Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 19 Sep 2006 21:34:02 +0200
From:      "Simon L. Nielsen" <simon@FreeBSD.org>
To:        Fred Cox <sailorfred@yahoo.com>
Cc:        freebsd-ports@freebsd.org, Kris Kennaway <kris@obsecurity.org>
Subject:   Re: www/dotproject out of date and vulnerable
Message-ID:  <20060919193401.GC1037@zaphod.nitro.dk>
In-Reply-To: <20060919192355.28159.qmail@web31804.mail.mud.yahoo.com>
References:  <20060919020738.GA16953@xor.obsecurity.org> <20060919192355.28159.qmail@web31804.mail.mud.yahoo.com>

next in thread | previous in thread | raw e-mail | index | archive | help

--NzB8fVQJ5HfG6fxh
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On 2006.09.19 12:23:55 -0700, Fred Cox wrote:

> Also, where do I go to get www/dotproject-2.0.2 marked
> as vulnerable in the portaudit database?

Your mail to secteam@ slipped through the cracks.  Sorry about that.

To mark something vulnerable in portaudit it needs to be added to the
VuXML document.  See
http://www.freebsd.org/doc/en_US.ISO8859-1/books/porters-handbook/security-=
notify.html
for information on doing this.  We (FreeBSD Security Team) try to
document as much as possible in VuXML, but unfortunately there are
currently simply too make new issues coming in for us to keep up in as
timely a fashion as we would like.

--=20
Simon L. Nielsen
FreeBSD Deputy Security Officer

--NzB8fVQJ5HfG6fxh
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (FreeBSD)

iD8DBQFFEEYpNE7ltJU9KiERAm07AKCjVwdaLwcGs1SXI3uqja2D3s+6MgCcDK4H
kkF6d5f735AfHYdgALWvCgQ=
=gYOR
-----END PGP SIGNATURE-----

--NzB8fVQJ5HfG6fxh--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060919193401.GC1037>