On 5/17/2015 4:02 PM, Roger Marquis wrote: > Does anyone know what's going on with vuln.xml updates? Over the last > few weeks and months CVEs and application mailing lists have announced > vulnerabilities for several ports that in some cases only showed up in > vuln.xml after several days and in other cases are still not listed > (despite email to the security team). > > Is there a URL outlining the policies and procedures of vuln.xml > maintenance? >
ports-secteam@ owns this file, not secteam@. The team needs more help. Would you like to volunteer to submit vuxml updates? Many contributors, and committers, feel the file is not easy to contribute to. Regards, Bryan Drewery
signature.asc
Description: OpenPGP digital signature
