On Tue, Mar 20, 2007 at 02:32:10PM -0400, Kris Kennaway wrote:
> On Tue, Mar 20, 2007 at 06:28:49PM +0000, David Thiel wrote:
> > lx 2007-03-20 18:28:49 UTC
> >
> > FreeBSD ports repository
> >
> > Modified files:
> > www/webcalendar Makefile distinfo
> > Log:
> > Update to 1.0.5, fixing a remote variable overwrite vulnerability.
> > See http://secunia.com/advisories/24403/ for more details.
> >
> > PR: ports/110587
> > Submitted by: Greg Larkin (maintainer)
> > Approved by: edwin (mentor)
>
> FYI the Security: tag should be used in such situations so that the
> security team flag it for inclusion in the vulnerability database.
>
> Kris
Hi all,
Yes indeed, the Security: tag can be used for that amongst others,
other possible items are that Freshports (this is just an example)
might be able to parse them and or keep track of them. By using
this tag filtering becomes much easier, personally I scan most
ports commits and look whether there is a mentioning of Security:
or some reference, my life would be made a lot easier when Security:
was always used for security related commits (with a reference
to the source of the Security issue, and if possible the VuXML
link).
Thanks!
--
Kind regards,
Remko Lodder ** [EMAIL PROTECTED]
FreeBSD ** [EMAIL PROTECTED]
/* Quis custodiet ipsos custodes */
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
