Date: Mon, 16 Apr 2012 10:12:51 GMT From: rodrigo osorio <rodrigo@bebik.net> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/166990: security/vuxml update to report www/[nginx|nginx-devel] security issue Message-ID: <201204161012.q3GACpQR079614@red.freebsd.org> Resent-Message-ID: <201204161020.q3GAKAAS074037@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 166990 >Category: ports >Synopsis: security/vuxml update to report www/[nginx|nginx-devel] security issue >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Mon Apr 16 10:20:09 UTC 2012 >Closed-Date: >Last-Modified: >Originator: rodrigo osorio >Release: >Organization: >Environment: >Description: The www/[nginx|nginx-devel] ports was updated last friday to fix a buffer overflow issue, but the vuxml database doesn't reflect the change. See below, the patch to update the vuln.xml file generate using the Makefile commands. Only the first part of the validation was done, the script fails unexpectedly. http://files.bebik.net/patches/vuln.patch >How-To-Repeat: >Fix: Apply the patch below : http://files.bebik.net/patches/vuln.patch >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201204161012.q3GACpQR079614>