Date: Wed, 04 Jun 2014 15:19:42 -0500 From: Bryan Drewery <bdrewery@FreeBSD.org> To: Cy Schubert <cy@FreeBSD.org>, ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: Re: svn commit: r356534 - head/security/vuxml Message-ID: <538F7F5E.1060701@FreeBSD.org> In-Reply-To: <201406041850.s54IoqbC053901@svn.freebsd.org> References: <201406041850.s54IoqbC053901@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 6/4/14, 1:50 PM, Cy Schubert wrote: > Author: cy > Date: Wed Jun 4 18:50:52 2014 > New Revision: 356534 > URL: http://svnweb.freebsd.org/changeset/ports/356534 > QAT: https://qat.redports.org/buildarchive/r356534/ > > Log: > Document gnutls CVE-2014-3466 to prevent memory corruption due to server > hello parsing. > > Security: CVE-2014-3466 > > Modified: > head/security/vuxml/vuln.xml > > Modified: head/security/vuxml/vuln.xml > ============================================================================== > --- head/security/vuxml/vuln.xml Wed Jun 4 18:03:35 2014 (r356533) > +++ head/security/vuxml/vuln.xml Wed Jun 4 18:50:52 2014 (r356534) > @@ -57,6 +57,35 @@ Notes: > > --> > <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; > + <vuln vid="9733c480-ebff-11e3-970b-206a8a720317"> .. > +<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; > <vuln vid="027af74d-eb56-11e3-9032-000c2980a9f3"> > <topic>gnutls -- client-side memory corruption</topic> > <affects> > Thanks! Also please run 'make validate' before committing to this file. This change added an extra <vuxml> that broke the parsing. -- Regards, Bryan Drewery
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?538F7F5E.1060701>