From owner-cvs-all@FreeBSD.ORG Thu Apr 19 08:07:13 2012 Return-Path: Delivered-To: cvs-all@FreeBSD.org Received: by hub.freebsd.org (Postfix, from userid 975) id 3038B1065673; Thu, 19 Apr 2012 08:07:13 +0000 (UTC) Date: Thu, 19 Apr 2012 08:07:13 +0000 From: "Sergey A. Osokin" To: Eitan Adler Message-ID: <20120419080713.GB16794@FreeBSD.org> References: <201204161534.q3GFYv4M052980@repoman.freebsd.org> <20120416153515.CBDBD1065784@hub.freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <20120416153515.CBDBD1065784@hub.freebsd.org> User-Agent: Mutt/1.4.2.1i Cc: cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org, ports-committers@FreeBSD.org Subject: Re: [ports] cvs commit: ports/security/vuxml vuln.xml X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: **OBSOLETE** CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Apr 2012 08:07:13 -0000 Thanks a lot! -- Sergey A. Osokin osa@FreeBSD.org On Mon, Apr 16, 2012 at 03:35:15PM +0000, Eitan Adler wrote: > eadler 2012-04-16 15:34:57 UTC > > FreeBSD ports repository > > Modified files: > security/vuxml vuln.xml > Log: > Add information about the recent nginx security vulnerability > > PR: ports/166990 > Submitted by: rodrigo osorio > > Revision Changes Path > 1.2664 +31 -1 ports/security/vuxml/vuln.xml > _______________________________________________ > cvs-all@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/cvs-all > To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org" > > > Index: ports/security/vuxml/vuln.xml > diff -u ports/security/vuxml/vuln.xml:1.2663 ports/security/vuxml/vuln.xml:1.2664 > --- ports/security/vuxml/vuln.xml:1.2663 Sat Apr 14 16:45:06 2012 > +++ ports/security/vuxml/vuln.xml Mon Apr 16 15:34:57 2012 > @@ -52,6 +52,36 @@ > > --> > > + > + nginx -- Buffer overflow in the ngx_http_mp4_module > + > + > + nginx > + 1.0.15 > + > + > + nginx-devel > + 1.1.19 > + > + > + > + > +

The nginx project reports:

> +

> +
Buffer overflow in the ngx_http_mp4_module
> +

> + > + > + > + CVE-2012-2089 > + http://nginx.org/en/security_advisories.html > + > + > + 2012-04-12 > + 2012-04-16 > + > + > + > > phpmyfaq -- Remote PHP Code Execution Vulnerability >