Date: Sun, 10 Aug 2014 03:28:30 +0000 From: "Sergey A. Osokin" <osa@FreeBSD.org> To: =?koi8-r?B?UmVuw6k=?= Ladan <rene@freebsd.org> Cc: svn-ports-head@freebsd.org, svn-ports-all@freebsd.org, ports-committers@freebsd.org Subject: Re: svn commit: r364460 - head/www/nginx Message-ID: <20140810032830.GB69380@FreeBSD.org> In-Reply-To: <20140810030851.GA69380@FreeBSD.org> References: <53e66a49.2ebf.35c2c6fd@svn.freebsd.org> <53E6B967.1030608@freebsd.org> <20140810030851.GA69380@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Aug 10, 2014 at 03:08:51AM +0000, Sergey A. Osokin wrote: > Hi Rene, > > On Sun, Aug 10, 2014 at 02:14:31AM +0200, René Ladan wrote: > > On 09-08-2014 20:36, Sergey A. Osokin wrote: > > > Author: osa > > > Date: Sat Aug 9 18:36:56 2014 > > > New Revision: 364460 > > > URL: http://svnweb.freebsd.org/changeset/ports/364460 > > > QAT: https://qat.redports.org/buildarchive/r364460/ > > > > > > Log: > > > Update from 1.6.0 to 1.6.1. > > > > > > <ChangeLog> > > > > > > *) Security: pipelined commands were not discarded after STARTTLS > > > command in SMTP proxy (CVE-2014-3556); the bug had appeared in 1.5.6. > > > Thanks to Chris Boulton. > > The vuxml file says < 1.6.4,2 is vulnerable, I assume that is a typo? > > Yes, the issue has been fixed. > > > Also, can you add CPE information to the Makefile (see > > https://wiki.freebsd.org/Ports/CPE ) ? > > Will do. Done. -- Sergey A. Osokin osa@FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140810032830.GB69380>