- Keywords: security
This result was limited to 500 bugs. See all search results for this query.
| ID | Product | Component | Assignee▲ | Status▲ | Resolution | Summary | Changed |
|---|---|---|---|---|---|---|---|
| 225451 | Base System | bin | bugs | New | --- | OpenSSH only looks for .k5login in user directory | 2022-09-09 |
| 233478 | Base System | bin | bugs | New | --- | Authentication fails if password > 128 characters | 2018-11-28 |
| 239975 | Base System | bin | bugs | New | --- | ping(8) crashes with SIGSEGV - Out-of-Bounds Read of size 2 (global-buffer-overflow) | 2020-11-04 |
| 260138 | Base System | kern | bugs | New | --- | TPM2 Support in bootloader / kernel in order to retrieve GELI passphrase | 2024-02-07 |
| 261306 | Base System | conf | bugs | New | --- | Geli rc.d script does not support insertion of USB devices containing a keyfile. | 2023-04-27 |
| 262295 | Base System | misc | bugs | New | --- | [pf] Tables and anchors | 2022-03-02 |
| 272902 | Base System | kern | bugs | New | --- | Security: allow passphrases for WPA-EAP to be saved without using clear text in a world-readable file | 2023-08-02 |
| 277228 | Base System | misc | geom | New | --- | Device permissions security hole with partitioning (/dev/geom.ctl) | 2024-03-03 |
| 270875 | Ports & Packages | Individual Port(s) | joneum | New | --- | www/nginx: with njs < 0.7.11 is vulnerable | 2023-04-16 |
| 278180 | Ports & Packages | Individual Port(s) | joneum | New | --- | www/mod_security: Update to 2.9.7 and Latest Project Changes | 2024-04-05 |
| 278463 | Ports & Packages | Individual Port(s) | pi | New | --- | ftp/filezilla: needs update to 3.67.0 to fix PuTTY bug leaking info on NIST-P521 based private keys [CVE-2024-31497] | 19:24:02 |
| 264426 | Ports & Packages | Individual Port(s) | bofh | Open | --- | www/mitmproxy: Update to 8.0.0 (<=7.0.4 vulnerable to CVE-2022-24766) | 2023-12-15 |
| 182518 | Base System | conf | bugs | Open | --- | [login.conf] Better Password Hashes | 2023-08-18 |
| 186252 | Base System | misc | bugs | Open | --- | Cannot mount an encrypted swap file in fstab | 2019-02-20 |
| 233578 | Base System | bin | bugs | Open | --- | Unprivileged local user can prevent other users logging in by locking utx.active | 2019-05-19 |
| 247735 | Ports & Packages | Individual Port(s) | danilo | Open | --- | envoy/istio: Multiple vulnerabilites | 2020-07-05 |
| 267276 | Ports & Packages | Individual Port(s) | desktop | Open | --- | graphics/tiff: Backport fixes for CVE-2022-2519, CVE-2022-2520 and CVE-2022-2521 | 2023-02-23 |
| 268523 | Ports & Packages | Individual Port(s) | gnome | Open | --- | www/webkit2-gtk{3,4}: 2.38 available | 2023-12-27 |
| 256957 | Base System | wireless | hrs | Open | --- | Wi-Fi: rc.conf(5) NOAUTO, ifconfig(8) up and unwanted WLAN connections to open networks | 2023-12-21 |
| 252472 | Ports & Packages | Individual Port(s) | ler | Open | --- | security/vuxml document vulnerability in mail/dovecot lower than 2.3.13 (CVE-2020-24386) | 2023-04-10 |
| 273766 | Ports & Packages | Individual Port(s) | sunpoet | Open | --- | graphics/webp: critical vulnerability (affects browsers) | 2023-10-01 |
| 238319 | Base System | kern | bugs | Open | --- | login: Extend and add features to session (struct) | 2019-06-04 |
| 238486 | Base System | kern | bugs | Open | --- | Possible buffer overflow bug in sc_allocate_keyboard() of sys/dev/syscons/syscons.c | 2023-07-31 |
| 238638 | Base System | kern | bugs | Open | --- | mfi: Remove unnecessary pointer printing in mfi.c | 2019-06-17 |
| 262180 | Base System | kern | bugs | Open | --- | jail escaping via jail-friendly nullfs | 2023-11-24 |
| 277587 | Ports & Packages | Individual Port(s) | grembo | Open | --- | sysutils/pftop crashing v0.10 installed via pkg install pftop | 2024-04-08 |
| 278404 | Ports & Packages | Individual Port(s) | marcus | Open | --- | ports-mgmt/portlint: Add check for files' permissions | Thu 12:18 |
| 241516 | Ports & Packages | Ports Framework | portmgr | Open | --- | Mk/bsd.port.mk: Fix certificate verification for 'make makesum' | 2024-02-12 |
| 264437 | Ports & Packages | Individual Port(s) | ports-secteam | Open | --- | security/vuxml: Cannot validate entry: error: xmlAddEntity: invalid redeclaration of predefined entity | 2022-10-14 |
| 222632 | Base System | kern | testing | Open | --- | connect(2) not available in capability mode | 2021-12-20 |
| 274270 | Ports & Packages | Individual Port(s) | vbox | Open | --- | emulators/virtualbox-ose-legacy family, including www/phpvirtualbox-legacy: deprecate six legacy ports | 2023-10-05 |
| 242676 | Base System | kern | Andrew | In Progress | --- | Mitigating speculative execution beyond ERET on aarch64 | 2019-12-20 |
| 258195 | Ports & Packages | Individual Port(s) | wen | In Progress | --- | lang/python38: Update to 3.8.12 | 2021-09-19 |
| 267080 | Ports & Packages | Individual Port(s) | wen | In Progress | --- | lang/python39: Update to 3.9.15 | 2022-12-14 |
| 270795 | Ports & Packages | Individual Port(s) | philip | In Progress | --- | security/vuxml: taking port flavours into account in recent new entries | 2024-02-15 |
| 248580 | Ports & Packages | Individual Port(s) | 0mp | Closed | FIXED | print/ghostscript9-agpl-base: Fix SAFER Sandbox Breakout vulnerability (CVE-2020-15900) | 2021-01-20 |
| 236767 | Ports & Packages | Individual Port(s) | acm | Closed | FIXED | www/drupal8: Update to 8.6.13 (Fixes Cross Site Scripting vulnerability: SA-CORE-2019-004) | 2019-03-27 |
| 238798 | Ports & Packages | Individual Port(s) | acm | Closed | FIXED | www/drupal8: update to 8.6.16 (fixes sa-core-2019-007) | 2019-07-21 |
| 241693 | Ports & Packages | Individual Port(s) | acm | Closed | FIXED | www/drupal8: Update to 8.7.8 | 2019-11-28 |
| 244992 | Ports & Packages | Individual Port(s) | acm | Closed | FIXED | www/drupal8: Update to 8.8.4 (Fixes security vulnerability: SA-CORE-2020-001) | 2024-01-27 |
| 246892 | Ports & Packages | Individual Port(s) | adamw | Closed | FIXED | www/gitea: Update to 1.11.6 (fixes security vulnerabilities) | 2020-05-31 |
| 251577 | Ports & Packages | Individual Port(s) | adamw | Closed | FIXED | www/gitea: Update to 1.13.0 (fixes security vulnerabilities) | 2020-12-05 |
| 211290 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | lang/php56: Update to 5.6.24 | 2016-07-26 |
| 221128 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | databases/mysql55-server: Needs to be updated to 5.5.57 | 2017-08-07 |
| 223547 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | mail/roundcube: Update to 1.3.3, fixes security vulnerability (CVE-2017-16651) | 2017-11-11 |
| 227246 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | lang/php56: Update to 5.6.35, Fixes security vulnerabilities | 2018-04-26 |
| 230409 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | databases/mysql55-server: Update to 5.5.61 fixes multiple CVE | 2019-02-15 |
| 233847 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | lang/php56: Update to 5.6.39 | 2018-12-10 |
| 256436 | Ports & Packages | Individual Port(s) | arrowd | Closed | FIXED | textproc/libxml2: Update to 2.9.12 (fixes several vulnerabilities) | 2021-06-23 |
| 258187 | Ports & Packages | Individual Port(s) | ashish | Closed | FIXED | net-im/py-matrix-synapse: Update to 1.41.1 | 2021-09-02 |
| 193871 | Base System | bin | bapt | Closed | FIXED | Certificates in /etc/ssl/certs not considered by pkg and fetch | 2016-02-20 |
| 240370 | Ports & Packages | Individual Port(s) | bhughes | Closed | FIXED | www/node10: MFH requested but not done | 2019-09-18 |
| 244723 | Ports & Packages | Individual Port(s) | bhughes | Closed | FIXED | www/node12: Update to to 12.16.1 (fixes security vulnerabilities) | 2020-04-12 |
| 220977 | Ports & Packages | Individual Port(s) | bofh | Closed | FIXED | devel/gsoap: Update to 2.8.50 (Fixes security vulnerability: CVE-2017-9765) | 2017-07-25 |
| 241734 | Ports & Packages | Individual Port(s) | bofh | Closed | FIXED | sysutils/ansible: Update to 2.9.6 | 2020-04-28 |
| 264232 | Ports & Packages | Individual Port(s) | bofh | Closed | FIXED | www/mattermost-{server,webapp}: Update to 7.3.0 | 2023-02-23 |
| 211613 | Ports & Packages | Individual Port(s) | brd | Closed | FIXED | net-mgmt/collectd5: Update to 5.5.2 (Fixes security vulnerability: CVE-2016-6254) | 2016-08-14 |
| 204551 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | graphics/png: buffer overflows in libpng 1.6.18 (CVE-2015-8126) | 2015-11-17 |
| 210539 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | lang/python33: HTTP Header Injection in Python urllib (CVE-2016-5699) | 2016-11-30 |
| 211274 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | databases/mariadb*-server: Multiple vulnerabilities | 2016-08-08 |
| 220438 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | devel/oniguruma6: Update to 6.4.0 | 2017-10-09 |
| 228148 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | databases/mariadb101-server: Update to 10.1.33 | 2018-05-13 |
| 239981 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | databases/mariadb104-{server,client}: Update to 10.4.7 (with 5 CVEs fixed) | 2019-11-29 |
| 245016 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | www/nextcloud: Update to 18.0.3 | 2020-05-23 |
| 261969 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | databases/mariadb10[345]-server: Update to latest versions (security releases) | 2022-02-19 |
| 264170 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | databases/mariadb103-server: Update to 10.3.35 (includes security fixes) | 2022-05-24 |
| 26286 | Documentation | Manual Pages | bugs | Closed | Overcome By Eve | *printf(3) etc should gain format string warnings | 2022-07-22 |
| 206573 | Base System | misc | bugs | Closed | FIXED | Improper userland pointer handling in aacraid | 2016-05-06 |
| 206579 | Base System | kern | bugs | Closed | Not A Bug | amr(4): Multiple vulnerabilities in AMR ioctl handler | 2016-01-25 |
| 244625 | Ports & Packages | Individual Port(s) | chromium | Closed | FIXED | www/chromium: [patch] Please update to 80.x | 2020-03-11 |
| 245019 | Ports & Packages | Individual Port(s) | chromium | Closed | FIXED | www/chromium: Update to 80.0.3987.149 | 2020-03-25 |
| 261410 | Ports & Packages | Individual Port(s) | cmt | Closed | FIXED | www/firefox: Update to 96.0.3 (unfixed security vulnerabilities) | 2022-01-28 |
| 228239 | Ports & Packages | Individual Port(s) | cs | Closed | FIXED | archivers/p7zip: Current version is vulnerable (CVE-2018-10115) | 2021-12-11 |
| 234113 | Base System | misc | cy | Closed | FIXED | Update SQlite to 3.26.0 | 2019-01-09 |
| 241066 | Ports & Packages | Individual Port(s) | cy | Closed | FIXED | graphics/xpdf3: Backport fix for CVE-2019-16927 and CVE-2019-9877 | 2019-10-19 |
| 257148 | Ports & Packages | Individual Port(s) | cy | Closed | FIXED | x11/cde: Update to 2.4.0 | 2021-09-14 |
| 267617 | Ports & Packages | Individual Port(s) | cy | Closed | FIXED | security/sudo: Update to 1.9.12p1 | 2022-11-08 |
| 233455 | Ports & Packages | Individual Port(s) | danfe | Closed | FIXED | devel/patch affected by multiple vulnerabilities | 2020-01-26 |
| 220742 | Ports & Packages | Individual Port(s) | dbaio | Closed | FIXED | net-mgmt/cacti: Update to 1.1.13 (Fixes security vulnerability) | 2017-07-17 |
| 244279 | Ports & Packages | Individual Port(s) | dbaio | Closed | FIXED | net-im/py-matrix-synapse: Update to 1.12.3 | 2020-04-22 |
| 246738 | Ports & Packages | Individual Port(s) | dbaio | Closed | FIXED | lang/python36: Update to 3.6.11 | 2020-06-13 |
| 246984 | Ports & Packages | Individual Port(s) | dbaio | Closed | FIXED | lang/python* Fix CVE-2020-8492, CVE-2019-18348 | 2020-06-22 |
| 248162 | Ports & Packages | Individual Port(s) | dbaio | Closed | FIXED | net-mgmt/snmptt: Update to 1.4.2 | 2020-08-15 |
| 255102 | Ports & Packages | Individual Port(s) | dbaio | Closed | FIXED | net/libzmq4: Update to 4.3.4 (Fixes security vulnerabilities) | 2021-05-26 |
| 256220 | Ports & Packages | Individual Port(s) | dbaio | Closed | FIXED | devel/py-yaml: update to 5.4.1 | 2021-06-02 |
| 246569 | Ports & Packages | Individual Port(s) | delphij | Closed | FIXED | dns/unbound: Update to 1.10.1 | 2020-05-22 |
| 256405 | Ports & Packages | Individual Port(s) | desktop | Closed | FIXED | sysutils/polkit: Update to 0.119 | 2021-08-01 |
| 261482 | Ports & Packages | Individual Port(s) | desktop | Closed | FIXED | sysutils/polkit: Add upstream fix for CVE-2021-4034 "pwnkit" security vulnerability | 2022-01-27 |
| 258354 | Ports & Packages | Individual Port(s) | diizzy | Closed | FIXED | graphics/libpano13: Update to 2.9.20 | 2021-09-23 |
| 271695 | Ports & Packages | Individual Port(s) | diizzy | Closed | FIXED | graphics/webp: Patch CVE-2023-1999 | 2023-06-06 |
| 230595 | Ports & Packages | Individual Port(s) | dinoex | Closed | FIXED | www/lighttpd: Update to 1.4.50 | 2018-09-20 |
| 241308 | Ports & Packages | Individual Port(s) | dmgk | Closed | FIXED | devel/nexus2-oss: Update to 2.14.15-01 | 2019-11-09 |
| 234013 | Ports & Packages | Individual Port(s) | doceng | Closed | FIXED | print/ghostscript9-agpl-base: Update to 9.26 (Fixes several security vulnerabilities) | 2018-12-23 |
| 268754 | Ports & Packages | Individual Port(s) | dvl | Closed | FIXED | devel/viewvc-devel: update to 1.3.0-20230104 | 2023-01-13 |
| 266530 | Ports & Packages | Individual Port(s) | eduardo | Closed | FIXED | www/grafana{8,9}: Update to 8.5.13 and 9.1.6 (Fixes security vulnerability) | 2022-09-21 |
| 267466 | Ports & Packages | Individual Port(s) | eduardo | Closed | FIXED | www/webtrees: Update to 1.7.20 (security release) | 2022-12-29 |
| 267728 | Ports & Packages | Individual Port(s) | eduardo | Closed | FIXED | www/grafana{8,9}: Update to 8.5.15 and 9.2.4 (fixes security vulnerabilities) | 2022-11-13 |
| 269147 | Ports & Packages | Individual Port(s) | eduardo | Closed | FIXED | security/vuxml: document CVE-2018-21232 for devel/re2c < 2.0 | 2023-01-25 |
| 269226 | Ports & Packages | Individual Port(s) | eduardo | Closed | FIXED | security/vuxml: document CVE-2021-42835 for multimedia/plexmediaserver < 1.25.0 | 2023-01-30 |
| 273691 | Ports & Packages | Individual Port(s) | eduardo | Closed | FIXED | www/gitea: Update to 1.20.4 (fixes security vulnerabilities) | 2023-09-10 |
| 271839 | Base System | bin | emaste | Closed | FIXED | crypto/openssh: Status of CVE-2023-28531 | 2023-06-21 |
| 213831 | Ports & Packages | Individual Port(s) | emulation | Closed | FIXED | www/linux-c6-flashplugin11: 11.2r202.637 vulnerable, Update to >= 11.2r202.643 | 2016-10-27 |
| 234103 | Ports & Packages | Individual Port(s) | enlightenment | Closed | FIXED | x11/terminology: Update to 1.3.1 (Fixes CVE-2018-20167: Incorrect escaping of crafted files results in code execution) | 2018-12-21 |
| 201374 | Ports & Packages | Individual Port(s) | feld | Closed | FIXED | [MAINTAINER] www/squid: Update to 3.5.6 | 2015-07-17 |
| 206372 | Ports & Packages | Individual Port(s) | feld | Closed | FIXED | graphics/imlib2: Update to 1.4.7 | 2016-01-22 |
| 207304 | Ports & Packages | Individual Port(s) | feld | Closed | FIXED | lang/go: Merge 406071 (security vulnerability fix) to quarterly branch 2016Q1 | 2016-02-24 |
| 210550 | Ports & Packages | Individual Port(s) | feld | Closed | FIXED | security/vuxml: CVE-2016-2177 missing for security/openssl | 2016-07-01 |
| 211575 | Ports & Packages | Individual Port(s) | feld | Closed | FIXED | ftp/curl: Update to 7.50.1 (Fixes 3 Security Vulnerabilities), security/vuxml: Add entry | 2016-08-04 |
| 212207 | Ports & Packages | Individual Port(s) | feld | Closed | FIXED | graphics/mupdf: CVE-2016-6525, CVE-2016-6265 | 2016-10-12 |
| 212455 | Ports & Packages | Individual Port(s) | feld | Closed | FIXED | ftp/curl: Security Vulnerability: CVE-2016-7141 <= 7.50.2 | 2016-10-09 |
| 213603 | Ports & Packages | Individual Port(s) | feld | Closed | FIXED | www/node4: Update to 4.6.1 | 2016-10-28 |
| 213604 | Ports & Packages | Individual Port(s) | feld | Closed | FIXED | www/node: Update to 6.9.1 | 2016-10-28 |
| 214000 | Ports & Packages | Individual Port(s) | feld | Closed | FIXED | ftp/curl: Update to 7.51.0 (Fixes multiple vulnerabilities) | 2016-11-02 |
| 215085 | Ports & Packages | Individual Port(s) | feld | Closed | FIXED | devel/libdwarf: Update to 20161124 (Fixes many security vulnerabilities) | 2017-01-09 |
| 251385 | Ports & Packages | Individual Port(s) | fernape | Closed | FIXED | devel/binutils: Update to 2.37 | 2021-08-21 |
| 255292 | Ports & Packages | Individual Port(s) | fernape | Closed | FIXED | irc/ircII: Update to 20210314 (CVE-2021-29376: irc/scrollz, irc/bitchx also affected) | 2022-12-01 |
| 255368 | Ports & Packages | Individual Port(s) | fernape | Closed | FIXED | devel/binutils: Backport patch fixing CVE-2021-3487 | 2021-08-18 |
| 262693 | Ports & Packages | Individual Port(s) | fernape | Closed | FIXED | irc/scrollz: Update to 2.3.1 | 2022-04-12 |
| 262879 | Ports & Packages | Individual Port(s) | fernape | Closed | FIXED | dns/powerdns dns/powerdns-recursor: Update to 4.6.1 (fixes CVE-2022-27227) + fix building against LibreSSL | 2022-04-06 |
| 265036 | Ports & Packages | Individual Port(s) | fernape | Closed | FIXED | net-im/gotosocial: upgrade to 0.3.7 | 2022-07-07 |
| 267507 | Ports & Packages | Individual Port(s) | fernape | Closed | FIXED | www/darkhttpd: Update to 1.14 (Fixes CVE-2020-25691) | 2022-11-08 |
| 269154 | Ports & Packages | Individual Port(s) | fernape | Closed | FIXED | sysutils/node_exporter: update to 1.5.0 | 2023-02-04 |
| 269170 | Ports & Packages | Individual Port(s) | fernape | Closed | FIXED | net/kafka: update to 3.3.2 | 2023-02-05 |
| 269221 | Ports & Packages | Individual Port(s) | fernape | Closed | Overcome By Eve | security/vuxml: document CVE-2017-11610 and CVE-2019-12105 for outdated versions of sysutils/py-supervisor | 2023-09-02 |
| 269667 | Ports & Packages | Individual Port(s) | fernape | Closed | FIXED | security/vuxml: document CVE-2022-39282 and CVE-2022-39283 for net/freerdp | 2023-02-24 |
| 271108 | Ports & Packages | Individual Port(s) | fernape | Closed | FIXED | net/cloud-init: (and net/cloud-init-devel) security update | 2023-05-01 |
| 271141 | Ports & Packages | Individual Port(s) | fernape | Closed | FIXED | security/vuxml: vulnerabilities for the emulators/virtualbox-ose family, 6.⋯ versions prior to 6.1.46 | 2023-07-20 |
| 235930 | Ports & Packages | Individual Port(s) | flo | Closed | FIXED | databases/percona56-{server,client}: Update to 5.6.43-84.3 (fixes several vulnerabilities) | 2019-08-22 |
| 248673 | Ports & Packages | Individual Port(s) | flo | Closed | FIXED | net/ceph14: Update to 14.2.11 | 2020-08-30 |
| 261576 | Ports & Packages | Individual Port(s) | flo | Closed | FIXED | www/gitea: Update to 1.16.4 (was: 1.15.11: fixes security vulnerability) | 2022-03-29 |
| 262196 | Ports & Packages | Individual Port(s) | flo | Closed | FIXED | www/typo3-10: Update to 10.4.25 | 2022-02-27 |
| 262197 | Ports & Packages | Individual Port(s) | flo | Closed | FIXED | www/typo3-11: Update to 11.5.7 | 2022-02-27 |
| 262898 | Ports & Packages | Individual Port(s) | flo | Closed | FIXED | www/gitea: Update to 1.16.5 (fixes security vulnerabilities) | 2022-03-29 |
| 269131 | Ports & Packages | Individual Port(s) | flo | Closed | FIXED | www/gitea: update to 1.18.3 (fixes security vulnerabilities) | 2023-01-24 |
| 269707 | Ports & Packages | Individual Port(s) | flo | Closed | FIXED | www/gitea: update to 1.18.4 (fixes security vulnerabilities) | 2023-02-20 |
| 243686 | Ports & Packages | Individual Port(s) | fluffy | Closed | FIXED | mail/opensmtpd: Update to v6.6.2p1 (Fixes critical LPE / RCE vulnerability) | 2020-01-31 |
| 249187 | Ports & Packages | Individual Port(s) | fluffy | Closed | FIXED | lang/python35: Update to 3.5.10 | 2020-09-25 |
| 255937 | Ports & Packages | Individual Port(s) | fluffy | Closed | FIXED | databases/mysql80-server: Update to 8.0.25 (Fixes security vulnerability) | 2021-05-24 |
| 274235 | Ports & Packages | Individual Port(s) | fluffy | Closed | FIXED | mail/exim: update 4.96 -> 4.96.1 to fix several CVEs | 2023-10-03 |
| 268656 | Ports & Packages | Individual Port(s) | fuz | Closed | FIXED | www/minio: multiple vulnerabilities | 2023-03-27 |
| 252583 | Ports & Packages | Individual Port(s) | garga | Closed | FIXED | security/sudo: Update to 1.9.5 | 2021-01-13 |
| 267177 | Ports & Packages | Individual Port(s) | garga | Closed | FIXED | devel/git: Update to 2.38.1 (security release) | 2022-10-19 |
| 269030 | Ports & Packages | Individual Port(s) | garga | Closed | FIXED | [PATCH] security/sudo update 1.9.12p2 (fix CVE-2023-22809) | 2023-02-27 |
| 269655 | Ports & Packages | Individual Port(s) | garga | Closed | FIXED | security/vuxml: document CVE-2023-22490 and CVE-2023-23946 for devel/git, www/gitlab-ce, … | 2023-02-21 |
| 241420 | Ports & Packages | Individual Port(s) | gnome | Closed | Overcome By Eve | textproc/libxslt: Fix CVE-2019-18197 | 2020-01-26 |
| 272586 | Ports & Packages | Individual Port(s) | grahamperrin | Closed | DUPLICATE | emulators/virtualbox-ose: FORBIDDEN for all 6.1.4⋯ versions of ports in the family | 2023-07-19 |
| 264523 | Ports & Packages | Individual Port(s) | horde | Closed | FIXED | mail/horde-turba: Update to 4.2.29 (4.2.26 fixes RCE security vulnerability: CVE-2022-30287) | 2022-10-14 |
| 224191 | Ports & Packages | Individual Port(s) | hrs | Closed | FIXED | security/heimdal: update to 7.5.0 (security update, fixes remote DoS) | 2018-02-28 |
| 238635 | Ports & Packages | Individual Port(s) | hrs | Closed | Overcome By Eve | security/heimdal: Update to 7.7 (7.6 and 7.7 addresses two CVEs plus bugfixes) | 2020-07-04 |
| 239994 | Ports & Packages | Individual Port(s) | jbeich | Closed | FIXED | www/cliqz: Update to 1.28.2 | 2019-09-03 |
| 256274 | Ports & Packages | Individual Port(s) | jbeich | Closed | FIXED | x11-toolkits/wlroots: fix CVE-2013-2003 | 2021-05-31 |
| 264435 | Base System | bhyve | jhb | Closed | FIXED | bhyve: hda_write() can index (and jump) beyond end of array | 2023-02-01 |
| 231718 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | www/apache24: Update to 2.4.35 | 2018-09-27 |
| 232123 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | www/gitea: Update to 1.5.1 (Fixes security vulnerability) | 2018-10-16 |
| 233420 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | mail/phpmailer: Update to 5.2.27 (Fixes CVE-2018-19296) | 2018-11-25 |
| 234006 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | www/typo3-8: Update to 8.7.22 | 2018-12-15 |
| 234008 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | www/typo3-9: Update to 9.5.3 | 2018-12-15 |
| 235140 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | www/gitea: Update to 1.7.0 (Fixes security vulnerabilities) | 2019-01-27 |
| 237938 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | www/drupal7: update to 7.67 | 2019-06-10 |
| 239897 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | www/jetty9: Update to 9.4.20 | 2020-04-03 |
| 239964 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | dns/nsd: Update to 4.2.2 | 2019-08-19 |
| 241870 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | databases/mysql56-server: Update to 5.6.46 (< 5.6.46 is vulnerable to many CVE's) | 2020-01-20 |
| 242707 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | www/typo3-8: Update to 8.7.30 | 2019-12-26 |
| 242708 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | www/typo3-9: Update to 9.5.12 | 2019-12-26 |
| 243437 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | www/gitea: Update to 1.10.3 (fixes security vulnerabilities) | 2020-01-28 |
| 243952 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | www/nginx: Versions < 1.17.7, with certain error_page configurations, allows HTTP request smuggling (CVE-2019-20372) | 2020-02-21 |
| 244136 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | www/mattermost-{webapp,server}: Update to 5.21.0 | 2020-07-23 |
| 244971 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | www/glpi: Update to 9.4.5 | 2020-06-10 |
| 244987 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | www/tomcat9: MFH port r526773 (Security update: CVE-2020-1938) | 2020-04-02 |
| 247406 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | deskutils/anydesk: Update to 5.5.5 | 2020-11-02 |
| 247555 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | security/vuxml tomcat vulnerability CVE-2020-11996 | 2020-07-23 |
| 248139 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | net-mgmt/cacti: Update to 1.2.13 | 2020-07-28 |
| 255748 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | databases/mysql57-server: Update to 5.7.34 (fixes security vulnerabilities??) | 2021-08-26 |
| 258021 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | net-mgmt/icinga2: Update to 2.12.6 (security/bugfix release) | 2021-10-17 |
| 260675 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | www/matomo: Update to 4.6.2 | 2021-12-31 |
| 261499 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | databases/phpmyadmin5 : Update to 5.1.2 | 2022-02-02 |
| 261527 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | www/mod_security: Update to 2.9.5 | 2022-03-04 |
| 270037 | Ports & Packages | Individual Port(s) | joneum | Closed | FIXED | www/apache24: Security Update to 2.4.56 | 2023-03-15 |
| 237501 | Ports & Packages | Individual Port(s) | jpaetzel | Closed | FIXED | devel/py-yaml: Update to 5.1 | 2020-01-13 |
| 252291 | Ports & Packages | Individual Port(s) | jrm | Closed | FIXED | irc/inspircd: Update to 3.8.1 (fixes security vulnerability) | 2021-01-01 |
| 238787 | Base System | kern | jtl | Closed | FIXED | IPv6 remote DoS (panic) vulnerability via m_pulldown() bug | 2019-11-13 |
| 203479 | Ports & Packages | Individual Port(s) | junovitch | Closed | FIXED | devel/gdcm: Update to version 2.6.3 (Fixes security vulnerability) | 2016-02-01 |
| 204016 | Ports & Packages | Individual Port(s) | junovitch | Closed | FIXED | www/joomla31: update to 3.4.5 (multiple security advisories) | 2015-11-03 |
| 206015 | Ports & Packages | Individual Port(s) | junovitch | Closed | FIXED | net/dhcpcd: Update to 6.10.0 (Fixes security vulnerabilities) | 2016-01-08 |
| 206808 | Ports & Packages | Individual Port(s) | junovitch | Closed | FIXED | net/samba36: security/vuxml: ineffective vuxml entry | 2016-02-27 |
| 206906 | Ports & Packages | Individual Port(s) | junovitch | Closed | FIXED | sysutils/py-salt: Update to 2015.8.5 (Fixes CVE-2016-1866) | 2016-02-05 |
| 207334 | Ports & Packages | Individual Port(s) | junovitch | Closed | FIXED | lang/bsh: Update to version 2.0b6 (Fixes security vulnerability, CVE-2016-2510) | 2016-02-21 |
| 211693 | Ports & Packages | Individual Port(s) | junovitch | Closed | FIXED | dns/nsd: Update to 4.1.11 (Fixes security vulnerability: Fixes CVE-2016-6173) | 2016-08-10 |
| 214546 | Ports & Packages | Individual Port(s) | junovitch | Closed | FIXED | www/libwww: Security vulnerabilities | 2016-11-29 |
| 239013 | Ports & Packages | Individual Port(s) | kai | Closed | FIXED | net-im/py-matrix-synapse: Update to 1.2.1 | 2019-07-29 |
| 240046 | Ports & Packages | Individual Port(s) | kai | Closed | FIXED | www/gitea: Update to 1.9.2 (fixes security vulnerabilities) | 2019-08-25 |
| 241268 | Ports & Packages | Individual Port(s) | kai | Closed | FIXED | graphics/py-pillow: Update to 6.2.0 | 2019-10-20 |
| 243336 | Ports & Packages | Individual Port(s) | kai | Closed | FIXED | graphics/py-pillow: Update to 6.2.2 | 2020-01-28 |
| 258518 | Ports & Packages | Individual Port(s) | kai | Closed | FIXED | lang/python36: Update to 3.6.15 | 2021-09-19 |
| 258519 | Ports & Packages | Individual Port(s) | kai | Closed | FIXED | Bump lang/python37 to 3.7.12 | 2021-09-19 |
| 261791 | Ports & Packages | Individual Port(s) | kai | Closed | FIXED | devel/py-twisted: Update to 22.1.0 (includes a security update) | 2022-02-13 |
| 270923 | Ports & Packages | Individual Port(s) | kai | Closed | FIXED | security/vuxml: 18 new entries for vulnerable ports | 2023-09-03 |
| 255492 | Ports & Packages | Individual Port(s) | kbowling | Closed | FIXED | irc/ircII: Update to 20210314 (fixes CVE-2021-29376) | 2021-06-15 |
| 257153 | Ports & Packages | Individual Port(s) | kbowling | Closed | FIXED | www/tomcat{7,85,9,10,-devel}: Update to 7.0.109, 8.5.69, 9.0.50, 10.0.8, 10.1.0-M2 | 2021-11-02 |
| 245517 | Ports & Packages | Individual Port(s) | kevans | Closed | FIXED | net/freerdp: Update to 2.1.1 | 2020-06-17 |
| 252564 | Ports & Packages | Individual Port(s) | kevans | Closed | FIXED | devel/nexus2-oss: update to 2.14.20-02 | 2021-09-29 |
| 219154 | Base System | bin | kib | Closed | FIXED | [PATCH] buffer overflows in realpath(3) | 2017-12-17 |
| 237922 | Base System | kern | kib | Closed | FIXED | Kernel stack disclosure in function freebsd32_swapcontext of sys/arm64/arm64/freebsd32_machdep.c | 2019-12-15 |
| 207053 | Ports & Packages | Individual Port(s) | koobs | Closed | FIXED | graphics/py-pillow: Backport security fixes from 3.1.1. | 2016-02-13 |
| 221539 | Ports & Packages | Individual Port(s) | koobs | Closed | FIXED | sysutils/py-supervisor: Update to 3.3.3, Fixes security vulnerability | 2017-09-19 |
| 226906 | Ports & Packages | Individual Port(s) | koobs | Closed | FIXED | security/py-cryptography: Update to 2.3 (Fixes build with libressl* 2.7) | 2018-08-22 |
| 230575 | Ports & Packages | Individual Port(s) | koobs | Closed | FIXED | net/libzmq4: Update to 4.3.1 | 2019-07-01 |
| 246808 | Ports & Packages | Individual Port(s) | koobs | Closed | DUPLICATE | lang/python36: Update to 3.6.10 (and backport security fixes) | 2020-06-15 |
| 238199 | Ports & Packages | Individual Port(s) | kwm | Closed | FIXED | graphics/ImageMagick7: Update to 7.0.8-47 (Fixes many vulnerabilities) | 2019-05-30 |
| 239003 | Ports & Packages | Individual Port(s) | kwm | Closed | FIXED | www/webkit2-gtk3: Update to 2.24.3 (fixes many code execution vulnerabilities) | 2019-08-29 |
| 240174 | Ports & Packages | Individual Port(s) | ler | Closed | FIXED | mail/dovecot: Update to 2.3.7.2 (Fixes CVE-2019-11500) | 2019-08-29 |
| 248640 | Ports & Packages | Individual Port(s) | ler | Closed | FIXED | mail/dovecot: Update to 2.3.11.3 | 2020-08-15 |
| 200543 | Ports & Packages | Individual Port(s) | lwhsu | Closed | FIXED | www/py-django: CVE-2015-3982 - Fixed session flushing in the cached_db backend | 2015-06-08 |
| 247720 | Ports & Packages | Individual Port(s) | lwhsu | Closed | FIXED | net-im/py-matrix-synapse: Update to 1.15.2 (security) | 2020-07-05 |
| 273563 | Ports & Packages | Individual Port(s) | lwhsu | Closed | FIXED | net-im/py-matrix-synapse: update to 1.93.0 | 2023-10-27 |
| 244212 | Ports & Packages | Individual Port(s) | madpilot | Closed | FIXED | emulators/virtualbox-ose: Update to 5.2.44 | 2020-07-19 |
| 247987 | Ports & Packages | Individual Port(s) | madpilot | Closed | FIXED | security/vuxml: emulators/virtualbox-ose 23 CVEs | 2020-07-19 |
| 240368 | Ports & Packages | Individual Port(s) | mandree | Closed | FIXED | devel/oniguruma: Update to 6.9.3 (Fixes CVE-2019-13224) | 2019-09-07 |
| 257480 | Ports & Packages | Individual Port(s) | mandree | Closed | FIXED | mail/fetchmail: Update to 6.4.20 (security fix) | 2021-07-29 |
| 270823 | Ports & Packages | Individual Port(s) | mandree | Closed | FIXED | print/ghostscript9-agpl-base: please check for CVE-2023-28879 | 2023-05-01 |
| 263624 | Ports & Packages | Individual Port(s) | marcus | Closed | Overcome By Eve | net/netatalk3: Update to 3.1.13 (Fixes multiple/many security vulnerabilities) | 2022-05-06 |
| 241362 | Ports & Packages | Individual Port(s) | mat | Closed | Not Accepted | dns/bind911: Merge ports r514624 (9.11.12) to 2019Q4 (Fixes security vulnerability) | 2019-10-20 |
| 262662 | Ports & Packages | Individual Port(s) | mat | Closed | FIXED | dns/bind91{1,6,8}: CVE-2021-25220 CVE-2022-0396 CVE-2022-0635 CVE-2022-0667 | 2022-03-25 |
| 220031 | Ports & Packages | Individual Port(s) | matthew | Closed | FIXED | www/rt44: Add security patches from BestPractical | 2017-06-17 |
| 233953 | Ports & Packages | Individual Port(s) | matthew | Closed | FIXED | databases/phpmyadmin: Update to 4.84 | 2018-12-12 |
| 260575 | Ports & Packages | Individual Port(s) | matthew | Closed | FIXED | www/grafana7: Update to 7.5.12 (Fixes security vulnerabilities) | 2022-01-09 |
| 260373 | Ports & Packages | Individual Port(s) | mfechner | Closed | FIXED | textproc/apache-solr: Update to 8.11 (Fixes security vulnerability) | 2021-12-17 |
| 260594 | Ports & Packages | Individual Port(s) | mikael | Closed | FIXED | mail/opendmarc: update to 1.4.2 | 2021-12-30 |
| 267465 | Ports & Packages | Individual Port(s) | mikael | Closed | FIXED | www/webtrees20: Update to 2.0.25 (.24 was a security release) | 2023-01-16 |
| 206129 | Ports & Packages | Individual Port(s) | miwi | Closed | FIXED | lang/php55 lang/php56: Update to latest versions (5.5.31, 5.6.17) - Fixes Security Vulnerabilities | 2016-01-11 |
| 221014 | Ports & Packages | Individual Port(s) | mm | Closed | FIXED | net-im/jabberd: Update to 2.6.1 (Fixes security vulnerability: CVE-2017-10807) | 2017-07-27 |
| 218934 | Ports & Packages | Individual Port(s) | mmokhi | Closed | FIXED | databases/mysql57-server: Quarterly (2017Q2) branch version vulnerable | 2017-04-29 |
| 237398 | Ports & Packages | Individual Port(s) | mmokhi | Closed | FIXED | databases/mysql56-server: Update to 5.6.44 (Fixes multiple CVE) | 2019-05-13 |
| 237399 | Ports & Packages | Individual Port(s) | mmokhi | Closed | FIXED | databases/mysql57-server: Update to 5.7.26 (Fixes multiple CVE) | 2019-05-13 |
| 243566 | Ports & Packages | Individual Port(s) | multimedia | Closed | FIXED | audio/taglib: Update to 1.12b1 (fixes CVE-2018-11439) | 2020-05-02 |
| 206581 | Base System | kern | net | Closed | FIXED | bxe_ioctl_nvram handler is faulty | 2018-05-23 |
| 220823 | Ports & Packages | Individual Port(s) | olivier | Closed | FIXED | security/strongswan: Update to 5.5.3 (Fixes security vulnerabilities) | 2017-07-23 |
| 206698 | Ports & Packages | Individual Port(s) | osa | Closed | FIXED | www/nginx www/nginx-devel: Update to security releases 1.8.1 & 1.9.10 respectively | 2016-01-30 |
| 220664 | Ports & Packages | Individual Port(s) | osa | Closed | FIXED | www/nginx www/nginx-devel: Update to latest versions (fixing CVE-2017-7529) | 2017-07-12 |
| 258936 | Ports & Packages | Individual Port(s) | osa | Closed | FIXED | databases/redis{,5,6}: Update to latest releases | 2021-10-05 |
| 260390 | Ports & Packages | Individual Port(s) | otis | Closed | Overcome By Eve | sysutils/logstash7: Update to 7.16.1 | 2021-12-20 |
| 260391 | Ports & Packages | Individual Port(s) | otis | Closed | Overcome By Eve | textproc/elasticsearch7: Update to 7.16.1 | 2021-12-20 |
| 261789 | Ports & Packages | Individual Port(s) | otis | Closed | FIXED | www/node16: Update to 16.14.0 (LTS) | 2022-06-04 |
| 211561 | Ports & Packages | Individual Port(s) | perl | Closed | FIXED | lang/perl5.20, 5.22 & 5.24: Multiple Vulnerabilities | 2016-08-15 |
| 270723 | Ports & Packages | Individual Port(s) | philip | Closed | FIXED | VuXML new entries for 20 vulnerable ports | 2023-04-12 |
| 270744 | Ports & Packages | Individual Port(s) | philip | Closed | FIXED | security/vuxml: 20 new entries for vulnerable ports | 2023-04-12 |
| 213495 | Ports & Packages | Individual Port(s) | pi | Closed | FIXED | dns/c-ares: Update to 1.12.0 (CVE-2016-5180) | 2016-10-20 |
| 219863 | Ports & Packages | Individual Port(s) | pi | Closed | FIXED | security/tor: Update to 0.3.0.8 (Security fixes) | 2017-07-25 |
| 219864 | Ports & Packages | Individual Port(s) | pi | Closed | FIXED | security/tor-devel: Update to 0.3.1.3-alpha | 2017-07-25 |
| 236570 | Ports & Packages | Individual Port(s) | pi | Closed | FIXED | databases/percona57-{server,client} update to 5.7.26-29 (fixes several vulnerabilities) | 2019-12-10 |
| 239717 | Ports & Packages | Individual Port(s) | pi | Closed | FIXED | databases/mongodb34: Update to 3.4.22 (bugfix & security release) | 2019-10-11 |
| 240126 | Ports & Packages | Individual Port(s) | pi | Closed | FIXED | databases/mongodb36: Update to 3.6.14 (bugfix & security release) | 2019-10-11 |
| 240399 | Ports & Packages | Individual Port(s) | pi | Closed | FIXED | net/kea: Update to 1.6.0 | 2019-09-20 |
| 240505 | Ports & Packages | Individual Port(s) | pi | Closed | FIXED | mail/opendmarc: fix multiple addresses in From vulnerability | 2021-12-30 |
| 246061 | Ports & Packages | Individual Port(s) | pi | Closed | FIXED | sysutils/py-salt: Update to 2019.2.4 (CVE fix) | 2020-05-16 |
| 247394 | Ports & Packages | Individual Port(s) | pi | Closed | FIXED | databases/mongodb36: Update to 3.6.18 | 2020-06-29 |
| 247713 | Ports & Packages | Individual Port(s) | pi | Closed | FIXED | www/trafficserver: update to fix CVE-2020-9494, add vuxml entry | 2020-08-10 |
| 255417 | Ports & Packages | Individual Port(s) | pi | Closed | FIXED | www/drupal7: Update to 7.80 (fixes security vulnerability) | 2021-06-06 |
| 256860 | Ports & Packages | Individual Port(s) | pi | Closed | FIXED | mail/dovecot: Update to 2.3.15 | 2021-07-04 |
| 211113 | Ports & Packages | Individual Port(s) | portmgr | Closed | FIXED | graphics/tiff: Backport fixes for CVE-2016-5875, CVE-2016-3186 | 2016-07-27 |
| 260421 | Ports & Packages | Package Infrastruc | portmgr | Closed | FIXED | devel/log4j: Security vulnerability tracking issue (CVE-2021-44228 / CVE-2021-45046) | 2023-03-01 |
| 270357 | Ports & Packages | Individual Port(s) | portmgr | Closed | FIXED | ftp/curl: Update to 8.0.1 | 2023-04-18 |
| 204500 | Ports & Packages | Individual Port(s) | ports-bugs | Closed | FIXED | mail/phpmailer: Update to 5.2.14, Take MAINTAINER'ship, Add VuXML entry. | 2015-12-03 |
| 241422 | Ports & Packages | Individual Port(s) | ports-bugs | Closed | Feedback Timeou | textproc/unoconv: Update to 0.8.2, Fix CVE-2019-17400 | 2020-07-23 |
| 243518 | Ports & Packages | Individual Port(s) | ports-bugs | Closed | FIXED | net-p2p/rslsync: Update to 2.6.4 | 2020-05-23 |
| 245153 | Ports & Packages | Individual Port(s) | ports-bugs | Closed | FIXED | www/piwigo: Update to 2.10.2 (Bugfix and security release) | 2020-05-23 |
| 249473 | Ports & Packages | Individual Port(s) | ports-bugs | Closed | FIXED | www/tt-rss: Update to g20200919 (Fixes several security vulnerabilities) | 2020-09-30 |
| 257582 | Ports & Packages | Individual Port(s) | ports-bugs | Closed | Overcome By Eve | mail/opendmarc: Update to 1.4.1.1; Add ARC support | 2021-12-25 |
| 257757 | Ports & Packages | Individual Port(s) | ports-bugs | Closed | Overcome By Eve | www/typo3-10: Update to 10.4.19 | 2021-10-05 |
| 257758 | Ports & Packages | Individual Port(s) | ports-bugs | Closed | Overcome By Eve | www/typo3-9: Update to 9.5.29 | 2021-10-05 |
| 258834 | Ports & Packages | Individual Port(s) | ports-bugs | Closed | FIXED | security/ca_root_nss: request to remove outdated "DST Root CA X3" cert b/c of collateral damage | 2022-11-07 |
| 264082 | Ports & Packages | Individual Port(s) | ports-bugs | Closed | Overcome By Eve | www/grafana{7,8}: Update to 8.5.3 and 7.5.16 (Fixes security vulnerability) | 2022-11-07 |
| 266133 | Ports & Packages | Individual Port(s) | ports-bugs | Closed | FIXED | databases/mariadb10[456]-server: update to latest security releases | 2022-09-09 |
| 210420 | Ports & Packages | Individual Port(s) | ports-secteam | Closed | FIXED | security/vuxml: Security Vulnerability in wget (CVE-2016-4971) | 2016-06-21 |
| 211100 | Ports & Packages | Individual Port(s) | ports-secteam | Closed | Overcome By Eve | editors/libreoffice: Update to latest version, security vulnerability (CVE-2016-4324) | 2018-02-23 |
| 211248 | Ports & Packages | Individual Port(s) | ports-secteam | Closed | FIXED | databases/mysql55-server, databases/mysql56-server, databases/mysql57-server: Multiple CVE | 2017-04-25 |
| 211405 | Ports & Packages | Individual Port(s) | ports-secteam | Closed | FIXED | graphics/tiff: Remove gif2tiff (Reporting still vulnerable to CVE-2016-5102) | 2016-08-06 |
| 212606 | Ports & Packages | Individual Port(s) | ports-secteam | Closed | FIXED | databases/mysql*-server, databases/percona*-server: CVE 2016-6662 | 2016-11-27 |
| 220849 | Ports & Packages | Individual Port(s) | ports-secteam | Closed | FIXED | databases/mysql55-server databases/mysql56-server databases/mysql57-server security/vuxml: Update to latest (Fixes security vulnerabilities) | 2017-08-07 |
| 229860 | Ports & Packages | Individual Port(s) | ports-secteam | Closed | FIXED | databases/mysql57-server: Update to 5.7.23 (Fixes multiple CVE's) | 2018-08-14 |
| 233749 | Ports & Packages | Individual Port(s) | ports-secteam | Closed | Overcome By Eve | net/samba47, net/samba48: Merge ports r486043 to 2018Q4 (Fixes several vulnerabilities) | 2019-01-02 |
| 233896 | Ports & Packages | Individual Port(s) | ports-secteam | Closed | FIXED | archivers/libmspack: Update to 0.9.1 (Fixes several security vulnerabilities) | 2020-07-24 |
| 266591 | Ports & Packages | Individual Port(s) | ports-secteam | Closed | Overcome By Eve | security/vuxml: Add nodejs September 22nd 2022 Security Releases | 2024-02-13 |
| 263060 | Ports & Packages | Individual Port(s) | python | Closed | FIXED | devel/py-py: Update to 1.10.0 (security) -> 1.11.0 (for @py311 support) | 2023-09-01 |
| 270767 | Ports & Packages | Individual Port(s) | python | Closed | FIXED | lang/python311 backport 3.11.3 to quarterly | 2023-06-16 |
| 206072 | Ports & Packages | Individual Port(s) | rakuco | Closed | FIXED | textproc/py-pygments: Add patch for CVE-2015-8557 | 2016-01-17 |
| 211114 | Ports & Packages | Individual Port(s) | rakuco | Closed | FIXED | archivers/p7zip: update to 15.14.1 (Fixes security vulnerabilities) | 2016-07-15 |
| 214940 | Ports & Packages | Individual Port(s) | rakuco | Closed | FIXED | archivers/p7zip: Security vulnerability (CVE-2016-9296) | 2016-12-01 |
| 241424 | Ports & Packages | Individual Port(s) | rakuco | Closed | FIXED | sysutils/file: Update to 5.37, Fix CVE-2019-18218 | 2019-11-03 |
| 212952 | Ports & Packages | Individual Port(s) | rene | Closed | FIXED | security/tor and security/tor-devel: Update to 0.2.8.9 and 0.2.9.4-alpha | 2016-11-15 |
| 251013 | Ports & Packages | Individual Port(s) | rhurlin | Closed | FIXED | sysutils/py-salt: Update to 3002.1 (includes security fix) | 2020-11-19 |
| 230361 | Ports & Packages | Individual Port(s) | riggs | Closed | FIXED | devel/cgit: Update to 1.2.1 (Fixes CVE-2018-14912) | 2018-08-12 |
| 255949 | Ports & Packages | Individual Port(s) | riggs | Closed | FIXED | devel/websvn: update to 2.6.1 | 2022-02-26 |
| 257066 | Ports & Packages | Individual Port(s) | riggs | Closed | FIXED | databases/mantis: update to 2.25.2 | 2021-07-10 |
| 261209 | Ports & Packages | Individual Port(s) | riggs | Closed | FIXED | net-im/prosody: Update to 0.11.12 | 2022-01-16 |
| 261210 | Ports & Packages | Individual Port(s) | riggs | Closed | FIXED | security/vuxml: Add Prosody XMPP server advisory 2022-01-13 | 2022-01-16 |
| 261892 | Ports & Packages | Individual Port(s) | riggs | Closed | FIXED | www/grafana[678]: Update to latest versions (8.3.5, 7.?.?, 6.?.?) fixing security vulnerabilities | 2022-04-04 |
| 247795 | Ports & Packages | Individual Port(s) | rodrigo | Closed | FIXED | net/rsync: Update to 3.2.3 | 2020-08-20 |
| 245023 | Ports & Packages | Individual Port(s) | ruby | Closed | FIXED | devel/rubygem-json: Update to 2.3.0 (CVE-2020-10663) | 2020-04-03 |
| 205009 | Services | Security Team | secteam | Closed | FIXED | [META] Track Base & Ports Updates for OpenSSL Security Advisory [3 Dec 2015] | 2015-12-05 |
| 234965 | Base System | bin | secteam | Closed | FIXED | scp client multiple vulnerabilities (openssh in base/ports affected: CVE-2018-20685 CVE-2019-6111 CVE-2019-6109,6110) | 2020-07-23 |
| 247149 | Ports & Packages | Individual Port(s) | secteam | Closed | FIXED | Multiple sqlite3 vulnerabilities (ports and base) | 2020-08-06 |
| 211023 | Ports & Packages | Individual Port(s) | sunpoet | Closed | FIXED | textproc/xerces-c3 - Multiple Vulnerabilities | 2016-07-26 |
| 229753 | Ports & Packages | Individual Port(s) | sunpoet | Closed | FIXED | ftp/curl: Update to 7.61.0 (Fixes CVE-2018-0500) | 2018-07-27 |
| 232431 | Ports & Packages | Individual Port(s) | sunpoet | Closed | FIXED | lang/ruby25: Update to 2.5.3 (Fixes multiple vulnerabilities: CVE-2018-1639[56]) | 2018-10-24 |
| 232435 | Ports & Packages | Individual Port(s) | sunpoet | Closed | FIXED | lang/ruby24: Update to 2.4.5 (Fixes multiple vulnerabilities: CVE-2018-1639[56]) | 2018-10-24 |
| 234473 | Ports & Packages | Individual Port(s) | sunpoet | Closed | FIXED | graphics/openjpeg: Fix CVE-2018-6616 | 2019-01-24 |
| 235187 | Ports & Packages | Individual Port(s) | sunpoet | Closed | FIXED | www/typo3-8: Update to 8.7.24 | 2019-02-03 |
| 235188 | Ports & Packages | Individual Port(s) | sunpoet | Closed | FIXED | www/typo3-9: Update to 9.5.4 | 2019-02-03 |
| 240983 | Ports & Packages | Individual Port(s) | sunpoet | Closed | FIXED | lang/ruby24: Update to 2.4.9 | 2019-10-02 |
| 240984 | Ports & Packages | Individual Port(s) | sunpoet | Closed | FIXED | lang/ruby25: Update to 2.5.7 | 2019-10-02 |
| 240985 | Ports & Packages | Individual Port(s) | sunpoet | Closed | FIXED | lang/ruby26: Update to 2.6.5 | 2019-10-02 |
| 241033 | Ports & Packages | Individual Port(s) | sunpoet | Closed | FIXED | dns/unbound:Update to 1.9.4 (fixes CVE-2019-16866) | 2019-10-20 |
| 243388 | Ports & Packages | Individual Port(s) | sunpoet | Closed | FIXED | www/npm: Update to 6.13.4 - < 6.13.4 vulnerable to multiple vulnerabilities incl. arbitrary file write | 2020-10-02 |
| 247089 | Ports & Packages | Individual Port(s) | sunpoet | Closed | FIXED | devel/json-c: update quarterly to 0.14 | 2020-11-20 |
| 254355 | Ports & Packages | Individual Port(s) | sunpoet | Closed | FIXED | security/nettle: Update to 3.7.2 (fixes security vulnerabilities) | 2021-03-30 |
| 254773 | Ports & Packages | Individual Port(s) | sunpoet | Closed | FIXED | ftp/curl: Update to 7.76.1 | 2021-04-28 |
| 255361 | Ports & Packages | Individual Port(s) | sunpoet | Closed | Overcome By Eve | graphics/py-pillow: Update to 8.2.0 (fixes security vulnerabilities) | 2024-04-08 |
| 257306 | Ports & Packages | Individual Port(s) | sunpoet | Closed | FIXED | ftp/curl: Update to 7.78.0 (security and bugfix release) | 2021-08-20 |
| 259938 | Ports & Packages | Individual Port(s) | sunpoet | Closed | FIXED | mail/libspf2: Update to 1.2.11 (Fixes CVE-2021-20314) | 2022-05-13 |
| 265159 | Ports & Packages | Individual Port(s) | sunpoet | Closed | FIXED | www/node14: Update to 14.20.0 | 2023-01-01 |
| 265160 | Ports & Packages | Individual Port(s) | sunpoet | Closed | FIXED | www/node16: Update to 16.16.0 | 2023-01-01 |
| 273749 | Ports & Packages | Individual Port(s) | sunpoet | Closed | Overcome By Eve | graphics/webp: backport fix for CVE-2023-4863 | 2023-09-15 |
| 274215 | Ports & Packages | Individual Port(s) | sunpoet | Closed | FIXED | mail/libspf2: add fix for CVE-2023-42118 | 2023-10-05 |
| 219801 | Ports & Packages | Individual Port(s) | swills | Closed | FIXED | mail/squirrelmail, mail/squirrelmail-translations: Update to 20170705 (Also fixes CVE-2017-7692) | 2017-08-25 |
| 220608 | Ports & Packages | Individual Port(s) | swills | Closed | FIXED | graphics/poppler: Update to >= 0.56.0, Multiple security (CVE) vulnerabilities | 2017-08-24 |
| 230151 | Ports & Packages | Individual Port(s) | swills | Closed | FIXED | security/py-asyncssh: Update to 1.14.0 (Fixes security vulnerability: CVE-2018-7749) | 2018-12-09 |
| 233139 | Ports & Packages | Individual Port(s) | swills | Closed | FIXED | dns/powerdns: Update to 4.1.5 (Fixes security vulnerabilities) | 2018-11-20 |
| 233603 | Ports & Packages | Individual Port(s) | swills | Closed | FIXED | dns/powerdns-recursor: Update to 4.1.8 (Fixes CVE-2018-16855) | 2018-12-09 |
| 233712 | Ports & Packages | Individual Port(s) | swills | Closed | FIXED | databases/sqlite3: Update to 3.26.0 | 2019-01-02 |
| 235113 | Ports & Packages | Individual Port(s) | swills | Closed | FIXED | dns/powerdns-recursor: Update to 4.1.9 (fixes CVE-2019-3806 and CVE-2019-3807) | 2019-01-28 |
| 236818 | Ports & Packages | Individual Port(s) | swills | Closed | FIXED | security/clamav: Update to 0.101.2. | 2019-08-01 |
| 238705 | Ports & Packages | Individual Port(s) | swills | Closed | FIXED | dns/powerdns: Update to 4.1.10 (Fixes security vulnerabilities) | 2019-07-01 |
| 239024 | Ports & Packages | Individual Port(s) | swills | Closed | FIXED | sysutils/monit: Update to 5.26.0 | 2019-07-15 |
| 240132 | Ports & Packages | Individual Port(s) | swills | Closed | FIXED | www/mattermost-{webapp,server}: Update to 5.15.0 | 2019-10-15 |
| 241065 | Ports & Packages | Individual Port(s) | swills | Closed | FIXED | net-mgmt/prometheus2: Update to 2.13.0 | 2019-10-08 |
| 234938 | Ports & Packages | Individual Port(s) | tcberner | Closed | FIXED | security/botan2: Update to 2.9.0 (Fixes CVE-2018-20187) | 2019-01-27 |
| 244875 | Ports & Packages | Individual Port(s) | tcberner | Closed | FIXED | www/wt3: Update to v3.5.2 | 2020-03-20 |
| 244876 | Ports & Packages | Individual Port(s) | tcberner | Closed | FIXED | www/wt: Update to v4.2.2 | 2020-03-20 |
| 247708 | Ports & Packages | Individual Port(s) | tcberner | Closed | FIXED | [exp-run] graphics/exiv2: Update to 0.27.3 (Bug and security fixes) | 2020-07-09 |
| 249445 | Ports & Packages | Individual Port(s) | tcberner | Closed | FIXED | sysutils/accountsservice: Update to 0.6.55 | 2022-12-16 |
| 260590 | Ports & Packages | Individual Port(s) | tcberner | Closed | FIXED | URGENT graphics/p5-Image-ExifTool security update needs commit since February, Request MAINTAINER'ship | 2022-03-25 |
| 262163 | Ports & Packages | Individual Port(s) | tcberner | Closed | FIXED | net/freerdp: Update to 2.6.0 | 2022-02-24 |
| 233419 | Ports & Packages | Individual Port(s) | thierry | Closed | FIXED | www/tt-rss: Update to bc42dfb790 g20181122 due to CVE-2018-19296 | 2018-11-23 |
| 255818 | Ports & Packages | Individual Port(s) | thierry | Closed | FIXED | graphics/ImageMagick6: Upgrade to 6.9.12-12 | 2021-07-20 |
| 213698 | Ports & Packages | Individual Port(s) | tijl | Closed | FIXED | www/linux-c6-flashplugin11: 11.2r202.632 vulnerable, should update to 11.2r202.637 or later | 2016-10-24 |
| 214951 | Ports & Packages | Individual Port(s) | tijl | Closed | FIXED | textproc/linux-c6-expat: update to 2.0.1-13.el6_8, security/vuxml: Add entry for CVE-2016-0718 | 2016-12-01 |
| 240844 | Ports & Packages | Individual Port(s) | tijl | Closed | FIXED | print/ghostscript9-agpl-base: Update to 9.50 (Fixes security vulnerabilities) | 2020-01-06 |
| 257150 | Ports & Packages | Individual Port(s) | tijl | Closed | FIXED | security/linux-c7-nettle: Update to 2.7.1-9.el7_9 (security fix) | 2022-12-25 |
| 211006 | Ports & Packages | Individual Port(s) | timur | Closed | FIXED | net/samba44: version 4.4.5 released, security fix (CVE-2016-2119) | 2016-07-13 |
| 211008 | Ports & Packages | Individual Port(s) | timur | Closed | FIXED | net/samba42: version 4.2.14 released, security fix (CVE-2016-2119) | 2016-07-13 |
| 211009 | Ports & Packages | Individual Port(s) | timur | Closed | FIXED | net/samba43: version 4.3.11 released, security fix (CVE-2016-2119) | 2016-07-13 |
| 217993 | Ports & Packages | Individual Port(s) | timur | Closed | FIXED | net/samba44: Fails to build with new Uses/samba.mk. Update fixes CVE-2017-2619 | 2017-03-31 |
| 219422 | Ports & Packages | Individual Port(s) | timur | Closed | Overcome By Eve | net/samba45: urgent revert to 4.5.7 from 4.5.8 | 2018-06-14 |
| 219514 | Ports & Packages | Individual Port(s) | timur | Closed | Overcome By Eve | net/samba{35+}: Security vulnerability: CVE-2017-7494 (RCE) | 2017-10-30 |
| 245475 | Ports & Packages | Individual Port(s) | timur | Closed | FIXED | net/samba41, net/samba411: Update to latest versions (security releases) | 2020-09-23 |
| 267627 | Ports & Packages | Individual Port(s) | timur | Closed | Overcome By Eve | net/samba413: CVE-2022-3437: backport port revision 4 to 2022Q4 | 2023-01-05 |
| 273595 | Ports & Packages | Individual Port(s) | timur | Closed | FIXED | net/samba413: back port security patches from 4.6.11 | 2023-10-15 |
| 238715 | Ports & Packages | Individual Port(s) | tobik | Closed | DUPLICATE | textproc/expat2: update to 2.2.7 | 2019-07-03 |
| 260534 | Ports & Packages | Individual Port(s) | truckman | Closed | FIXED | devel/opengrok: Update to 1.6.9 (>1.6.7), fixes security vulnerability (CVE-2021-2322) | 2022-04-26 |
| 260549 | Ports & Packages | Individual Port(s) | truckman | Closed | FIXED | devel/py-opengrok-tools: Possible security issue: Update to 1.6.9 (>1.6.7?) | 2022-05-05 |
| 210458 | Ports & Packages | Individual Port(s) | tz | Closed | FIXED | www/piwik: Update to 2.16.1 (security update) | 2016-06-25 |
| 211251 | Ports & Packages | Individual Port(s) | tz | Closed | FIXED | lang/php70: Update to 7.0.9 (multiple security fixes) | 2016-07-27 |
| 213589 | Ports & Packages | Individual Port(s) | tz | Closed | FIXED | lang/php56 lang/php70: Update to latest versions (5.6.27, 7.0.12) - Fixes Security Vulnerabilities | 2016-10-21 |
| 215576 | Ports & Packages | Individual Port(s) | tz | Closed | FIXED | mail/phpmailer: Update to 5.2.18 | 2017-01-03 |
| 248567 | Ports & Packages | Individual Port(s) | tz | Closed | FIXED | lang/php74: Update to 7.4.9 | 2020-08-19 |
| 248568 | Ports & Packages | Individual Port(s) | tz | Closed | FIXED | lang/php73: Update to 7.3.21 | 2020-08-19 |
| 248569 | Ports & Packages | Individual Port(s) | tz | Closed | FIXED | lang/php72: Update to 7.2.33 | 2020-08-19 |
| 259512 | Ports & Packages | Individual Port(s) | tz | Closed | FIXED | net/php{73,74,80}: Backport fix for CVE-2021-21703 security vulnerability | 2022-09-11 |
| 262133 | Ports & Packages | Individual Port(s) | ume | Closed | FIXED | security/cyrus-sasl2*: Update to 2.1.28 (security/bugfix release) | 2022-02-28 |
| 210421 | Ports & Packages | Individual Port(s) | vd | Closed | FIXED | ftp/wget: Update to 1.18 (Fixes CVE-2016-4971) | 2016-06-24 |
| 240362 | Ports & Packages | Individual Port(s) | vsevolod | Closed | FIXED | mail/exim: Update to 4.92.2 (Fixes CVE-2019-15846) | 2019-09-06 |
| 266907 | Ports & Packages | Individual Port(s) | vvd | Closed | FIXED | emulators/virtualbox-ose{-*}: Update to 6.1.44 | 2023-05-26 |
| 269652 | Ports & Packages | Individual Port(s) | vvd | Closed | FIXED | www/tomcat{85,9,101,-devel}: Update to 8.5.88, 9.0.74, 10.1.8, 11.0.0-M5 (CVE-2023-24998 FileUpload DoS with excessive parts) | 2023-05-02 |
| 213034 | Ports & Packages | Individual Port(s) | wen | Closed | FIXED | www/py-django18, www/py-django19: Update to 1.8.15 and 1.9.10 respectively | 2016-09-29 |
| 222398 | Ports & Packages | Individual Port(s) | wen | Closed | FIXED | lang/python27: Update to 2.7.14 | 2017-10-14 |
| 228028 | Ports & Packages | Individual Port(s) | wen | Closed | FIXED | lang/python27: Update to 2.7.15 (bugfix & security update) | 2018-05-26 |
| 238910 | Ports & Packages | Individual Port(s) | wen | Closed | FIXED | www/py-django21: Update to 2.1.10 (Fixes security vulnerability) | 2019-07-07 |
| 238911 | Ports & Packages | Individual Port(s) | wen | Closed | FIXED | www/py-django22: Update to 2.2.3 (bugfix & security release) | 2019-07-07 |
| 238952 | Ports & Packages | Individual Port(s) | wen | Closed | FIXED | lang/python36: Update to 3.6.9 | 2019-07-23 |
| 241586 | Ports & Packages | Individual Port(s) | wen | Closed | FIXED | lang/python35: Update to 3.5.9 (python.org shipped broken 3.5.8, tread carefully) | 2020-03-15 |
| 245776 | Ports & Packages | Individual Port(s) | wen | Closed | FIXED | lang/python27: Update to 2.7.18 (Fixes vulnerability) | 2020-05-15 |
| 248751 | Ports & Packages | Individual Port(s) | wen | Closed | FIXED | security/vuxml: CVE-2019-20907, CVE-2020-14422: Python VuXML updates | 2020-08-19 |
| 259637 | Ports & Packages | Individual Port(s) | wen | Closed | FIXED | math/py-numpy: Update to 1.22.4 | 2022-06-23 |
| 261273 | Ports & Packages | Individual Port(s) | wen | Closed | Overcome By Eve | devel/liblas: Vulnerable to multiple CVEs, Deprecated, fails to run tests: crashes | 2024-04-01 |
| 266286 | Ports & Packages | Individual Port(s) | wen | Closed | FIXED | lang/python39: Update to 3.9.14 | 2022-09-19 |
| 268244 | Ports & Packages | Individual Port(s) | wen | Closed | FIXED | lang/python39: Update to 3.9.16 | 2022-12-22 |
| 268357 | Ports & Packages | Individual Port(s) | wen | Closed | FIXED | www/typo3-11: Update to 11.5.20 | 2022-12-18 |
| 245205 | Ports & Packages | Individual Port(s) | woodsb02 | Closed | FIXED | net-mgmt/cacti: Add VuXML entries for multiple vulnerabilities in cacti < 1.2.10 | 2020-04-04 |
| 245468 | Ports & Packages | Individual Port(s) | woodsb02 | Closed | FIXED | net-mgmt/cacti: Update to 1.2.11 | 2020-05-23 |
| 248410 | Ports & Packages | Individual Port(s) | x11 | Closed | FIXED | x11-servers/xorg-server: fix CVE-2020-14347 (release 1.20.9 soon) | 2020-08-01 |
| 256273 | Ports & Packages | Individual Port(s) | x11 | Closed | FIXED | graphics/wayland: fix CVE-2013-2003 | 2021-05-31 |
| 260526 | Ports & Packages | Individual Port(s) | x11 | Closed | FIXED | x11-servers/xorg-server: Update to 1.20.14 as a security fix | 2023-03-27 |
| 265244 | Ports & Packages | Individual Port(s) | x11 | Closed | FIXED | x11-servers/xorg-server: CVE-2022-2319 and CVE-2022-2320 | 2023-03-29 |
| 268963 | Ports & Packages | Individual Port(s) | x11 | Closed | FIXED | x11-servers/xorg-server: update to 21.1.7 | 2023-03-27 |
| 270540 | Ports & Packages | Individual Port(s) | x11 | Closed | FIXED | x11-servers/xorg-server: CVE-2023-1393 | 2023-04-07 |
| 263623 | Ports & Packages | Individual Port(s) | yasu | Closed | Overcome By Eve | databases/redis: Update to 6.2.7 on 2022Q2 branch | 2022-08-29 |
| 257221 | Ports & Packages | Individual Port(s) | ygy | Closed | FIXED | www/gitea: Update to 1.14.5 | 2021-07-18 |
| 259534 | Ports & Packages | Individual Port(s) | ygy | Closed | FIXED | archivers/advancecomp: Update to 2.1-6-g7b08f7a and take maintainership | 2021-11-19 |
| 259597 | Ports & Packages | Individual Port(s) | ygy | Closed | FIXED | www/grafana7: Update to 7.5.11 (Fixes Security Vulnerability) | 2021-11-25 |
| 224335 | Ports & Packages | Individual Port(s) | yuri | Closed | FIXED | security/tor: CVE-2017-8819 needs to be fixed in quarterly branch too | 2017-12-28 |
| 247400 | Ports & Packages | Individual Port(s) | zeising | Closed | FIXED | mail/mutt: Update to 1.14.5 | 2020-07-15 |
| 219662 | Ports & Packages | Individual Port(s) | zi | Closed | FIXED | net/freeradius{2,3}: Update to 3.0.14 (CVE-2017-9148 FreeRADIUS TLS resumption authentication bypass) | 2017-06-01 |
| 237182 | Ports & Packages | Individual Port(s) | zi | Closed | FIXED | net/freeradius3: Update to 3.0.19 (Fixes several security vulnerabilities) | 2019-04-29 |
| 261526 | Ports & Packages | Individual Port(s) | zi | Closed | FIXED | security/modsecurity3: Update to 3.0.6 | 2022-07-30 |
| 244429 | Ports & Packages | Individual Port(s) | 0mp | Closed | FIXED | audio/timidity++: update 2.14.0 -> 2.15.0, fix CVE-2017-11546 | 2020-03-02 |
| 237483 | Ports & Packages | Individual Port(s) | acm | Closed | FIXED | www/drupal8: Update to 8.6.15 (fixes security vulnerabilities) | 2019-04-25 |
| 249256 | Ports & Packages | Individual Port(s) | acm | Closed | FIXED | www/drupal8 (8.8.7 in ports) please update to 8.8.8 (security fix) or 8.8.9 (bug fix) | 2020-11-25 |
| 225585 | Ports & Packages | Individual Port(s) | adamw | Closed | FIXED | mail/dovecot: FOLLOW UP: Fix memory leak in auth_client_request_abort() | 2018-02-01 |
| 254930 | Ports & Packages | Individual Port(s) | adamw | Closed | FIXED | www/gitea: Update to 1.13.7 (fixes security vulnerabilities) | 2021-04-10 |
| 199585 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | [PATCH] [SECURITY] lang/php5*: updates to 5.6.8, 5.5.24, 5.4.40 | 2015-05-22 |
| 200431 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | [PATCH] [CVE] lang/php5: Update to 5.4.41, addresses CVE vulnerabilities | 2015-05-26 |
| 203541 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | lang/php*: security/vuxml: security update to PHP 5.5.30, 5.6.14 | 2015-10-12 |
| 205779 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | mail/roundcube: Update to 1.1.4 | 2016-01-02 |
| 206404 | Ports & Packages | Individual Port(s) | ale | Closed | Overcome By Eve | security issue in mail/roundcube <1.1.4 | 2016-06-10 |
| 209344 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | databases/mysql56-server: 2016Q2 branch still unpatched | 2016-05-10 |
| 209669 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | [PATCHE] www/tomcat7 and www/tomcat-native upgrade | 2016-06-26 |
| 209779 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | lang/php55 lang/php56: Update to latest versions (5.5.36, 5.6.22) fixes security vulnerabilities | 2016-05-28 |
| 209841 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | mail/roundcube: 1.1.5 vulnerable to CVE-2016-5103 | 2016-06-10 |
| 210502 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | lang/php56 PHP 5.6.23 released (fixing "several security bugs") | 2016-06-25 |
| 212613 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | databases/mysql56-server: CVE 2016-6662 | 2016-11-27 |
| 212614 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | databases/mysql55-server: CVE 2016-6662 | 2016-11-27 |
| 214925 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | mail/roundcube: Update to 1.2.3 (Fixes security vulnerability) | 2016-12-14 |
| 215865 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | www/tomcat8 {tomcat7,tomcat6}: update to 8.0.40, 7.0.74, 6.0.49 | 2017-03-18 |
| 223319 | Ports & Packages | Individual Port(s) | ale | Closed | Overcome By Eve | lang/php56: Update to 5.6.32 (Fixes security vulnerabilities) | 2018-02-26 |
| 225241 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | databases/mysql55-server: Update to 5.5.59 fixes multiple CVE | 2018-01-31 |
| 227476 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | mail/roundcube: Update to 1.3.6 (a security update for CVE-2018-9846 | 2018-04-14 |
| 227767 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | databases/mysql55-server: Update to MySQL-Server 5.5.60 to fix multiple CVE | 2018-04-26 |
| 232699 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | databases/mysql55-server: Update to MySQL-Server 5.5.62 to fix multiple CVE | 2018-10-26 |
| 274520 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | mail/roundcube: Security update to 1.6.4 | 2023-11-10 |
| 276491 | Ports & Packages | Individual Port(s) | ale | Closed | FIXED | mail/roundcube: Security update to 1.6.6 | 2024-01-24 |
| 201134 | Ports & Packages | Individual Port(s) | amdmi3 | Closed | FIXED | [MAINTAINER] print/cups-filters: update to 1.0.70 | 2015-07-07 |
| 204219 | Ports & Packages | Individual Port(s) | amdmi3 | Closed | FIXED | www/piwik: update to 2.15.0 (security update) | 2015-12-02 |
| 217099 | Ports & Packages | Individual Port(s) | amdmi3 | Closed | FIXED | ports-mgmt/fbsdmon: Please delete this port | 2017-12-17 |
| 242929 | Ports & Packages | Individual Port(s) | amdmi3 | Closed | FIXED | security/u2f-devd: new entries for Trezor keys | 2021-03-17 |
| 200760 | Ports & Packages | Individual Port(s) | antoine | Closed | Not A Bug | textproc/kibana: Security vulnerability CVE-2015-4093 | 2015-06-13 |
| 215096 | Ports & Packages | Individual Port(s) | apache | Closed | FIXED | www/apache24: Fix HTTP/2 DoS vulnerability | 2016-12-06 |
| 220160 | Ports & Packages | Individual Port(s) | apache | Closed | FIXED | www/apache24: Update to 2.4.26 (addresses multiple CVE reports) | 2017-07-14 |
| 232687 | Ports & Packages | Individual Port(s) | apache | Closed | FIXED | www/apache24: Update to 2.4.37 (Security and Bugfix Release) | 2018-10-28 |
| 245284 | Ports & Packages | Individual Port(s) | apache | Closed | FIXED | www/apache24: Security Update to 2.4.43 | 2020-04-02 |
| 269768 | Ports & Packages | Package Infrastruc | apache | Closed | FIXED | www/apache24: broken dependency / potential security issue | 2023-04-01 |
| 203410 | Ports & Packages | Individual Port(s) | ashish | Closed | FIXED | multimedia/libvpx: bring more options used by Firefox | 2015-11-17 |
| 201931 | Ports & Packages | Individual Port(s) | bapt | Closed | FIXED | sysutils/xen-tools: multiple vulnerabilities (CVE-2015-5154, CVE-2015-5166, CVE-2015-5165) | 2015-08-18 |
| 212275 | Ports & Packages | Individual Port(s) | bdrewery | Closed | FIXED | security/openssh-portable - missing vuxml entries | 2016-09-01 |
| 200661 | Ports & Packages | Individual Port(s) | bf | Closed | FIXED | devel/pcre: 8.37 has unresolved vulnerabilities | 2015-06-10 |
| 252681 | Ports & Packages | Individual Port(s) | bhughes | Closed | FIXED | www/node: Update to v15.5.1 | 2021-01-14 |
| 254042 | Ports & Packages | Individual Port(s) | bhughes | Closed | FIXED | www/node10: Update to 10.24.0 | 2021-03-09 |
| 254043 | Ports & Packages | Individual Port(s) | bhughes | Closed | FIXED | www/node12: Update to 12.21.0 | 2021-03-09 |
| 254044 | Ports & Packages | Individual Port(s) | bhughes | Closed | FIXED | www/node14: Update to 14.16.0 | 2021-03-09 |
| 254045 | Ports & Packages | Individual Port(s) | bhughes | Closed | FIXED | www/node: Update to 15.10.0 | 2021-03-10 |
| 257902 | Ports & Packages | Individual Port(s) | bhughes | Closed | FIXED | www/node: Update to 16.8.0 | 2021-09-22 |
| 259126 | Ports & Packages | Individual Port(s) | bhughes | Closed | FIXED | www/node14: Update to 14.18.1 | 2021-10-14 |
| 209534 | Ports & Packages | Individual Port(s) | bjk | Closed | FIXED | net/openafs - multiple vulnerabilities | 2016-06-05 |
| 203112 | Ports & Packages | Individual Port(s) | bofh | Closed | FIXED | emulators/qemu-devel: Multiple security vulnerabilities | 2016-01-01 |
| 205814 | Ports & Packages | Individual Port(s) | bofh | Closed | FIXED | emulators/qemu {-devel}: multiple vulnerabilities | 2021-11-02 |
| 219783 | Ports & Packages | Individual Port(s) | bofh | Closed | Overcome By Eve | graphics/tiffgt is vulnerable, possibly duplicate | 2017-06-06 |
| 275999 | Ports & Packages | Individual Port(s) | bofh | Closed | FIXED | devel/zookeeper: Update to 3.8.3 (Fixes critical security vulnerability) and release the port | 2023-12-29 |
| 204410 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | databases/mariadb55-server: Multiple security vulnerabilities | 2017-02-01 |
| 205159 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | databases/mariadb100-server: Not updated in 2015Q4 | 2015-12-09 |
| 206610 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | security/libressl: Identify whether affected by OpenSSL vulnerability | 2016-01-29 |
| 209318 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | databases/mariadb100-server: Update to 10.0.25 | 2016-05-07 |
| 212615 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | databases/mariadb55-server: CVE 2016-6662 | 2016-09-28 |
| 212616 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | databases/mariadb100-server: CVE 2016-6662 | 2016-09-28 |
| 212617 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | databases/mariadb101-server: CVE 2016-6662 | 2016-09-28 |
| 219045 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | databases/mariadb101-server: Upgrade to latest version(v10.1.23) - current(v10.1.22) has critical vulnerabilities | 2017-05-30 |
| 220435 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | www/smarty3: Update to 3.1.31 | 2017-07-24 |
| 223482 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | databases/mariadb101-server - invalid vuxml entry | 2017-11-07 |
| 235573 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | databases/mariadb101-server: Update to 10.1.38 | 2019-02-08 |
| 235574 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | databases/mariadb101-client: Update to 10.1.38 | 2019-02-22 |
| 239653 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | databases/mariadb103-server upgrade to 10.3.17 | 2019-09-03 |
| 243660 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | security/vuxml: MariaDB incorrectly added to MySQL CVE's | 2020-02-02 |
| 250286 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | databases/mariadb103-server: Update to 10.3.25 | 2020-10-24 |
| 254551 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | security/openssl: Update to 1.1.1k (Security Update - High) | 2021-03-26 |
| 264999 | Ports & Packages | Individual Port(s) | brnrd | Closed | FIXED | databases/mariadb106-server: conf.d/wsrep.cnf overrides bind-address in conf.d/server.cnf. | 2023-04-10 |
| 198816 | Ports & Packages | Individual Port(s) | brooks | Closed | FIXED | devel/cross-binutils: Multiple security vulnerabilities | 2015-03-24 |
| 216666 | Ports & Packages | Individual Port(s) | bsd | Closed | Not A Bug | multimedia/zoneminder - CVE-2016-10140 | 2017-02-06 |
| 202571 | Services | Bug Tracker | bugmeister | Closed | FIXED | Links like "ports|src|doc rNUMBER" use http instead of https | 2017-02-18 |
| 206551 | Base System | kern | bugs | Closed | Not A Bug | Heap overflow in iconv kernel module | 2016-01-24 |
| 206584 | Base System | kern | bugs | Closed | Works As Intend | Possible integer overflow in update_intel | 2016-01-24 |
| 206585 | Base System | kern | bugs | Closed | FIXED | hpt_set_info possible buffer overflow | 2019-01-14 |
| 206754 | Base System | kern | bugs | Closed | FIXED | Out of bounds negative array index in iicrdwr | 2019-01-15 |
| 206761 | Base System | kern | bugs | Closed | FIXED | Kernel stack overflow in sysctl handler for kern.binmisc.add | 2016-04-05 |
| 207854 | Base System | kern | bugs | Closed | FIXED | usr/src/sys/contrib/ncsw/Peripherals/QM/qm_portal_fqr.c:1437: bad shift ? | 2019-12-21 |
| 221417 | Base System | bin | bugs | Closed | FIXED | pw usermod silently ignores -G "" | 2017-09-08 |
| 236010 | Base System | misc | bugs | Closed | Not A Bug | rand(3) is a bad RNG, but lots of software uses it. Make it a shim around arcrandom(3) | 2022-06-05 |
| 276422 | Base System | conf | bugs | Closed | Unable to Repro | pam_passwdqc(8) - add more examples | 2024-01-18 |
| 262174 | Documentation | Books & Articles | carlavilla | Closed | FIXED | gpg.conf options in Committer's guide should be reviewed/updated | 2023-09-07 |
| 199167 | Ports & Packages | Individual Port(s) | christer.edwards | Closed | Not Accepted | sysutils/py-salt: Run master as non root user | 2017-11-26 |
| 209142 | Ports & Packages | Individual Port(s) | chromium | Closed | FIXED | www/chromium: multiple vulnerabilities | 2016-05-28 |
| 226184 | Ports & Packages | Individual Port(s) | chromium | Closed | FIXED | www/chromium: increase requests quota for Google API Key | 2018-11-10 |
| 233990 | Ports & Packages | Individual Port(s) | chromium | Closed | FIXED | www/chromium: Update to 71.0.3578.98 | 2019-01-08 |
| 210749 | Ports & Packages | Individual Port(s) | cmt | Closed | FIXED | mail/thunderbird: update to 45.2.0 | 2016-07-09 |
| 211124 | Ports & Packages | Individual Port(s) | cmt | Closed | FIXED | graphics/gimp: update to 2.8.18 | 2016-07-29 |
| 212463 | Ports & Packages | Individual Port(s) | cmt | Closed | FIXED | mail/thunderbird: update to 45.3.0 | 2016-09-10 |
| 214631 | Ports & Packages | Individual Port(s) | cmt | Closed | FIXED | mail/thunderbird: 45.5.0 (with enigmail 1.9.6.1) | 2016-11-22 |
| 215733 | Ports & Packages | Individual Port(s) | cmt | Closed | FIXED | mail/thunderbird: update to 45.6.0 | 2017-01-06 |
| 216584 | Ports & Packages | Individual Port(s) | cmt | Closed | FIXED | mail/thunderbird: update to 45.7.1 | 2017-03-03 |
| 219006 | Ports & Packages | Individual Port(s) | cmt | Closed | FIXED | mail/thunderbird: update to 52.1.0 | 2017-05-02 |
| 223577 | Ports & Packages | Individual Port(s) | cmt | Closed | FIXED | net/wireshark: update to 2.4.2 | 2017-11-27 |
| 229452 | Ports & Packages | Individual Port(s) | cmt | Closed | FIXED | mail/thunderbird: update to 52.9.0 | 2018-07-09 |
