tnftpd.nectar2004-08-181-0/+47
|
* Don't require a particular version of libexpat. Use sh(1)'s `echo *'mi2004-08-182-3/+3
| | | | | | instead of spawning off ls(1) in pkg_check.sh. Approved by: maintainer
* multiple CVS vulnerabilitieseik2004-08-171-0/+51
|
* move a800386e-ef7e-11d8-81b0-000347a4fa7d to xmleik2004-08-173-9/+36
|
* Correct the version numbers and dates in the last entry.knu2004-08-171-4/+4
|
* Add an entry for:knu2004-08-171-0/+30
| | | | Ruby insecure file permissions in the CGI session management
* Document a setgid "games" security issue in xonix. Based on a VuXMLnectar2004-08-171-0/+30
| | | | | | entry that was Submitted by: robert@OpenBSD.org
* - Fix build with gcc 3.4pav2004-08-172-5/+14
| | | | | | | - Unconfuse doc install PR: ports/70530 Submitted by: Yonatan <Yonatan@Xpert.com> (maintainer)
* Update to 2.29.marcus2004-08-176-8/+10
| | | | | PR: 70505 Submitted by: maintainer
* Upgrade to 2.1.0.vanilla2004-08-176-47/+51
| | | | | PR: ports/70526 Submitted by: maintainer
* ruby CGI::Session insecure file creationeik2004-08-161-1/+2
|
* Update to 1.0mat2004-08-163-6/+6
|
* Update to DAT 4386jeh2004-08-162-3/+3
|
* The distfile is now fetchable again, so rescue this port from death row.kris2004-08-161-4/+0
|
* Don't check the base system when PACKAGE_BUILDINGeik2004-08-161-0/+2
|
* BROKEN: Unfetchablekris2004-08-161-0/+2
|
* multiple phpGroupWare vulnerabilitieseik2004-08-161-0/+2
|
* phpGedView, jftpgweik2004-08-163-0/+29
|
* Correct the version number range affected for ja-samba.nectar2004-08-151-4/+4
| | | | | | Correct the version number range affected for Mozilla 1.8 alphas. Problem hinted at by: eik
* Fix build with gcc 3.4arved2004-08-151-0/+10
|
* Correct the version number range affected for Mozilla 1.8 alphas.nectar2004-08-151-4/+13
| | | | | | | | | | Problem hinted at by: eik While I'm here, add a CVE name reference and a couple of other relevant Bugzilla links. It is interesting that this security issue was reported as early as 1999. Also, replace the text plagiarized from the Secunia advisory without attribution with a more helpful (maybe?) description of the issue.
* Remove -a from the default fetch(1) flags, so that the daily securityeik2004-08-152-2/+2
| | | | | | report is not delayed when the distribution site is down. Submitted by: kuriyama
* Update to 0.6perky2004-08-153-3/+6
|
* take care of $PREFIX/libdata/pkgconfigoliver2004-08-151-0/+1
|
* Fix build with gcc-3.4krion2004-08-152-0/+28
|
* Fix plist.krion2004-08-152-3/+3
| | | | Pet portlint.
* Fix plist.krion2004-08-151-2/+3
|
* Fix plist.krion2004-08-153-0/+6
|
* Fix build with gcc 3.4arved2004-08-141-0/+28
|
* Format string vulnerability in jftpgw.trhodes2004-08-141-0/+28
| | | | Informed by: Robert Nagy <robert@openbsd.org>
* apply xlist not to the own fileseik2004-08-142-10/+15
|
* fix man page nits,eik2004-08-143-36/+61
| | | | | | | modify the vulnerability report depending on -q/-v (experimental) PR: 69935, 68942 Submitted by: Chris Pepper <pepper@reppep.com>, Johan Karlsson <k@numeri.campus.luth.se>
* Fix RUN_DEPENDSkrion2004-08-141-1/+1
| | | | | PR: ports/70419 Submitted by: maintainer
* fix some vuxml duplicates, add sympa unauthorized list creationeik2004-08-143-8/+680
|
* Change MAINTAINER to perl@.nork2004-08-138-8/+8
| | | | | | I welcome bsd.port.mk introduced soon. Inspired by: freebsd-perl@
* - Add WITHOUT_NESSUS_GTK knob.vs2004-08-138-40/+88
| | | | | | | | - Upgrade rc.d script to the rc-ng style; bump PORTREVISION for that. - Add CONFLICTS. PR: ports/69878 Submitted by: Udo Schweigert (maintainer)
* - Add WITHOUT_NESSUS_GTK knob.vs2004-08-138-40/+88
| | | | | | | | - Upgrade rc.d script to the rc-ng style; bump PORTREVISION for that. - Add CONFLICTS. PR: ports/69877 Submitted by: Udo Schweigert (maintainer)
* Repair broken URL.nectar2004-08-131-1/+1
| | | | Noticed by: simon
* Add another entry for kdelibs3 due to another missed patch.lofi2004-08-131-0/+1
|
* Correct entries for recent kde vuln's and add new entry for kdelibslofi2004-08-131-1/+3
| | | | (3.2.3_3 didn't have all patches).
* Add two issues covering three KDE advisories: two temporary filenectar2004-08-131-0/+67
| | | | handling issues, and a KHTML issue.
* The last commit should have changed the comparison tag from <le> to <lt>.marcus2004-08-131-1/+1
|
generated by cgit (git 2.34.1) at 2024-12-19 11:38:11 +0800