From owner-cvs-all@FreeBSD.ORG Fri Sep 21 13:14:31 2007 Return-Path: Delivered-To: cvs-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7A36A16A417; Fri, 21 Sep 2007 13:14:31 +0000 (UTC) (envelope-from remko@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id 5187213C45D; Fri, 21 Sep 2007 13:14:31 +0000 (UTC) (envelope-from remko@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.1/8.14.1) with ESMTP id l8LDEVve018702; Fri, 21 Sep 2007 13:14:31 GMT (envelope-from remko@repoman.freebsd.org) Received: (from remko@localhost) by repoman.freebsd.org (8.14.1/8.14.1/Submit) id l8LDEU7J018701; Fri, 21 Sep 2007 13:14:30 GMT (envelope-from remko) Message-Id: <200709211314.l8LDEU7J018701@repoman.freebsd.org> From: Remko Lodder Date: Fri, 21 Sep 2007 13:14:30 +0000 (UTC) To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org X-FreeBSD-CVS-Branch: HEAD Cc: Subject: cvs commit: ports/security/vuxml vuln.xml X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Sep 2007 13:14:31 -0000 remko 2007-09-21 13:14:30 UTC FreeBSD ports repository (src,doc committer) Modified files: security/vuxml vuln.xml Log: Document mediawiki -- cross site scripting vulnerability, our port versions had not been updated yet, 1.8.x is not vulnerable by default unless you are using the $wgEnableAPI = true; statement, in that case please set it to $wgEnableAPI = false; (where possible ofcourse, else upgrade to 1.8.5). Revision Changes Path 1.1429 +37 -1 ports/security/vuxml/vuln.xml