From owner-freebsd-ports@FreeBSD.ORG Tue Jul 15 21:49:03 2014 Return-Path: Delivered-To: ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3A4D2B6 for ; Tue, 15 Jul 2014 21:49:03 +0000 (UTC) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 023D9289A for ; Tue, 15 Jul 2014 21:49:03 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.9/8.14.9) with ESMTP id s6FLn2kr050417 for ; Tue, 15 Jul 2014 21:49:02 GMT (envelope-from bdrewery@freefall.freebsd.org) Received: (from bdrewery@localhost) by freefall.freebsd.org (8.14.9/8.14.9/Submit) id s6FLn2Te050415 for ports@freebsd.org; Tue, 15 Jul 2014 21:49:02 GMT (envelope-from bdrewery) Received: (qmail 11516 invoked from network); 15 Jul 2014 16:48:58 -0500 Received: from unknown (HELO ?10.10.0.24?) (freebsd@shatow.net@10.10.0.24) by sweb.xzibition.com with ESMTPA; 15 Jul 2014 16:48:58 -0500 Message-ID: <53C5A1C5.90707@FreeBSD.org> Date: Tue, 15 Jul 2014 16:48:53 -0500 From: Bryan Drewery Organization: FreeBSD User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 MIME-Version: 1.0 To: =?UTF-8?B?UmVuw6kgTGFkYW4=?= , "ports@freebsd.org Ports" Subject: Re: marking vulnerable ports forbidden? References: In-Reply-To: X-Enigmail-Version: 1.6 OpenPGP: id=6E4697CF; url=http://www.shatow.net/bryan/bryan2.asc Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="sp7pKtwMkIoOrdQbGAIx4BI2eBPVTj5WS" X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2014 21:49:03 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --sp7pKtwMkIoOrdQbGAIx4BI2eBPVTj5WS Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 7/15/2014 7:45 AM, Ren=C3=A9 Ladan wrote: > Hi, >=20 > according to Freshports [1] there are currently 24 vulnerable ports not= > marked as forbidden. > How about checking this list on a regular basis and marking such ports = and > forbidden and optionally as deprecated? This would inform users not usi= ng > vuxml earlier about vulnerabilities. >=20 > [1] http://www.freshports.org/ports-vulnerable.php >=20 > Regards, > Ren=C3=A9 > _______________________________________________ Do take it case-by-case though. Doing this wipes out most Linux ports IIRC. Some of the vulns documented are not worthy of a FORBIDDEN. --=20 Regards, Bryan Drewery --sp7pKtwMkIoOrdQbGAIx4BI2eBPVTj5WS Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJTxaHGAAoJEDXXcbtuRpfPbUQH/1kGGbkpMRWgmlfYLQjBJaUF aSZNOBdBpKF6xrvAq/kFHevh/gccNF7i7Too0FS1dot5+h0i77UsVzxTtzR/lCkD 1PpCcerbFV0wYi9fJQFITbT5VI8K0W+ZXA5enLzOX0hSLgKUVmsq6wctwQ1J0Vc2 E4POAdnAbQpDdtUm+CHbO6AZi40k5F6WUZPJhQnSUksHTQr6OqFMgOJ9X/4LsKB0 szYap6Qi5W/O+e31oPBPOluRpHG4bZ6kzx6VlJv1GmJyGIRu7LWZqjU+/70s2x5E 1PcCMtgcOQz3t9On6kaZpArA+9HbsN30BE9JDoDdK/dRn46CQfw9o5fgcsGv0Jo= =5Hny -----END PGP SIGNATURE----- --sp7pKtwMkIoOrdQbGAIx4BI2eBPVTj5WS--