Date: Mon, 18 May 2015 09:41:15 -0500 From: Bryan Drewery <bdrewery@FreeBSD.org> To: Roger Marquis <marquis@roble.com>, freebsd-security@freebsd.org, freebsd-pkg@freebsd.org, freebsd-ports@freebsd.org Subject: Re: pkg audit / vuln.xml failures Message-ID: <5559FA0B.8080005@FreeBSD.org> In-Reply-To: <20150517210259.C25DF76F@hub.freebsd.org> References: <20150517210259.C25DF76F@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --rB4sRDOgLiJcN0HGIXPAnXoh3l6s8Wa3V Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 5/17/2015 4:02 PM, Roger Marquis wrote: > Does anyone know what's going on with vuln.xml updates? Over the last > few weeks and months CVEs and application mailing lists have announced > vulnerabilities for several ports that in some cases only showed up in > vuln.xml after several days and in other cases are still not listed > (despite email to the security team). >=20 > Is there a URL outlining the policies and procedures of vuln.xml > maintenance? >=20 ports-secteam@ owns this file, not secteam@. The team needs more help. Would you like to volunteer to submit vuxml updates? Many contributors, and committers, feel the file is not easy to contribute to. Regards, Bryan Drewery --rB4sRDOgLiJcN0HGIXPAnXoh3l6s8Wa3V Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJVWfoSAAoJEDXXcbtuRpfPA0EIAM6fvSkm3GsxafSbgwpSvVnZ S3wC+MlSwMS+UW0jYG9/y2Qpz3P3gZEHOSxcxI9lF/jvAtA46Za8pAxJRChN2TQZ ToOhfpZkH6EVgyg/8mw9kcRx1DAwSk4N7UsE9gBY8ubJDeIF/gvqlbOkbTN6xxRb tIbF8OXfzJnqKVIaNBfsoDfmNBOaUzEBzWoIEjXXuSTMD/QrlSZyiTJNIHj+s6W4 sJpGATzpRVmyadqcMwc8D4z2sONbf3f9jklLqeO4h7IItIO8Csa/UpYMWLW3IbYB aeRdIx8kBl0WbugV1cwnZu2Lq0QrGarwEsjyY2F6XYD7BDenVJejQ0GtlOIHuEw= =GJke -----END PGP SIGNATURE----- --rB4sRDOgLiJcN0HGIXPAnXoh3l6s8Wa3V--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5559FA0B.8080005>