On 8 July 2012 12:27, Xin LI wrote:
> On Sun, Jul 8, 2012 at 12:00 PM, Eitan Adler wrote:
>> eadler 2012-07-08 19:00:08 UTC
> I don't think it's right to assign same identifier to different
> issues. For 2.8.9 I think it was:
In general, I agree. I wasn't able to determine which issue rela
On Sun, Jul 8, 2012 at 12:00 PM, Eitan Adler wrote:
> eadler 2012-07-08 19:00:08 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> openx reported a new security issue but does not provide any details:
> inform users of this.
I don't th
On 5 July 2012 21:09, Sunpoet Po-Chuan Hsieh wrote:
> sunpoet 2012-07-06 04:09:41 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> - Document typo3 4.5.x, 4.6.x and 4.7.x XSS vulnerability
>
> Security:
> https://typo3.org/teams
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 06/27/12 12:35, Wesley Shields wrote:
> On Wed, Jun 27, 2012 at 03:34:44PM +, Ryan Steinmetz wrote:
>> zi 2012-06-27 15:34:44 UTC
>>
>> FreeBSD ports repository
>>
>> Modified files: security/vuxml vuln.xml Log: - Document
>>
On Wed, Jun 27, 2012 at 03:34:44PM +, Ryan Steinmetz wrote:
> zi 2012-06-27 15:34:44 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> - Document recent FreeBSD SA's for 2012: SA-12:04.sysret,
> SA-12:03.bind, SA-12:02.crypt,
On 6 June 2012 14:30, Doug Barton wrote:
> D'oh! Super embarrassing, thanks for the fix. I was majorly pressed for
> time when doing that, and obviously didn't change all of the fields that
> I copy/pasted.
Sorry I didn't catch that when reviewing the diff.
--
Eitan Adler
Source & Ports committ
D'oh! Super embarrassing, thanks for the fix. I was majorly pressed for
time when doing that, and obviously didn't change all of the fields that
I copy/pasted.
Doug
On 06/06/2012 14:16, Xin LI wrote:
> delphij 2012-06-06 21:16:42 UTC
>
> FreeBSD ports repository
>
> Modified files:
>
On Jun 6, 2012 8:30 AM, "Eitan Adler" wrote:
>
> eadler 2012-06-06 07:30:00 UTC
>
> FreeBSD ports repository
>
> Modified files:
>security/vuxml vuln.xml
> Log:
> Fix some nits:
> - Improve wording of Sympa vuln description
> - The url used as a citation for th
On 5 June 2012 11:30, Doug Barton wrote:
> Why does the same URL need to appear twice? And if this is necessary,
> why does 'make validate' not report the error?
The "cite" url is not show on the page at all. It is used for semantic
value only. The reference is actually shown to the end user on t
Why does the same URL need to appear twice? And if this is necessary,
why does 'make validate' not report the error?
The way this ends up formatted in the HTML is:
References
CVE Name CVE-2012-1667
URL http://www.isc.org/software/bind/advisories/cve-2012-1667
That makes it look like the I
On 05/31/2012 09:28 AM, Warren Block wrote:
> Sorry, I missed the original post and am not quite sure what is being
> checked. At present, igor doesn't know XML at all. My hope is that
> some existing XML validator can be used to check tagging and indentation
> of DocBook XML, and igor can just c
On Wed, 30 May 2012, Jason Helfman wrote:
On Wed, May 30, 2012 at 5:04 PM, Eitan Adler wrote:
On 30 May 2012 15:28, Jason Helfman wrote:
> Perhaps this should be part of make validate routine?
> -jgh
It is on my "if I have the time" todo
list, but my time is fairly limited l
On 31 May 2012 02:52, wrote:
> Hello,
> I won't be able to commit before this evening (GMT); it this needs to be
> updated quickier, please go!
It isn't urgent, but please keep this in mind when writing VuXML. :)
--
Eitan Adler
Source & Ports committer
X11, Bugbusting teams
Hello,
Selon Eitan Adler le jeu 31 mai 00:26:24 2012 :
On 30 May 2012 13:46, Thierry Thomas wrote:
thierry 2012-05-30 20:46:36 UTC
FreeBSD ports repository
Modified files:
security/vuxml vuln.xml
Log:
Add an entry for CVE-2012-2944 in sysutils/nut.
Please include http://
On Wed, May 30, 2012 at 5:04 PM, Eitan Adler wrote:
> On 30 May 2012 15:28, Jason Helfman wrote:
> > Perhaps this should be part of make validate routine?
> > -jgh
>
> It is on my "if I have the time" todo
> list, but my time is fairly limited lately. More generally a VuXML
> lint tool would be
On 30 May 2012 15:28, Jason Helfman wrote:
> Perhaps this should be part of make validate routine?
> -jgh
It is on my "if I have the time" todo
list, but my time is fairly limited lately. More generally a VuXML
lint tool would be nice.
--
Eitan Adler
Source & Ports committer
X11, Bugbusting tea
On Wed, May 30, 2012 at 03:26:24PM -0700, Eitan Adler thus spake:
On 30 May 2012 13:46, Thierry Thomas wrote:
thierry 2012-05-30 20:46:36 UTC
FreeBSD ports repository
Modified files:
security/vuxml vuln.xml
Log:
Add an entry for CVE-2012-2944 in sysutils/nut.
Please include
On 30 May 2012 13:46, Thierry Thomas wrote:
> thierry 2012-05-30 20:46:36 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> Add an entry for CVE-2012-2944 in sysutils/nut.
Please include http://trac.networkupstools.org/projects/nut/changeset/
On 28 May 2012 15:45, Rene Ladan wrote:
> rene 2012-05-28 22:45:15 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> Document vulnerabilities before www/chromium 19.0.1084.52 (the port is safe).
>
> Obtained from:
> http://googlechromere
On 24 May 2012 16:46, Jason Helfman wrote:
> jgh 2012-05-24 23:46:50 UTC
> Security: CVE-2012-2391
The security field is not used when committing to vuxml. It is used to
reference vuxml when committing port changes.
> Revision Changes Path
> 1.2714 +37 -1 ports/secur
On 21 May 2012 14:15, Ruslan Mahmatkhanov wrote:
> rm 2012-05-21 13:15:42 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> Add an entry for mail/sympa < 6.1.11 (CVE-2012-2352)
Thanks, I'll get an update in asap.
Chris
_
On Thu, May 17, 2012 at 05:31:01PM +, Jason Helfman thus spake:
jgh 2012-05-17 17:31:01 UTC
FreeBSD ports repository
Modified files:
security/vuxml vuln.xml
Log:
- fix date in 725ab25a-987b-11e1-a2ef-001fd0af1a4c
Revision ChangesPath
1.2707+2 -2 ports/s
On 12 May 2012 10:23, Sofian Brabez wrote:
> sbz 2012-05-12 14:23:42 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> - Document CVE-2012-2274 for port www/pivotx
The url in the blockquote cite attribute must also be a url under
referenc
On 30 April 2012 19:15, Xin Li wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> On 04/30/12 11:08, Chris Rees wrote:
>> On 30 April 2012 17:51, Xin LI wrote:
>>> delphij 2012-04-30 17:51:46 UTC
>>>
>>> FreeBSD ports repository
>>>
>>> Modified files: security/vuxml vuln.xm
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 04/30/12 11:08, Chris Rees wrote:
> On 30 April 2012 17:51, Xin LI wrote:
>> delphij 2012-04-30 17:51:46 UTC
>>
>> FreeBSD ports repository
>>
>> Modified files: security/vuxml vuln.xml Log: Document samba
>> incorrect permission chec
On 30 April 2012 17:51, Xin LI wrote:
> delphij 2012-04-30 17:51:46 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> Document samba incorrect permission checks vulnerability.
+ 3.4.*3.4.17
+
+
+ samba35
+ 3.5.*3
2012/4/22 Alexey Dokuchaev :
> Can you tell me how can I detect brokeness?
$make validate
I've recently added some logic to make validate to check for both
validation and tidy errors.
Note that changing whitespace only is harmful as it reduces the value
of 'cvs blame'
--
Eitan Adler
Source &
On Sun, Apr 22, 2012 at 02:26:07PM -0400, Eitan Adler wrote:
> On 22 April 2012 14:02, Alexey Dokuchaev wrote:
> > danfe 2012-04-22 18:02:00 UTC
> >
> > Modified files:
> > security/vuxml vuln.xml
> > Log:
> > Fix formatting in the first 10% of VuXML database file.
>
> These com
On 22 April 2012 14:02, Alexey Dokuchaev wrote:
> danfe 2012-04-22 18:02:00 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> Fix formatting in the first 10% of VuXML database file.
These commits broke vuxml. In addition gratuitous whitespa
On 8 April 2012 03:47, Remko Lodder wrote:
> Log:
> As requested by eadler, revert the commit about the move of the
> tag. I cannot reproduce the error anymore, so it
> might have been the reviewal entry or something else was locally
> wrong.
>
> I did a make validate before committing this
On 3 April 2012 13:55, Remko Lodder wrote:
> remko 2012-04-03 17:55:33 UTC
>
> FreeBSD ports repository (src,doc committer)
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> Someone forgot to do a make validate after adding the
On 3/28/2012 6:24 PM, Eitan Adler wrote:
> On 28 March 2012 16:10, Rene Ladan wrote:
>> rene2012-03-28 20:10:11 UTC
>>
>> FreeBSD ports repository
>>
>> Modified files:
>>security/vuxml vuln.xml
>
> Please be careful to check both 'make validate' and 'make tidy && diff
> vuln.
On 28 March 2012 16:10, Rene Ladan wrote:
> rene 2012-03-28 20:10:11 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
Please be careful to check both 'make validate' and 'make tidy && diff
vuln.xml.tidy vuln.xml'
--
Eitan Adler
Source & Ports comm
On Tue, Feb 28, 2012 at 11:41 AM, Chris Rees wrote:
> What is this, a list or alias? I don't see it on the lists page :/
ports-security is a non-public mailing list of people who work on
ports security issues. It performs a few tasks, the most visible one
being reviews of vuxml patches.
--
Eit
On 28 Feb 2012 00:10, "Eitan Adler" wrote:
>
> eadler 2012-02-28 00:09:56 UTC
>
> FreeBSD ports repository
>
> Modified files:
>security/vuxml vuln.xml
> Log:
> - Add information about make tidy checking now that it actually functions
> - use ' instead of `
> - add a note abou
On 2012-01-16 04:16, Akinori MUSHA wrote:
> knu 2012-01-16 03:16:01 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> Add PHP < 5.3.9 (CVE-2011-4885).
>
> Revision ChangesPath
> 1.2549+6 -1 ports/security/vuxml/
On Sat, Jan 14, 2012 at 02:47:41AM +, Ryan Steinmetz wrote:
> zi 2012-01-14 02:47:41 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> - Document vulnerabilities in security/openssl
> -- CVE-2011-4108, CVE-2011-4109, CVE-2011
On 8 Jan 2012, at 10:51, Rene Ladan wrote:
> On 08-01-2012 00:55, Rene Ladan wrote:
>> On 08-01-2012 00:44, Simon L. Nielsen wrote:
>>> simon 2012-01-07 23:44:17 UTC
>>>
>>> FreeBSD ports repository
>>>
>>> Modified files:
>>>security/vuxml vuln.xml
>>> Log:
>>> Remove HTML
On 08-01-2012 00:55, Rene Ladan wrote:
> On 08-01-2012 00:44, Simon L. Nielsen wrote:
>> simon 2012-01-07 23:44:17 UTC
>>
>> FreeBSD ports repository
>>
>> Modified files:
>> security/vuxml vuln.xml
>> Log:
>> Remove HTML entity from a VuXML entry as they are not allowed in
On 08-01-2012 00:44, Simon L. Nielsen wrote:
> simon 2012-01-07 23:44:17 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> Remove HTML entity from a VuXML entry as they are not allowed in
> VuXML, only Unicode charecter entities are
On 12/29/2011 12:24, Chris Rees wrote:
> Perhaps I just missed the error in the torrent of warnings I got. Careless.
If you follow the full procedure at
http://www.freebsd.org/doc/en/books/porters-handbook/security-notify.html you
won't get warnings (unless there are actual problems). It's likel
On 29-12-2011 21:13, Chris Rees wrote:
> On 29 December 2011 14:26, Remko Lodder wrote:
>> remko 2011-12-29 14:26:25 UTC
>>
>> FreeBSD ports repository (src,doc committer)
>>
>> Modified files:
>>security/vuxml vuln.xml
>> Log:
>> Fix build by adding a reference to the original
On 29 December 2011 20:21, Rene Ladan wrote:
> On 29-12-2011 21:13, Chris Rees wrote:
>> On 29 December 2011 14:26, Remko Lodder wrote:
>>> remko 2011-12-29 14:26:25 UTC
>>>
>>> FreeBSD ports repository (src,doc committer)
>>>
>>> Modified files:
>>> security/vuxml vuln.xml
>>>
On 29 December 2011 14:26, Remko Lodder wrote:
> remko 2011-12-29 14:26:25 UTC
>
> FreeBSD ports repository (src,doc committer)
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> Fix build by adding a reference to the original URL.
>
> Revision Changes Path
> 1.2532
Thanks. :)
On 12/26/2011 15:00, Wesley Shields wrote:
> wxs 2011-12-26 23:00:58 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> Whitespace cleanup in a BIND topic.
>
> Revision ChangesPath
> 1.2527+2 -2 ports
On Tue, Dec 13, 2011 at 08:35:32PM +, Xin LI wrote:
> delphij 2011-12-13 20:35:32 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> Document Opera multiple vulnerabilities.
>
> Requested by: tabthorpe
> Feature safe: yes
On 2011/11/30 10:26, Doug Barton wrote:
On 11/30/2011 00:45, Pav Lucistnik wrote:
pav 2011-11-30 08:45:12 UTC
FreeBSD ports repository
Modified files:
security/vuxml vuln.xml
Log:
- Add a quick guide to adding a new entry to this unfriendly file
You might want
On 11/30/2011 00:45, Pav Lucistnik wrote:
> pav 2011-11-30 08:45:12 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> - Add a quick guide to adding a new entry to this unfriendly file
You might want to also add a reference to
http:
On 11/18/2011 13:21, Xin LI wrote:
> On 11/18/11 12:23, Doug Barton wrote:
>> On 11/18/2011 12:20, Xin LI wrote:
>>> delphij 2011-11-18 20:20:27 UTC
>>>
>>> FreeBSD ports repository
>>>
>>> Modified files: security/vuxml vuln.xml Log: Bump modified
>>> date for previous commit.
>
>> I pu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 11/18/11 12:23, Doug Barton wrote:
> On 11/18/2011 12:20, Xin LI wrote:
>> delphij 2011-11-18 20:20:27 UTC
>>
>> FreeBSD ports repository
>>
>> Modified files: security/vuxml vuln.xml Log: Bump modified
>> date for previous commit.
>
On 11/18/2011 12:20, Xin LI wrote:
> delphij 2011-11-18 20:20:27 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> Bump modified date for previous commit.
I purposely did not do that because there was no material modification
to the en
On 11/12/2011 08:13, Martin Wilke wrote:
> [1] This would not happened when committers use "make newentry" (sometimes
> RTFM is really helpful)
Perhaps if you documented it in
http://www.freebsd.org/doc/en/books/porters-handbook/security-notify.html it
would be easier to find?
--
On 12 November 2011 16:13, Martin Wilke wrote:
> miwi 2011-11-12 16:13:48 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> - Correct latest libxml(1) entrys
> - Mark CVS-2009-2414 CVS-2009-2416 CVS-2011-1944 entrys as safe
> - Fix whites
On Thu, Nov 10, 2011 at 07:58:08AM +, Xin LI wrote:
> delphij 2011-11-10 07:58:08 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> Fix build.
>
> Feature safe: yes
>
> Revision ChangesPath
> 1.2487+2 -1
On Thu, Nov 10, 2011 at 07:38:31AM +, Simon L. B. Nielsen wrote:
>
> On 10 Nov 2011, at 07:19, Baptiste Daroussin wrote:
>
> > bapt2011-11-10 07:19:25 UTC
> >
> > FreeBSD ports repository
> >
> > Modified files:
> >security/vuxml vuln.xml
> > Log:
> > Register multipl
On 11/09/2011 23:38, Simon L. B. Nielsen wrote:
>
> On 10 Nov 2011, at 07:19, Baptiste Daroussin wrote:
>
>> bapt2011-11-10 07:19:25 UTC
>>
>> FreeBSD ports repository
>>
>> Modified files:
>>security/vuxml vuln.xml
>> Log:
>> Register multiple libxml{1,2} vulnerabilities
>
On 10 Nov 2011, at 07:19, Baptiste Daroussin wrote:
> bapt2011-11-10 07:19:25 UTC
>
> FreeBSD ports repository
>
> Modified files:
>security/vuxml vuln.xml
> Log:
> Register multiple libxml{1,2} vulnerabilities
VuXML is now broken
[simon@freefall:~/vuxml] make validate
* Alexey Dokuchaev (da...@freebsd.org) wrote:
> > Fixed, thanks. That, however, is not a real reason to delay
> > vulnerability database update, and the PR shouldn't have been closed.
>
> But I didn't close it when I decided to fix the vuxml text (but had to get
> AFK during weekend). Perhaps it
On Mon, Oct 17, 2011 at 07:51:41AM +0400, Dmitry Marakasov wrote:
> * Alexey Dokuchaev (da...@freebsd.org) wrote:
>
> > If this patch was committed from the PR verbatim, I believe it's not very
> > correct: quotes are from security advisories hub site, while text issued by
> > OpenTTD team is diff
* Alexey Dokuchaev (da...@freebsd.org) wrote:
> If this patch was committed from the PR verbatim, I believe it's not very
> correct: quotes are from security advisories hub site, while text issued by
> OpenTTD team is different. That's why I didn't commit it along with game
> version update.
Fix
On Sun, Oct 16, 2011 at 06:39:44PM +, Dmitry Marakasov wrote:
> amdmi3 2011-10-16 18:39:44 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> Document openttd multiple vulnerabilities
>
> PR: 161488
If this patch w
On 7 September 2011 19:30, Xin LI wrote:
> delphij 2011-09-07 18:30:42 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> Document two OpenSSL vulnerabilities.
>
> (There is no OpenSSL 0.9.8s in the ports so mark <1.0.0 as vulnerable).
1.0.01
On 5 September 2011 00:59, Matthias Andree wrote:
> Am 04.09.2011 22:15, schrieb Chris Rees:
>> crees 2011-09-04 20:15:52 UTC
>>
>> FreeBSD ports repository
>>
>> Modified files:
>> security/vuxml vuln.xml
>> Log:
>> - Document cfs buffer overflow vulnerability.
>> - Whil
Am 04.09.2011 22:15, schrieb Chris Rees:
> crees 2011-09-04 20:15:52 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> - Document cfs buffer overflow vulnerability.
> - While here, unbreak packaudit -- it doesn't like newlines in the
>
I wasn't suggesting that Chris commit anything, I know he has better
self-control than that. :)
Meanwhile, one more feature request ... update BASEURL in packaudit to
http://portaudit.FreeBSD.org/
Doug
On 09/05/2011 00:46, Remko Lodder wrote:
>
> Dear Doug,
>
> While having a look is not a p
On 4 Sep 2011, at 22:44, Chris Rees wrote:
> On 4 September 2011 21:15, Chris Rees wrote:
>> crees 2011-09-04 20:15:52 UTC
>>
>> FreeBSD ports repository
>>
>> Modified files:
>>security/vuxml vuln.xml
>> Log:
>> - Document cfs buffer overflow vulnerability.
>> - While her
Dear Doug,
While having a look is not a problem, it is bad advice that someone goes for it
because
I am not responsive enough. I advised Chris to have a look at possible
solutions but consult
us before commits are being made.
Thanks
Remko
On Sep 5, 2011, at 2:01 AM, Doug Barton wrote:
> On 0
Dear Chris,
Please have a look, but consult us before you actually commit the changes..
Thanks
Remko
On Sep 4, 2011, at 10:44 PM, Chris Rees wrote:
> On 4 September 2011 21:15, Chris Rees wrote:
>> crees 2011-09-04 20:15:52 UTC
>>
>> FreeBSD ports repository
>>
>> Modified files:
>>
On 09/04/2011 13:44, Chris Rees wrote:
> On 4 September 2011 21:15, Chris Rees wrote:
>> crees 2011-09-04 20:15:52 UTC
>>
>> FreeBSD ports repository
>>
>> Modified files:
>>security/vuxml vuln.xml
>> Log:
>> - Document cfs buffer overflow vulnerability.
>> - While here, unbre
On 4 September 2011 21:15, Chris Rees wrote:
> crees 2011-09-04 20:15:52 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> - Document cfs buffer overflow vulnerability.
> - While here, unbreak packaudit -- it doesn't like newlines in the
>
On 2 Sep 2011 00:52, "Doug Barton" wrote:
>
> On 09/01/2011 12:47, Chris Rees wrote:
> > On 1 September 2011 20:42, Andrey Chernov wrote:
> >> On Thu, Sep 01, 2011 at 07:06:27PM +, Chris Rees wrote:
> >>> crees 2011-09-01 19:06:27 UTC
> >>>
> >>> FreeBSD ports repository
> >>>
> >>>
Meanwhile, is there an update on 2.2.20 getting into the tree? A simple
version upgrade has worked for me so far.
Doug
--
Nothin' ever doesn't change, but nothin' changes much.
-- OK Go
Breadth of IT experience, and depth of knowledge in the DNS.
On 09/01/2011 12:47, Chris Rees wrote:
> On 1 September 2011 20:42, Andrey Chernov wrote:
>> On Thu, Sep 01, 2011 at 07:06:27PM +, Chris Rees wrote:
>>> crees 2011-09-01 19:06:27 UTC
>>>
>>> FreeBSD ports repository
>>>
>>> Modified files:
>>> security/vuxml vuln.xml
>>>
On 1 September 2011 20:42, Andrey Chernov wrote:
> On Thu, Sep 01, 2011 at 07:06:27PM +, Chris Rees wrote:
>> crees 2011-09-01 19:06:27 UTC
>>
>> FreeBSD ports repository
>>
>> Modified files:
>> security/vuxml vuln.xml
>> Log:
>> Correct range for apache22, 2.2.20 is f
On Thu, Sep 01, 2011 at 07:06:27PM +, Chris Rees wrote:
> crees 2011-09-01 19:06:27 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> Correct range for apache22, 2.2.20 is fixed and 1.3 wasn't affected.
>
According to http://c
Just update the port, and we'll deal with the pavmail. I didn't realize
it was security related.
On 08/19/11 18:42, Xin LI wrote:
> delphij 2011-08-19 18:42:12 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> Document Rails multiple
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I'm hoping I didn't screw this up, since I couldn't figure out how to
get 'packaudit' to actually generate an auditfile based on my update ...
although it did create correct-looking files in ~/public_html/portaudit.
I tried 'packaudit' on its own, a
On 2011-05-25 02:32, Philip M. Gollucci wrote:
> On 5/24/2011 4:59 PM, Olli Hauer wrote:
>> Unfortunately the package name for apr reflects the build options
>> and we can end up with a view hundred different package names.
>> (5 options * possible (bdb|mysql|pgsql|ldap|sqlite) versions)
> Thats no
On 5/24/2011 4:59 PM, Olli Hauer wrote:
> Unfortunately the package name for apr reflects the build options
> and we can end up with a view hundred different package names.
> (5 options * possible (bdb|mysql|pgsql|ldap|sqlite) versions)
Thats not quite true, I thought I stripped most of this before
On 2011-05-25 01:36, Wesley Shields wrote:
> On Wed, May 25, 2011 at 01:26:38AM +0200, olli hauer wrote:
>> On 2011-05-25 01:24, Wesley Shields wrote:
>>> On Tue, May 24, 2011 at 10:59:52PM +, Olli Hauer wrote:
ohauer 2011-05-24 22:59:52 UTC
FreeBSD ports repository
>
On 2011-05-25 01:36, Wesley Shields wrote:
> On Wed, May 25, 2011 at 01:26:38AM +0200, olli hauer wrote:
>> On 2011-05-25 01:24, Wesley Shields wrote:
>>> On Tue, May 24, 2011 at 10:59:52PM +, Olli Hauer wrote:
ohauer 2011-05-24 22:59:52 UTC
FreeBSD ports repository
>
On Wed, May 25, 2011 at 01:26:38AM +0200, olli hauer wrote:
> On 2011-05-25 01:24, Wesley Shields wrote:
> > On Tue, May 24, 2011 at 10:59:52PM +, Olli Hauer wrote:
> >> ohauer 2011-05-24 22:59:52 UTC
> >>
> >> FreeBSD ports repository
> >>
> >> Modified files:
> >> security/vuxml
On 2011-05-25 01:24, Wesley Shields wrote:
> On Tue, May 24, 2011 at 10:59:52PM +, Olli Hauer wrote:
>> ohauer 2011-05-24 22:59:52 UTC
>>
>> FreeBSD ports repository
>>
>> Modified files:
>> security/vuxml vuln.xml
>> Log:
>> - use apr-* and add entries for all apr0/apr
On Tue, May 24, 2011 at 10:59:52PM +, Olli Hauer wrote:
> ohauer 2011-05-24 22:59:52 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> - use apr-* and add entries for all apr0/apr1 issues
> ( .. is needed else the parser canno
Thank lord, these pubcookie ports were quite complex!
On 5/23/2011 4:04 PM, Brooks Davis wrote:
> brooks 2011-05-23 23:04:41 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> www/mod_pubcookieMakefile
> www/pubcookie-login-server M
On Tue, Apr 12, 2011 at 03:36:44PM +, Erwin Lansing wrote:
> erwin 2011-04-12 15:36:44 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> Fix typo
Thanks! I was just wondering why my commit to do this failed. Guess you
beat me to
The vuln entry for the 4.1 client is incorrect. Change dhpc to dhcp.
--
Dan Langille
http://langille.org/
On Apr 10, 2011, at 5:39 PM, Wesley Shields wrote:
> wxs 2011-04-10 21:39:37 UTC
>
> FreeBSD ports repository
>
> Modified files:
>security/vuxml vuln.xml
> Log:
2011/2/15 Martin Wilke :
> miwi 2011-02-15 08:18:21 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> - Update lastest tomcat entry (tomcat6/7 have the same problem)
Should CVE-2010-4172,CVE-2010-3718 added to this entry too ?
Here I am no
On Nov 23, 2010, at 6:42 PM, Simon L. Nielsen wrote:
> simon 2010-11-23 17:42:24 UTC
>
> FreeBSD ports repository
>
> Modified files:
>security/vuxml vuln.xml
> Log:
> Fix discovery date in last entry.
>
> Pointy hat to: remko
>
Metallic blue please ;)
--
/"\ Best
On Sun, Aug 22, 2010 at 12:30:07PM +, Koop Mast wrote:
> kwm 2010-08-22 12:30:07 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> Add entry for OpenTTD denial of server vulnability.
>
> Reviewed by:danfe@ (OpenTTD main
Ah yes! I will correct this in a next update
Thanks
Niels
>
>
>
>> | +
>> | +SLiM -- insecure PATH assignment
>
> By convention, the first word in the title was always the package name
> of an application. I'm not sure if it is documented somewhere, but
> it seems all other records foll
On Fri, 2010-08-20 at 18:15:57 -0700, Stanislav Sedov wrote:
> On Fri, 20 Aug 2010 20:39:48 -0400
> Sahil Tandon mentioned:
>
> > Most records, but not all; for example:
> >
> > 90d2e58f-b25a-11de-8c83-02e0185f8d72
>
> This is the correct one, it's not ports-related.
>
> > 0d0237d0-7f68-11d
On Fri, 20 Aug 2010 20:39:48 -0400
Sahil Tandon mentioned:
> Most records, but not all; for example:
>
> 90d2e58f-b25a-11de-8c83-02e0185f8d72
This is the correct one, it's not ports-related.
> 0d0237d0-7f68-11de-984d-0011098ad87f
>
And this one is probably mistyped as well.
--
Stanislav
On Fri, 2010-08-20 at 17:13:20 -0700, Stanislav Sedov wrote:
> > | +
> > | +SLiM -- insecure PATH assignment
>
> By convention, the first word in the title was always the package name
> of an application. I'm not sure if it is documented somewhere, but
> it seems all other records follow t
On Thu, 19 Aug 2010 21:11:53 + (UTC)
Niels Heinen mentioned:
> niels 2010-08-19 21:11:53 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> - Document SLiM insecure PATH assignment issue
> - Removed space from vlc title
>
>
On Sat, 2010-08-14 at 22:43 +, Gabor Kovesdan wrote:
> gabor 2010-08-14 22:43:51 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> - Fix last entry by adding the forgotten package name.
> (Hint: always run make validate before
On 21.07.2010 20:08, Simon L. Nielsen wrote:
> On 2010.07.21 12:46:17 +, Beat Gaetzi wrote:
>> beat2010-07-21 12:46:17 UTC
>>
>> FreeBSD ports repository
>>
>> Modified files:
>> security/vuxml vuln.xml
>> Log:
>> - Document mozilla -- multiple vulnerabilities
>
> Ar
On 2010.07.21 12:46:17 +, Beat Gaetzi wrote:
> beat2010-07-21 12:46:17 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> - Document mozilla -- multiple vulnerabilities
Are we sure that none of these bugs don't affect the old re
On Wed, Apr 14, 2010 at 2:46 PM, Alberto Villa wrote:
> avilla 2010-04-14 21:46:52 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> - Do not match x11/kdebase4 in latest KDM vulnerability.
>
> Approved by:tabthorpe (mentor)
>
>
Ahh...
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
This entry is wrong,
>>> Validating...
/usr/local/bin/xmllint --valid --noout
/usr/home/miwi/dev/ports/security/vuxml/vuln.xml
/usr/home/miwi/dev/ports/security/vuxml/vuln.xml:51435: parser error :
Premature end of data in tag vuxml line 37
^
>>> F
1 - 100 of 163 matches
Mail list logo
