Date: Thu, 23 Aug 2012 00:14:09 -0400 From: Eitan Adler <eadler@freebsd.org> To: Eygene Ryabinkin <rea@freebsd.org> Cc: svn-ports-head@freebsd.org, svn-ports-all@freebsd.org, ports-committers@freebsd.org Subject: Re: svn commit: r302966 - head/security/vuxml Message-ID: <CAF6rxgmXTVehLxhiRQEKC6dKxzLKfw8fLw_bDTxmukYoNVRF=Q@mail.gmail.com> In-Reply-To: <201208222110.q7MLAAmE098220@svn.freebsd.org> References: <201208222110.q7MLAAmE098220@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 22 August 2012 17:10, Eygene Ryabinkin <rea@freebsd.org> wrote: > Author: rea > Date: Wed Aug 22 21:10:10 2012 > New Revision: 302966 > URL: http://svn.freebsd.org/changeset/ports/302966 > > Log: > VuXML: document CVE-2012-3525 in jabberd 2.x > > Modified: > head/security/vuxml/vuln.xml > > Modified: head/security/vuxml/vuln.xml > ============================================================================== > --- head/security/vuxml/vuln.xml Wed Aug 22 20:40:40 2012 (r302965) > +++ head/security/vuxml/vuln.xml Wed Aug 22 21:10:10 2012 (r302966) > @@ -51,6 +51,39 @@ Note: Please add new entries to the beg > > --> > <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; > + <vuln vid="4d1d2f6d-ec94-11e1-8bd8-0022156e8794"> > + <topic>jabberd -- domain spoofing in server dialback protocol</topic> > + <affects> > + <package> > + <name>jabberd</name> > + <range><lt>2.2.16_2</lt></range> > + </package> > + </affects> It seems like this vuln affects multiple ports: http://xmpp.org/resources/security-notices/server-dialback/ Do we want one vuxml for all of them or separate vuxmls? My preference is for one combined entry. -- Eitan Adler Source & Ports committer X11, Bugbusting teams
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAF6rxgmXTVehLxhiRQEKC6dKxzLKfw8fLw_bDTxmukYoNVRF=Q>