Date: Tue, 19 Sep 2006 21:34:02 +0200 From: "Simon L. Nielsen" <simon@FreeBSD.org> To: Fred Cox <sailorfred@yahoo.com> Cc: freebsd-ports@freebsd.org, Kris Kennaway <kris@obsecurity.org> Subject: Re: www/dotproject out of date and vulnerable Message-ID: <20060919193401.GC1037@zaphod.nitro.dk> In-Reply-To: <20060919192355.28159.qmail@web31804.mail.mud.yahoo.com> References: <20060919020738.GA16953@xor.obsecurity.org> <20060919192355.28159.qmail@web31804.mail.mud.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--NzB8fVQJ5HfG6fxh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2006.09.19 12:23:55 -0700, Fred Cox wrote: > Also, where do I go to get www/dotproject-2.0.2 marked > as vulnerable in the portaudit database? Your mail to secteam@ slipped through the cracks. Sorry about that. To mark something vulnerable in portaudit it needs to be added to the VuXML document. See http://www.freebsd.org/doc/en_US.ISO8859-1/books/porters-handbook/security-= notify.html for information on doing this. We (FreeBSD Security Team) try to document as much as possible in VuXML, but unfortunately there are currently simply too make new issues coming in for us to keep up in as timely a fashion as we would like. --=20 Simon L. Nielsen FreeBSD Deputy Security Officer --NzB8fVQJ5HfG6fxh Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) iD8DBQFFEEYpNE7ltJU9KiERAm07AKCjVwdaLwcGs1SXI3uqja2D3s+6MgCcDK4H kkF6d5f735AfHYdgALWvCgQ= =gYOR -----END PGP SIGNATURE----- --NzB8fVQJ5HfG6fxh--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060919193401.GC1037>