From owner-cvs-ports@FreeBSD.ORG  Sun Sep  4 20:44:38 2011
Return-Path: <owner-cvs-ports@FreeBSD.ORG>
Delivered-To: cvs-ports@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 0D223106566B;
	Sun,  4 Sep 2011 20:44:38 +0000 (UTC)
	(envelope-from utisoft@gmail.com)
Received: from mail-iy0-f182.google.com (mail-iy0-f182.google.com
	[209.85.210.182])
	by mx1.freebsd.org (Postfix) with ESMTP id A6E8B8FC08;
	Sun,  4 Sep 2011 20:44:37 +0000 (UTC)
Received: by iadx2 with SMTP id x2so7237551iad.13
	for <multiple recipients>; Sun, 04 Sep 2011 13:44:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=mime-version:sender:in-reply-to:references:from:date
	:x-google-sender-auth:message-id:subject:to:content-type
	:content-transfer-encoding;
	bh=RaylRDzDe+44/qhXGjqG8dQPtTYf3FArZibADXiI66E=;
	b=PhnafUZ6PAXRnxbazZkr/nNiJb209zbWfdZZwPukq0YNjJxhemKdkbok+c1BmY0nxV
	yVAEqMWctAgETQG1uOX/u/Er1dgSAc/U25rzbw0wizv0IO0Gm4irSl8o/CsGotDaUlEk
	bayEMOU5k3i3XUa3+HEBxN/Gydsj1noDGujqc=
Received: by 10.231.66.85 with SMTP id m21mr6257187ibi.53.1315169077175; Sun,
	04 Sep 2011 13:44:37 -0700 (PDT)
MIME-Version: 1.0
Sender: utisoft@gmail.com
Received: by 10.231.61.148 with HTTP; Sun, 4 Sep 2011 13:44:07 -0700 (PDT)
In-Reply-To: <201109042015.p84KFqOR005039@repoman.freebsd.org>
References: <201109042015.p84KFqOR005039@repoman.freebsd.org>
From: Chris Rees <crees@freebsd.org>
Date: Sun, 4 Sep 2011 21:44:07 +0100
X-Google-Sender-Auth: appRkVdkSZ4UGA1BLLfj7KOS6uU
Message-ID: <CADLo83_poDk0J2Sfk3dE8WvU8e3J47fewVhTtzLp2DznqEYxeA@mail.gmail.com>
To: ports-committers@freebsd.org, cvs-ports@freebsd.org, cvs-all@freebsd.org, 
	secteam@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Cc: 
Subject: Re: cvs commit: ports/security/vuxml vuln.xml
X-BeenThere: cvs-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the ports tree <cvs-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-ports>,
	<mailto:cvs-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-ports>
List-Post: <mailto:cvs-ports@freebsd.org>
List-Help: <mailto:cvs-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-ports>,
	<mailto:cvs-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 04 Sep 2011 20:44:38 -0000

On 4 September 2011 21:15, Chris Rees <crees@freebsd.org> wrote:
> crees =A0 =A0 =A0 2011-09-04 20:15:52 UTC
>
> =A0FreeBSD ports repository
>
> =A0Modified files:
> =A0 =A0security/vuxml =A0 =A0 =A0 vuln.xml
> =A0Log:
> =A0- Document cfs buffer overflow vulnerability.
> =A0- While here, unbreak packaudit -- it doesn't like newlines in the
> =A0 =A0middle of tags. =A0Perhaps a comment should say something?

Actually, that's a bad long-term solution. The real solution would be
to fix portaudit's XML parser.

secteam, would you like me to have a go at it, or shall I let you
investigate since you know the code?

Chris