From owner-cvs-ports@FreeBSD.ORG Mon Sep 5 07:46:57 2011 Return-Path: Delivered-To: cvs-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7C0CC106566C; Mon, 5 Sep 2011 07:46:57 +0000 (UTC) (envelope-from remko@elvandar.org) Received: from mailgate.jr-hosting.nl (mail.jr-hosting.nl [IPv6:2a01:4f8:141:5061::25]) by mx1.freebsd.org (Postfix) with ESMTP id 3D9238FC08; Mon, 5 Sep 2011 07:46:57 +0000 (UTC) Received: from [IPv6:2001:470:d701::8d7a:5225:37fa:333] (unknown [IPv6:2001:470:d701:0:8d7a:5225:37fa:333]) by mailgate.jr-hosting.nl (Postfix) with ESMTPSA id ECB843F460; Mon, 5 Sep 2011 09:46:55 +0200 (CEST) Mime-Version: 1.0 (Apple Message framework v1244.3) Content-Type: text/plain; charset=iso-8859-1 From: Remko Lodder In-Reply-To: <4E641162.2000602@FreeBSD.org> Date: Mon, 5 Sep 2011 09:46:56 +0200 Content-Transfer-Encoding: quoted-printable Message-Id: <0EC93B27-7C7F-4D0A-ADD6-ED22085FF1A6@elvandar.org> References: <201109042015.p84KFqOR005039@repoman.freebsd.org> <4E641162.2000602@FreeBSD.org> To: Doug Barton X-Mailer: Apple Mail (2.1244.3) Cc: Chris Rees , cvs-ports@freebsd.org, cvs-all@freebsd.org, secteam@freebsd.org, ports-committers@freebsd.org Subject: Re: cvs commit: ports/security/vuxml vuln.xml X-BeenThere: cvs-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Sep 2011 07:46:57 -0000 Dear Doug, While having a look is not a problem, it is bad advice that someone goes = for it because I am not responsive enough. I advised Chris to have a look at possible = solutions but consult us before commits are being made. Thanks Remko On Sep 5, 2011, at 2:01 AM, Doug Barton wrote: > On 09/04/2011 13:44, Chris Rees wrote: >> On 4 September 2011 21:15, Chris Rees wrote: >>> crees 2011-09-04 20:15:52 UTC >>>=20 >>> FreeBSD ports repository >>>=20 >>> Modified files: >>> security/vuxml vuln.xml >>> Log: >>> - Document cfs buffer overflow vulnerability. >>> - While here, unbreak packaudit -- it doesn't like newlines in the >>> middle of tags. Perhaps a comment should say something? >>=20 >> Actually, that's a bad long-term solution. The real solution would be >> to fix portaudit's XML parser. >>=20 >> secteam, would you like me to have a go at it, or shall I let you >> investigate since you know the code? >=20 > Please just go for it. secteam@ hasn't been very responsive of late. >=20 > Will this fix the problem of new auditfile generation? The current one > is from the 1st and there have been several changes since then. >=20 > While you're at it, a feature request (although this is probably in a > different part of the code). It would be nice if the individual HTML > pages, such as > http://portaudit.freebsd.org/b7b03bab-c296-11d8-bfb2-000bdb1444a4.html > had a link back to the main page, http://portaudit.freebsd.org/. >=20 >=20 > Doug >=20 > --=20 >=20 > Nothin' ever doesn't change, but nothin' changes much. > -- OK Go >=20 > Breadth of IT experience, and depth of knowledge in the DNS. > Yours for the right price. :) http://SupersetSolutions.com/ >=20 > _______________________________________________________ > Please think twice when forwarding, cc:ing, or bcc:ing > security-team messages. Ask if you are unsure. >=20