From owner-freebsd-ports@FreeBSD.ORG Thu Jun 11 14:09:53 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 60DC09B3 for ; Thu, 11 Jun 2015 14:09:53 +0000 (UTC) (envelope-from lists@eitanadler.com) Received: from mail-wi0-x231.google.com (mail-wi0-x231.google.com [IPv6:2a00:1450:400c:c05::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E4517177A for ; Thu, 11 Jun 2015 14:09:52 +0000 (UTC) (envelope-from lists@eitanadler.com) Received: by wigg3 with SMTP id g3so76426889wig.1 for ; Thu, 11 Jun 2015 07:09:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=eitanadler.com; s=0xdeadbeef; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=03geTjzDfSE5KpVadMuNWb+J1iwNTFlAptA23BY6iyU=; b=pXY2n0yvPHR6gNrxcSpt+8am+U6X6Mgn/cmwdC1OhgBP9XNVcvepzmfQKykgDm8ghF +mAIJupz2RmvC0RFpO1lJtPR3waeikKuEJjAr1vRGESkr40CpbaXYurFhHFkfy1u6qLc jp8vjbVlFouaj/8iIPuQ+Fx0JGPTmwUY47mjI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=03geTjzDfSE5KpVadMuNWb+J1iwNTFlAptA23BY6iyU=; b=jlOdE+PQrJ10PtQ2f0n09TqUyHoFDyEGBL7tEmxXfKenOr3nZmze2HOh/O0voIoOgU Ui7jk3lLkj3eEuUCQYxwnpiPTqypaHLZs/2GN7dEfNQdjcnF+IJstfLYsHI6JbPR2qLU /JTyh37qjpqmwXjke9Bxx8nHsgaHRetNkpQ5ijcocBc+l7WrqLj+MwZZQAtFfY/s1jlS yVKCmIoym0VySgnGTad3rCHZVTBjs/3mDOIbwNs4tKH4omBgeu9xG1lrfRFI3F21vhpo vXEh3O1vywiOyeAVbqOl+ON86eFyPINVnh1BSjWA3HoqS5iQrq0sOHeQlMjSFDATooAK AzaA== X-Gm-Message-State: ALoCoQmK0QH3U5mIRi5cfOBmkdoY0CsaREk8mGY3vtlVuki44FKo1Twk87ISz4aOppEXODLqKNkL X-Received: by 10.180.108.142 with SMTP id hk14mr19544170wib.5.1434031791158; Thu, 11 Jun 2015 07:09:51 -0700 (PDT) MIME-Version: 1.0 Received: by 10.28.65.85 with HTTP; Thu, 11 Jun 2015 07:09:20 -0700 (PDT) In-Reply-To: <55799164.3040404@FreeBSD.org> References: <20150523153029.B7BD3280@hub.freebsd.org> <1432659389.3130746.278522905.6D1E6549@webmail.messagingengine.com> <20150527174037.EF719B11@hub.freebsd.org> <556746A4.4090208@FreeBSD.org> <20150608210004.9F46A7B7@hub.freebsd.org> <1433820881.2461667.290406793.0AB7ECBD@webmail.messagingengine.com> <55792079.5040506@unfs.us> <20150611131544.GB10584@lonesome.com> <55799164.3040404@FreeBSD.org> From: Eitan Adler Date: Thu, 11 Jun 2015 07:09:20 -0700 Message-ID: Subject: Re: New pkg audit / vuln.xml failures (php55, unzoo) To: Matthew Seaman Cc: freebsd ports Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Jun 2015 14:09:53 -0000 On 11 June 2015 at 06:47, Matthew Seaman wrote: > On 11/06/2015 09:15, Mark Linimon wrote: >> On Wed, Jun 10, 2015 at 11:45:29PM -0600, Janky Jay, III wrote: >>> Hrm... Numerous inquiries regarding this and no response is somewhat >>> disappointing. >> >> This is not an excuse, but a number of us are at BSDCan and distracted. >> >> There have been discussions about how to solve the larger "ports security" >> problem but no conclusive decision yet. It is, however, a hot topic. > > I'd like to add that the situation with ports-secteam -- not having a > published list of members and so forth -- has come to the attention of > the Core team and things are in motion to improve the situation. In the > mean time, Xin Li has posted some useful information to freebsd-security@ -- There is also https://reviews.freebsd.org/D2761 for adding the list of team members to the https://www.freebsd.org/administration.html page -- Eitan Adler