aboutsummaryrefslogtreecommitdiff
path: root/security
Commit message (Collapse)AuthorAgeFilesLines
* - Reformat pkg-descr, add WWW.Alejandro Pulver2006-10-312-21/+27
| | | | | | | | | | - Take maintainership. PR: ports/104235 Submitted by: Thomas Abthorpe <thomas@goodking.ca> Notes: svn path=/head/; revision=175590
* - Reformat pkg-descr.Alejandro Pulver2006-10-312-7/+5
| | | | | | | | | | - Take maintainership. PR: ports/104233 Submitted by: Thomas Abthorpe <thomas@goodking.ca> Notes: svn path=/head/; revision=175589
* * Upgrade to version 5.10James E. Housley2006-10-312-8/+9
| | | | | | | * When package building, don't automatically fetch the newest DAT Notes: svn path=/head/; revision=175567
* Update to 20061029 to fix vulnerabilityRenato Botelho2006-10-302-6/+4
| | | | | | | | Approved by: portmgr (erwin) Security: http://www.vuxml.org/freebsd/8012a79d-5d21-11db-bb8d-00123ffe8333.html Notes: svn path=/head/; revision=175554
* Add a <modified> tag with the current date to reflect my previous change.Vasil Dimov2006-10-301-0/+1
| | | | | | | | | | I knew I should ask someone before committing, however trivial was the change. Spotted by: remko Approved by: portmgr (implicit) Notes: svn path=/head/; revision=175553
* Fix typo: "Dmitri Lenev reports reports a privilege ..."Vasil Dimov2006-10-301-1/+1
| | | | | | | Approved by: portmgr (implicit) Notes: svn path=/head/; revision=175552
* Document screen -- combined UTF-8 characters vulnerability.Simon L. B. Nielsen2006-10-291-0/+29
| | | | | | | Approved by: portmgr (secteam blanket) Notes: svn path=/head/; revision=175550
* Document two MySQL privilege escalations.Simon L. B. Nielsen2006-10-291-0/+60
| | | | | | | | | PR: ports/104890 Submitted by: Henrik Brix Andersen <henrik@brixandersen.dk> Approved by: portmgr (secteam blanket) Notes: svn path=/head/; revision=175549
* - Add entry for www/serendipity and www/serendipity-develMartin Wilke2006-10-231-0/+35
| | | | | | | | Reviewed by: markus@ Approved by: portmgr (implicit VuXML), secteam (Remko (not reviewed yet)) Notes: svn path=/head/; revision=175500
* Document an integer overflow vulnerability in Qt and kdelibs, based on anMarkus Brueffer2006-10-231-0/+39
| | | | | | | | | entry by sat Approved by: portmgr (erwin) Notes: svn path=/head/; revision=175497
* Add reference, which I missed the first time around, from OperaSimon L. B. Nielsen2006-10-201-0/+1
| | | | | | | | | Software to opera -- URL parsing heap overflow vulnerability entry, Approved by: portmgr (secteam blanket) Notes: svn path=/head/; revision=175445
* Document opera -- URL parsing heap overflow vulnerability.Simon L. B. Nielsen2006-10-201-0/+37
| | | | | | | Approved by: portmgr (secteam blanket) Notes: svn path=/head/; revision=175444
* Minor correction to last commit; the NVIDIA driver version 1.0.8762Simon L. B. Nielsen2006-10-201-1/+1
| | | | | | | | | was also affected, so mark it as such. Approved by: portmgr (secteam blanket) Notes: svn path=/head/; revision=175443
* Update entry for nvidia-driver -- arbitrary root code executionSimon L. B. Nielsen2006-10-201-4/+9
| | | | | | | | | | | | | | | | vulnerability: - Add new info about vulnerable versions from NVIDIA. - Add workaround. - Add more references. - Remove suggestion to move to "nv" driver now that we have a simpler workaround. Approved by: portmgr (secteam blanket) Parts submitted by: mnag Notes: svn path=/head/; revision=175442
* - Mark as forbiddenMarcus Alves Grando2006-10-201-0/+2
| | | | | | | | Approved by: portmgr (secteam blanket) Security: http://www.vuxml.org/freebsd/8012a79d-5d21-11db-bb8d-00123ffe8333.html Notes: svn path=/head/; revision=175433
* Document asterisk -- remote heap overwrite vulnerabilityRemko Lodder2006-10-201-0/+30
| | | | | | | | | Approved by: portmgr (VuXML blanket) Submitted by: Thomas Sandford Facilitated by: Snow B.V. Notes: svn path=/head/; revision=175428
* Some style changes to the plone entry.Remko Lodder2006-10-201-13/+11
| | | | | | | | | | Previous commit was also reviewed by myself. Approved by: portmgr (Blanket VuXML) Facilitated by: Snow B.V. Notes: svn path=/head/; revision=175426
* Fix plist.Ion-Mihai Tetcu2006-10-201-6/+0
| | | | | | | | | PR: ports/104405 Submitted by: Fabian Keil<fk@fabiankeil.de> Approved by: portmgr (erwin), Peter Thoenen (maintainer) Notes: svn path=/head/; revision=175424
* - Add a entry for www/ploneMartin Wilke2006-10-191-0/+37
| | | | | | | Approved by: portmgr (erwin) Notes: svn path=/head/; revision=175421
* Document:Shaun Amott2006-10-191-0/+108
| | | | | | | | | | | | | drupal -- HTML attribute injection drupal -- cross site request forgeries drupal -- multiple XSS vulnerabilities Submitted by: brooks Reviewed by: remko Approved by: portmgr (erwin) Notes: svn path=/head/; revision=175404
* Document "ingo -- local arbitrary shell command execution"Shaun Amott2006-10-191-0/+27
| | | | | | | | | Submitted by: thierry Reviewed by: remko Approved by: portmgr (erwin) Notes: svn path=/head/; revision=175400
* Update php -- _ecalloc Integer Overflow Vulnerability entry withSimon L. B. Nielsen2006-10-171-3/+20
| | | | | | | | | | | details from Steffan Essers advisory about the implications of this issue. The advisory was not public when this issue was initially fixed. Approved by: portmgr (secteam blanket) Notes: svn path=/head/; revision=175379
* - Update HPN patch. Patch are renamed, the only content differences are two ↵Marcus Alves Grando2006-10-172-7/+8
| | | | | | | | | | rows now enclosed in an "else" block. Submitted by: ale Approved by: portmgr (erwin) Notes: svn path=/head/; revision=175372
* Mark multimedia/win32-codecs as not-vulnerable after the quicktime codecsErwin Lansing2006-10-171-2/+2
| | | | | | | | | | were optional. The quicktime codecs are still vulnerable though, but we rely on the conditional FORBIDDEN statement in the ports Makefile for this. Approved by: portmgr (self), secteam (simon) Notes: svn path=/head/; revision=175369
* Document "nvidia-driver -- arbitrary root code execution vulnerability".Simon L. B. Nielsen2006-10-161-0/+36
| | | | | | | | | | | | Note that I haven't actually had time to make a test system to reproduce this on FreeBSD, but due to the nature of this issue and that there is a PoC exploit in the advisory, I'm adding this entry due to "better safe than sorry"... Approved by: portmgr (secteam blanket) Notes: svn path=/head/; revision=175362
* - Mark php open_basedir fixedAndrew Pantyukhin2006-10-161-2/+3
| | | | | | | | Reviewed by: secteam (simon) Approved by: portmgr (secteam blanket) Notes: svn path=/head/; revision=175356
* - clamav -- CHM unpacker and PE rebuilding vulnerabilitiesMarcus Alves Grando2006-10-161-0/+38
| | | | | | | Approved by: portmgr (mnag with secteam hat) Notes: svn path=/head/; revision=175355
* - Update to 0.88.5Marcus Alves Grando2006-10-163-7/+7
| | | | | | | | | | | - portlint(1) Approved by: portmgr (mnag with secteam hat), garga (maintainer) Security: http://lurker.clamav.net/message/20061016.015114.dc6a8930.en.html, http://secunia.com/advisories/22370/ Notes: svn path=/head/; revision=175354
* - Add missing dependsMartin Wilke2006-10-161-1/+2
| | | | | | | | | PR: ports/104362 Submitted by: Joshua Abraham<jabra@ccs.neu.edu> (maintainer) Approved by: portmgr (clement) Notes: svn path=/head/; revision=175352
* - Add some referencesAndrew Pantyukhin2006-10-151-6/+27
| | | | | | | | Reviewed by: secteam (simon) Approved by: portmgr (secteam blanket) Notes: svn path=/head/; revision=175333
* - Document temporary file symlink privilege escalation in tkdiffAndrew Pantyukhin2006-10-151-1/+28
| | | | | | | | | | - Correct Javier's name spelling in an old advisory Reviewed by: secteam (simon) Approved by: portmgr (secteam blanket) Notes: svn path=/head/; revision=175327
* - Document multiple remote file inclusion vulnerabilities in vtigerAndrew Pantyukhin2006-10-151-0/+31
| | | | | | | | Reviewed by: secteam (simon) Approved by: portmgr (secteam blanket) Notes: svn path=/head/; revision=175324
* - Document heap overflow in the KML engine in google-earthAndrew Pantyukhin2006-10-141-0/+28
| | | | | | | | Reviewed by: secteam (simon) Approved by: portmgr (implicit) Notes: svn path=/head/; revision=175297
* Simple commandline wrapper around gpg that makes it store its passphraseJeremy Messenger2006-10-144-0/+35
| | | | | | | | | | | in gnome-keyring. It is a direct competitor to (the unmaintained) quintuple-agent. Submitted by: ahze Approved by: portmgr (kris and marcus) Notes: svn path=/head/; revision=175285
* Chase the GNOME X11BASE to LOCALBASE move, and fix the build with theJoe Marcus Clarke2006-10-1414-38/+81
| | | | | | | | | | new freetype2 where needed. Submitted by: mezz, ahze, pav, and many others Approved by: portmgr (implicit, kris) Notes: svn path=/head/; revision=175261
* Presenting GNOME 2.16.1 for FreeBSD. This release represents a massiveJoe Marcus Clarke2006-10-1411-225/+169
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | amount of work by the FreeBSD GNOME Team and our testers. On top of the usual GNOME update, we have taken this opportunity to move GNOME from X11BASE to LOCALBASE. This means roughly 600 ports NOT part of the GNOME Desktop also need to be changed. The bulk of the move was carried out by ahze, mezz, and pav, but it would not have been possible without cooperation from the FreeBSD KDE team who worked with us to make sure GNOME and KDE can still coexist happily. We would also like to send a shout out to kris and pointyhat for putting up with multiple test runs until we got something that was solid. Back to GNOME 2.16. This release brings a huge amount of new functionality to FreeBSD. The standard release notes can be read at http://www.gnome.org/start/2.16/ . But on top of what you will read there, jylefort and marcus have completed work on a port of HAL to FreeBSD. This will allow FreeBSD to take advantage of closer hardware interaction such as auto-mounting CD-ROMs, USB drives, and music players; auto-playing audio CDs; and managing laptop power consumption. But where would this all be without our loyal testers and contributors? Therefore, the FreeBSD GNOME team would like to thank the following users: Phillip Neumann <pneumann@gmail.com> tmclaugh mux Yuri Pankov <yuri.pankov@gmail.com> chinsan Thomas <freebsdlists@bsdunix.ch> Brian Gruber <knightbg@yahoo.com> Franz Klammer <klammer@webonaut.com> Dominique Goncalves <dominique.goncalves@gmail.com> Pascal Hofstee <caelian@gmail.com> Yasuda Keisuke <kysd@po.harenet.ne.jp> backyard <backyard1454-bsd@yahoo.com> Andris Raugulis <endrju@null.lv> <endrju@null.lv> Eric L. Chen <d9364104@mail.nchu.edu.tw> Pawel Worach <pawel.worach@gmail.com> QuiRK on #freebsd-gnome Shane Bell <decept0@gmail.com> luigi sajd on #freebsd-gnome sat Chris Coleman <chrisc@vmunix.com> kaeru on #freebsd-gnome crsd_ via irc.freenode.org/#FreeBSD-GNOME Joel Diaz <joeldiaz@mac.com> Enjoy! Approved by: portmgr (implicit, kris) Notes: svn path=/head/; revision=175253
* Revert previous commit; it still conflicts but CONFLICTS checking wasKris Kennaway2006-10-121-0/+2
| | | | | | | | | broken at the time. Approved by: portmgr (self) Notes: svn path=/head/; revision=175228
* Update distinfo to reflect re-rolled distfile, and unbreak the port. TheShaun Amott2006-10-122-5/+7
| | | | | | | | | | | | differences between the old and new files were entirely cosmetic. The full diff is available in the Audit-Trail of the PR below. PR: ports/104307 Submitted by: Frank J. Laszlo <laszlof@vonostingroup.com> Approved by: portmgr (marcus) Notes: svn path=/head/; revision=175219
* devel/cscope was fixed in version 15.6 so use lt instead of le.Erwin Lansing2006-10-111-2/+2
| | | | | | | | | Submitted by: joerg Pointyhat to: erwin Approved by: portmgr (self) Notes: svn path=/head/; revision=175210
* - Update to 20061009 fingerprintsAndrew Pantyukhin2006-10-092-4/+4
| | | | Notes: svn path=/head/; revision=175139
* Sguil (pronounced "sgweel") is a graphical interface to snortBoris Samorodov2006-10-0910-0/+289
| | | | | | | | | | | | | | | | | | | | | | | | | (www.snort.org), an open source intrusion detection system. The actual interface and GUI server are written in tcl/tk (www.tcl.tk). Sguil also relies on other open source software in order to function properly. The sensor list includes security/barnyard, security/snort, security/sancp, tcpdump (a part of the OS) and devel/tcltls as well as lang/tcl84 and lang/tclX. Care has been taken to ensure that everything you need to build a working sguil operation is in the FreeBSD ports system or part of the OS already. Sguil currently functions as an analysis interface and has no snort sensor or rule management capabilities. WWW: http://sguil.sourceforge.net/index.php pauls@utdallas.edu PR: ports/95018 Submitted by: Paul Schmehl <pauls at utdallas.edu> Notes: svn path=/head/; revision=175129
* - Update to 0.1.2.2Cheng-Lung Sung2006-10-092-5/+6
| | | | | | | | PR: ports/104211 Submitted by: maintainer (Peter Thoenen) Notes: svn path=/head/; revision=175107
* Mark zgv as fixed wrt. "zgv, xzgv -- heap overflow vulnerability".Simon L. B. Nielsen2006-10-091-1/+2
| | | | Notes: svn path=/head/; revision=175101
* - Add dependency on libtool; we cannot simply add USE_AUTOTOOLSSergei Kolobov2006-10-091-0/+2
| | | | | | | | | | as that implies GNU_CONFIGURE which this port does NOT use - Bump PORTREVISION Noticed by: pointyhat via kris Notes: svn path=/head/; revision=175100
* - Update to 0.9.6.1Martin Wilke2006-10-092-5/+5
| | | | | | | | PR: ports/104202 Submitted by: Robin Gruyters <r.gruyters@yirdis.nl> (maintainer) Notes: svn path=/head/; revision=175085
* - Update to 0.9.10Cheng-Lung Sung2006-10-092-8/+6
| | | | | | | | | | | | | libpreludedb Changelog: - Fix PostgreSQL schema update version 5. - Only export symbol starting with preludedb_. - Verbose error reporting in case of libpreludedb initialization failure. PR: ports/104201 Submitted by: maintainer (Robin Gruyters) Notes: svn path=/head/; revision=175059
* - Require gcc 3.4+Andrew Pantyukhin2006-10-091-0/+1
| | | | | | | Reported by: pointyhat via kris Notes: svn path=/head/; revision=175054
* Fix the problem with unattended deinstallation by not even attemptingPeter Pentchev2006-10-082-63/+1
| | | | | | | | | | | | | to remove the stunnel user and group at all - just kill the package deinstall script. PR: 104028 Reported by: jan grant <jan.grant@bristol.ac.uk>, Stephen Hurd <shurd@sasktel.net> (in private mail a while ago), and, I think, many others Notes: svn path=/head/; revision=174983
* - Add php-suhosin to edabe438-542f-11db-a5ae-00508d6a62dfAndrew Pantyukhin2006-10-081-1/+5
| | | | | | | | | as per original advisory Discussed with: ale Notes: svn path=/head/; revision=174969
* - Remove symlinks created by mtree target from plistsPav Lucistnik2006-10-081-2/+0
| | | | | | | | Pointy hats to: rafan 6x, droso 2x, pav 2x, alepulve, clsung, glewis, itetcu, miwi Notes: svn path=/head/; revision=174953
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-25 03:56:31 +0000