Date: Sun, 10 Aug 2014 02:14:31 +0200 From: =?UTF-8?B?UmVuw6kgTGFkYW4=?= <rene@freebsd.org> To: "Sergey A. Osokin" <osa@FreeBSD.org>, ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: Re: svn commit: r364460 - head/www/nginx Message-ID: <53E6B967.1030608@freebsd.org> In-Reply-To: <53e66a49.2ebf.35c2c6fd@svn.freebsd.org> References: <53e66a49.2ebf.35c2c6fd@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 09-08-2014 20:36, Sergey A. Osokin wrote: > Author: osa > Date: Sat Aug 9 18:36:56 2014 > New Revision: 364460 > URL: http://svnweb.freebsd.org/changeset/ports/364460 > QAT: https://qat.redports.org/buildarchive/r364460/ > > Log: > Update from 1.6.0 to 1.6.1. > > <ChangeLog> > > *) Security: pipelined commands were not discarded after STARTTLS > command in SMTP proxy (CVE-2014-3556); the bug had appeared in 1.5.6. > Thanks to Chris Boulton. The vuxml file says < 1.6.4,2 is vulnerable, I assume that is a typo? Also, can you add CPE information to the Makefile (see https://wiki.freebsd.org/Ports/CPE ) ? Rene
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53E6B967.1030608>