From owner-cvs-ports@FreeBSD.ORG  Mon Sep  5 07:45:58 2011
Return-Path: <owner-cvs-ports@FreeBSD.ORG>
Delivered-To: cvs-ports@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id F3F22106566C;
	Mon,  5 Sep 2011 07:45:57 +0000 (UTC)
	(envelope-from remko@elvandar.org)
Received: from mailgate.jr-hosting.nl (mail.jr-hosting.nl
	[IPv6:2a01:4f8:141:5061::25])
	by mx1.freebsd.org (Postfix) with ESMTP id 8F5E08FC0C;
	Mon,  5 Sep 2011 07:45:57 +0000 (UTC)
Received: from [IPv6:2001:470:d701::8d7a:5225:37fa:333] (unknown
	[IPv6:2001:470:d701:0:8d7a:5225:37fa:333])
	by mailgate.jr-hosting.nl (Postfix) with ESMTPSA id D52F23F460;
	Mon,  5 Sep 2011 09:45:55 +0200 (CEST)
Mime-Version: 1.0 (Apple Message framework v1244.3)
Content-Type: text/plain; charset=iso-8859-1
From: Remko Lodder <remko@elvandar.org>
In-Reply-To: <CADLo83_poDk0J2Sfk3dE8WvU8e3J47fewVhTtzLp2DznqEYxeA@mail.gmail.com>
Date: Mon, 5 Sep 2011 09:45:55 +0200
Content-Transfer-Encoding: 7bit
Message-Id: <227CDF2C-301B-4443-9DBB-928866528F78@elvandar.org>
References: <201109042015.p84KFqOR005039@repoman.freebsd.org>
	<CADLo83_poDk0J2Sfk3dE8WvU8e3J47fewVhTtzLp2DznqEYxeA@mail.gmail.com>
To: Chris Rees <crees@freebsd.org>
X-Mailer: Apple Mail (2.1244.3)
Cc: cvs-ports@freebsd.org, secteam@freebsd.org, cvs-all@freebsd.org,
	ports-committers@freebsd.org
Subject: Re: cvs commit: ports/security/vuxml vuln.xml
X-BeenThere: cvs-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the ports tree <cvs-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-ports>,
	<mailto:cvs-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-ports>
List-Post: <mailto:cvs-ports@freebsd.org>
List-Help: <mailto:cvs-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-ports>,
	<mailto:cvs-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Sep 2011 07:45:58 -0000


Dear Chris,

Please have a look, but consult us before you actually commit the changes..

Thanks
Remko

On Sep 4, 2011, at 10:44 PM, Chris Rees wrote:

> On 4 September 2011 21:15, Chris Rees <crees@freebsd.org> wrote:
>> crees       2011-09-04 20:15:52 UTC
>> 
>>  FreeBSD ports repository
>> 
>>  Modified files:
>>    security/vuxml       vuln.xml
>>  Log:
>>  - Document cfs buffer overflow vulnerability.
>>  - While here, unbreak packaudit -- it doesn't like newlines in the
>>    middle of tags.  Perhaps a comment should say something?
> 
> Actually, that's a bad long-term solution. The real solution would be
> to fix portaudit's XML parser.
> 
> secteam, would you like me to have a go at it, or shall I let you
> investigate since you know the code?
> 
> Chris
> _______________________________________________________
> Please think twice when forwarding, cc:ing, or bcc:ing
> security-team messages.  Ask if you are unsure.
>