Date: Tue, 15 Jul 2014 16:48:53 -0500 From: Bryan Drewery <bdrewery@FreeBSD.org> To: =?UTF-8?B?UmVuw6kgTGFkYW4=?= <rene@freebsd.org>, "ports@freebsd.org Ports" <ports@freebsd.org> Subject: Re: marking vulnerable ports forbidden? Message-ID: <53C5A1C5.90707@FreeBSD.org> In-Reply-To: <CADL2u4gw7VSvuYwk_N26QnrOCyBd71=-R9U225372vYPEVz=Bw@mail.gmail.com> References: <CADL2u4gw7VSvuYwk_N26QnrOCyBd71=-R9U225372vYPEVz=Bw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --sp7pKtwMkIoOrdQbGAIx4BI2eBPVTj5WS Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 7/15/2014 7:45 AM, Ren=C3=A9 Ladan wrote: > Hi, >=20 > according to Freshports [1] there are currently 24 vulnerable ports not= > marked as forbidden. > How about checking this list on a regular basis and marking such ports = and > forbidden and optionally as deprecated? This would inform users not usi= ng > vuxml earlier about vulnerabilities. >=20 > [1] http://www.freshports.org/ports-vulnerable.php >=20 > Regards, > Ren=C3=A9 > _______________________________________________ Do take it case-by-case though. Doing this wipes out most Linux ports IIRC. Some of the vulns documented are not worthy of a FORBIDDEN. --=20 Regards, Bryan Drewery --sp7pKtwMkIoOrdQbGAIx4BI2eBPVTj5WS Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJTxaHGAAoJEDXXcbtuRpfPbUQH/1kGGbkpMRWgmlfYLQjBJaUF aSZNOBdBpKF6xrvAq/kFHevh/gccNF7i7Too0FS1dot5+h0i77UsVzxTtzR/lCkD 1PpCcerbFV0wYi9fJQFITbT5VI8K0W+ZXA5enLzOX0hSLgKUVmsq6wctwQ1J0Vc2 E4POAdnAbQpDdtUm+CHbO6AZi40k5F6WUZPJhQnSUksHTQr6OqFMgOJ9X/4LsKB0 szYap6Qi5W/O+e31oPBPOluRpHG4bZ6kzx6VlJv1GmJyGIRu7LWZqjU+/70s2x5E 1PcCMtgcOQz3t9On6kaZpArA+9HbsN30BE9JDoDdK/dRn46CQfw9o5fgcsGv0Jo= =5Hny -----END PGP SIGNATURE----- --sp7pKtwMkIoOrdQbGAIx4BI2eBPVTj5WS--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53C5A1C5.90707>