From owner-svn-ports-all@FreeBSD.ORG Thu Aug 23 04:14:44 2012 Return-Path: Delivered-To: svn-ports-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 45A12106566C for ; Thu, 23 Aug 2012 04:14:44 +0000 (UTC) (envelope-from lists@eitanadler.com) Received: from mail-pb0-f54.google.com (mail-pb0-f54.google.com [209.85.160.54]) by mx1.freebsd.org (Postfix) with ESMTP id 14A628FC12 for ; Thu, 23 Aug 2012 04:14:42 +0000 (UTC) Received: by pbbrp2 with SMTP id rp2so577711pbb.13 for ; Wed, 22 Aug 2012 21:14:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=eitanadler.com; s=0xdeadbeef; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type; bh=12tbWORJg7znWyVSVS8b5lz8dOSF/JdY5I+25sM1Bis=; b=OmgZ7BEZMcftDzwt7PhZAgSDTXHF90bECV3ObE79IQf8LwEc0lQrpKaYUs5lHrGzM3 VpgxXN7KiaEWQHALBYMV03v0JlAjv5wvpfAehL/xxyu7KYGnEc3g0pM+C7Ei2YnTLNxk aPB6oHzXq3tJv3u2nmHzmyaNIdeRGxKkvTJC0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type :x-gm-message-state; bh=12tbWORJg7znWyVSVS8b5lz8dOSF/JdY5I+25sM1Bis=; b=HcHf2NNZ+JaTp+PDgFnQkYvQiAmfezmoeFe91nMHB43MI4DI7wFOB6R4ZOD+MlW6A5 W/2K0Kps86U2Rp2FjhSdBgKloDAJFS4uKiItZ4R2kYYy4EeuljXzozYPZ6wxpdMBxM7D EkUtICYZex4FfCjEmtWCgsEj1Y6jBbsqvL1ujqszzekdk0H4gOzlOGsKx6YHOilV2uzR JmSoHFxF7z0tdaY9XqBqrbIubAc9rlxp2asiwVmycWaDFOkl6p5LARa3ZxFCNRCxJqmO stNAbjjsOQ6i4KPmRwKkxbrBpgBWKe7G/WZXqnqVr94vcCJIM9OY5R2BAVgeFLDQlenZ 2LBA== Received: by 10.66.83.129 with SMTP id q1mr451945pay.4.1345695282164; Wed, 22 Aug 2012 21:14:42 -0700 (PDT) MIME-Version: 1.0 Sender: lists@eitanadler.com Received: by 10.67.4.227 with HTTP; Wed, 22 Aug 2012 21:14:09 -0700 (PDT) In-Reply-To: <201208222110.q7MLAAmE098220@svn.freebsd.org> References: <201208222110.q7MLAAmE098220@svn.freebsd.org> From: Eitan Adler Date: Thu, 23 Aug 2012 00:14:09 -0400 X-Google-Sender-Auth: djvz4r9tcnWcqXkmgPWYEIqClnQ Message-ID: To: Eygene Ryabinkin Content-Type: text/plain; charset=UTF-8 X-Gm-Message-State: ALoCoQmi8VvBEXTdpTPbv0mVEMmm5CsqvjU54sAc9EpUW3vTmSmgIx8zcIpBHuq/1L1ao3J3juB0 Cc: svn-ports-head@freebsd.org, svn-ports-all@freebsd.org, ports-committers@freebsd.org Subject: Re: svn commit: r302966 - head/security/vuxml X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Aug 2012 04:14:44 -0000 On 22 August 2012 17:10, Eygene Ryabinkin wrote: > Author: rea > Date: Wed Aug 22 21:10:10 2012 > New Revision: 302966 > URL: http://svn.freebsd.org/changeset/ports/302966 > > Log: > VuXML: document CVE-2012-3525 in jabberd 2.x > > Modified: > head/security/vuxml/vuln.xml > > Modified: head/security/vuxml/vuln.xml > ============================================================================== > --- head/security/vuxml/vuln.xml Wed Aug 22 20:40:40 2012 (r302965) > +++ head/security/vuxml/vuln.xml Wed Aug 22 21:10:10 2012 (r302966) > @@ -51,6 +51,39 @@ Note: Please add new entries to the beg > > --> > > + > + jabberd -- domain spoofing in server dialback protocol > + > + > + jabberd > + 2.2.16_2 > + > + It seems like this vuln affects multiple ports: http://xmpp.org/resources/security-notices/server-dialback/ Do we want one vuxml for all of them or separate vuxmls? My preference is for one combined entry. -- Eitan Adler Source & Ports committer X11, Bugbusting teams