On 5/01/2014 6:08 AM, dycuo123 wrote: > Hi,there > > Do you guys have some time to update these two? Many thanks! > _______________________________________________ > freebsd-ports@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ports > To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org" > Its probably better if you direct your request to the maintainer of the port, ideally using http://www.freebsd.org/send-pr.html, identifying the upgrade benefits and further details to pique their interest. For example, strongswan:
Current ports version is 5.0.4 and released version by strongswan is 5.1.1 (version 5.1.2 is scheduled for February) Reasons for the request are: 1. Rectification of security vulnerabilities allowing Denial of Service: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6075 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6076 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5018 2. Rectification of security vulnerabilities allowing user impersonation and bypassing access restrictions CVE-2013-6075 (above) 3. Refer to change log http://wiki.strongswan.org/projects/strongswan/wiki/Changelog51, specifically ... But of course the first thing to do is to use http://www.freebsd.org/cgi/query-pr-summary.cgi to check if the request has already been made. And in this instance it has! Please refer to http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/183688 And given the outstanding CVEs I'd suggest that you apply the patches, if you're going to use this port; pending maintainer's availability. Francois, I've included you, as the CVE's should push this update from a low priority/non-critical category to a medium given that it can be DOS'ed via the network without authentication. (And unfortunately IKEv1 is required for iPhone clients using IPSEC) Regards, Dewayne. _______________________________________________ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
