Date: Tue, 28 Jan 2014 08:27:41 +0100 From: Remko Lodder <remko@FreeBSD.org> To: Matthew Seaman <matthew@freebsd.org> Cc: svn-ports-head@freebsd.org, svn-ports-all@freebsd.org, ports-committers@freebsd.org Subject: Re: svn commit: r341466 - head/security/vuxml Message-ID: <AC3602C3-9379-41BE-B493-EC122EE683D4@FreeBSD.org> In-Reply-To: <201401272246.s0RMkcXA043615@svn.freebsd.org> References: <201401272246.s0RMkcXA043615@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail=_3CE3253F-4734-44DD-AA2A-B03F401FA6FC Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii On 27 Jan 2014, at 23:46, Matthew Seaman <matthew@freebsd.org> wrote: > Author: matthew > Date: Mon Jan 27 22:46:38 2014 > New Revision: 341466 > URL: http://svnweb.freebsd.org/changeset/ports/341466 > QAT: https://qat.redports.org/buildarchive/r341466/ >=20 > Log: > Formatting fixes >=20 > Submitted by: remko Thank you!! :-) Remko >=20 > Modified: > head/security/vuxml/vuln.xml >=20 > Modified: head/security/vuxml/vuln.xml > = =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D > --- head/security/vuxml/vuln.xml Mon Jan 27 22:19:40 2014 = (r341465) > +++ head/security/vuxml/vuln.xml Mon Jan 27 22:46:38 2014 = (r341466) > @@ -68,26 +68,26 @@ Note: Please add new entries to the beg > <p>The RT development team reports:</p> > <blockquote = cite=3D"http://blog.bestpractical.com/2014/01/security-vulnerability-in-rt= -42.html"> > <p>Versions of RT between 4.2.0 and 4.2.2 (inclusive) are > - vulnerable to a denial-of-service attack via the email > - gateway; any installation which accepts mail from untrusted > - sources is vulnerable, regardless of the permissions > - configuration inside RT. This vulnerability is assigned > - CVE-2014-1474.</p> > + vulnerable to a denial-of-service attack via the email > + gateway; any installation which accepts mail from untrusted > + sources is vulnerable, regardless of the permissions > + configuration inside RT. This vulnerability is assigned > + CVE-2014-1474.</p> > <p>This vulnerability is caused by poor parsing performance > - in the Email::Address::List module, which RT depends on. We > - recommend that affected users upgrade their version of > - Email::Address::List to v0.02 or above, which resolves the > - issue. Due to a communications mishap, the release on CPAN > - will temporarily appear as "unauthorized," and the > - command-line cpan client will hence not install it. We > - expect this to be resolved shortly; in the meantime, the > - release is also available from our server.</p> > + in the Email::Address::List module, which RT depends on. We > + recommend that affected users upgrade their version of > + Email::Address::List to v0.02 or above, which resolves the > + issue. Due to a communications mishap, the release on CPAN > + will temporarily appear as "unauthorized," and the > + command-line cpan client will hence not install it. We > + expect this to be resolved shortly; in the meantime, the > + release is also available from our server.</p> > </blockquote> > </body> > </description> > <references> > - = <url>http://blog.bestpractical.com/2014/01/security-vulnerability-in-rt-42= .html</url> > <cvename>CVE-2014-1474</cvename> > + = <url>http://blog.bestpractical.com/2014/01/security-vulnerability-in-rt-42= .html</url> > </references> > <dates> > <discovery>2014-01-27</discovery> > _______________________________________________ > svn-ports-all@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/svn-ports-all > To unsubscribe, send any mail to = "svn-ports-all-unsubscribe@freebsd.org" --=20 /"\ Best regards, | remko@FreeBSD.org \ / Remko Lodder | remko@EFnet X http://www.evilcoder.org/ | / \ ASCII Ribbon Campaign | Against HTML Mail and News --Apple-Mail=_3CE3253F-4734-44DD-AA2A-B03F401FA6FC Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJS51vtAAoJEKjD27JZ84ywV7UP/i7pyN8vbSFoXSercAf2bfb8 YugZk+srjImcHefhPW97hdnb6V03BihpxdLCsNAPUBQMBCdGRlAHy1Ita1MexY65 Lw/nQcgS0eGiEs5ZJhTZ8OuxOGXVF2uJh0/jl9LTllniTrys4QqKYlAKE3ooCL3V UCHXPOuwEJ3cnjx0DdFJwP8A+1TlML7EVLeDagUVxlk5cMbL4+c34vVk+qSg3Er3 3SKhhAO8C4FlP112eLqwzzSnB5wru4EaprE6xBeqxduQ/iaA06cyoUa6xpezbgAF B/x381VrYTcxounSmwK3A4cFqxZzUKOGc7UtLlMa4elmCvhrYVWGHPZvIzmWEY0Z d6zFfjN6T/v2lFGQxOShhmRmCYmnwrJ+0t9cIWjovEMS0+yMYw9PaIegRTWlrOfn l8yys2+2fvjIVk3o2Bczz9KbluRFkm1pxQSZJVpRNXYlBJ6P+roVTN9FfYJSfF/U WbiQSm/K4vFvUCwoP7YlRaxSY0pM8nndzBbAm6SWdleW7WdYzUeOR8fqRsor/AoD Wc7erEcUf8w5GizWacf6KrNqsCy5u1FdUdJQd/fq32u8Ri/wvbnECV4awi2jz1DE q1GagWsz6aKlvpWuPI5E2AX9P1uARukn+7MoHasAql+dYeQMtXJ6jK+0HBifk5Y1 6h9mW05eSnm4nm564soW =KJxy -----END PGP SIGNATURE----- --Apple-Mail=_3CE3253F-4734-44DD-AA2A-B03F401FA6FC--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AC3602C3-9379-41BE-B493-EC122EE683D4>