Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 9 Aug 2003 11:05:42 +0930
From:      Greg 'groggy' Lehey <grog@FreeBSD.org>
To:        Alexander Leidinger <Alexander@Leidinger.net>
Cc:        Kris Kennaway <kris@obsecurity.org>
Subject:   Re: Ports scheduled for removal on Nov 7
Message-ID:  <20030809013542.GZ1741@wantadilla.lemis.com>
In-Reply-To: <20030808124244.48aca148.Alexander@Leidinger.net>
References:  <20030808045334.GA97079@rot13.obsecurity.org> <20030808124244.48aca148.Alexander@Leidinger.net>
next in thread | previous in thread | raw e-mail | index | archive | help 

--enQ4buem96rqs4uP
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Friday,  8 August 2003 at 12:42:44 +0200, Alexander Leidinger wrote:
> On Thu, 7 Aug 2003 21:53:34 -0700
> Kris Kennaway <kris@obsecurity.org> wrote:
>
>> The following ports are scheduled for removal on November 7 if they
>> are still broken at that time and no PRs have been submitted to fix
>
>> databases/firebird	firebird-1.0.2	chris@aims.com.au
>> databases/firebird-devel	firebird-1.0.r2	chris@aims.com.au
>
> I've marked them FORBIDDEN because of an posting on bugtraq. I've talked
> with the maintainer and he explained, that the developers focus on the
> development of the next version and don't seem to be interested in
> fixing this vulnerability.

Are you sure that this vulnerability exists?  bugtraq seems to be
rather indiscriminate in its claims ("found in this version, all these
others must have it too").  I've seen at least one case where we were
about to throw out something (ghostview, I think) because of a library
vulnerability on a different platform.

Greg
--
See complete headers for address and phone numbers

--enQ4buem96rqs4uP
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (FreeBSD)

iD8DBQE/NE/uIubykFB6QiMRArjUAKCFmi1qcakH+Er+7GJeQXsZWWKomgCgg9Z5
asMoCht0AsOEhM/LgY2s6U0=
=M7SK
-----END PGP SIGNATURE-----

--enQ4buem96rqs4uP--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030809013542.GZ1741>