From owner-svn-ports-all@FreeBSD.ORG  Fri Aug 16 15:46:24 2013
Return-Path: <owner-svn-ports-all@FreeBSD.ORG>
Delivered-To: svn-ports-all@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id 9AA36F82;
 Fri, 16 Aug 2013 15:46:24 +0000 (UTC)
 (envelope-from mcdouga9@egr.msu.edu)
Received: from mail.egr.msu.edu (dauterive.egr.msu.edu [35.9.37.168])
 by mx1.freebsd.org (Postfix) with ESMTP id E3E512F7D;
 Fri, 16 Aug 2013 15:46:23 +0000 (UTC)
Received: from dauterive (localhost [127.0.0.1])
 by mail.egr.msu.edu (Postfix) with ESMTP id 76C9321F01;
 Fri, 16 Aug 2013 11:40:09 -0400 (EDT)
X-Virus-Scanned: amavisd-new at egr.msu.edu
Received: from mail.egr.msu.edu ([127.0.0.1])
 by dauterive (dauterive.egr.msu.edu [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id xnP-B18Xhsj2; Fri, 16 Aug 2013 11:40:09 -0400 (EDT)
Received: from EGR authenticated sender
Message-ID: <520E47D9.1010308@egr.msu.edu>
Date: Fri, 16 Aug 2013 11:40:09 -0400
From: Adam McDougall <mcdouga9@egr.msu.edu>
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64;
 rv:17.0) Gecko/20130808 Thunderbird/17.0.8
MIME-Version: 1.0
To: svn-ports-all@freebsd.org, stas@freebsd.org
Subject: Re: svn commit: r324781 - head/security/vuxml
References: <201308151902.r7FJ2Ydj066062@svn.freebsd.org>
In-Reply-To: <201308151902.r7FJ2Ydj066062@svn.freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-BeenThere: svn-ports-all@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: SVN commit messages for the ports tree <svn-ports-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-all>
List-Post: <mailto:svn-ports-all@freebsd.org>
List-Help: <mailto:svn-ports-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Aug 2013 15:46:24 -0000

On 08/15/13 15:02, Stanislav Sedov wrote:
> Author: stas (src committer)
> Date: Thu Aug 15 19:02:34 2013
> New Revision: 324781
> URL: http://svnweb.freebsd.org/changeset/ports/324781
> 
> Log:
>   - Add lcms2 DoS vulnerability entry.
>   
>   Hat: secteam
> 
> Modified:
>   head/security/vuxml/vuln.xml
> 
> Modified: head/security/vuxml/vuln.xml
> ==============================================================================
> --- head/security/vuxml/vuln.xml	Thu Aug 15 18:56:01 2013	(r324780)
> +++ head/security/vuxml/vuln.xml	Thu Aug 15 19:02:34 2013	(r324781)
> @@ -51,6 +51,37 @@ Note:  Please add new entries to the beg
>  
>  -->
>  <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
> +  <vuln vid="9a0a892e-05d8-11e3-ba09-000c29784fd1">
> +    <topic>lcms2 -- Null Pointer Dereference Denial of Service Vulnerability</topic>
> +    <affects>
> +      <package>
> +	<name>lcms2</name>
> +	<range><gt>0</gt></range>

I can't tell that this affects 2.5 which is in ports.  Does it?  Thanks.