From owner-freebsd-apache@FreeBSD.ORG  Fri Jan 23 10:41:43 2009
Return-Path: <owner-freebsd-apache@FreeBSD.ORG>
Delivered-To: apache@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 9653D106566B;
	Fri, 23 Jan 2009 10:41:43 +0000 (UTC)
	(envelope-from sumikawa@freebsd.org)
Received: from pc1.alaxala.net (pc1.alaxala.net [IPv6:2001:200:165::1:1])
	by mx1.freebsd.org (Postfix) with ESMTP id 42D278FC08;
	Fri, 23 Jan 2009 10:41:43 +0000 (UTC)
	(envelope-from sumikawa@freebsd.org)
Received: from localhost (localhost [127.0.0.1])
	by pc1.alaxala.net (Postfix) with ESMTP id 41237B95E;
	Fri, 23 Jan 2009 19:41:43 +0900 (JST)
X-Virus-Scanned: amavisd-new at alaxala.net
Received: from pc1.alaxala.net ([127.0.0.1])
	by localhost (pc1.alaxala.net [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id mGGr0CrYyC1Q; Fri, 23 Jan 2009 19:41:42 +0900 (JST)
Received: from prince.don.to (unknown [IPv6:2001:200:165:2:223:6cff:fe80:e422])
	by pc1.alaxala.net (Postfix) with ESMTP id 910ACB875;
	Fri, 23 Jan 2009 19:41:42 +0900 (JST)
Date: Fri, 23 Jan 2009 19:41:39 +0900 (JST)
Message-Id: <20090123.194139.209849139.sumikawa@alaxala.net>
To: secteam@FreeBSD.org
From: Munechika SUMIKAWA / =?iso-2022-jp?B?GyRCM1FAbj0hNmEbKEI=?=
	<sumikawa@freebsd.org>
X-Mailer: Mew version 6.2.50 on Emacs 22.3 / Mule 5.0 (SAKAKI)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Cc: sumikawa@alaxala.net, apache@FreeBSD.org
Subject: update request for ports/security/vuxml/vuln.xml
X-BeenThere: freebsd-apache@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Support of apache-related ports  <freebsd-apache.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-apache>, 
	<mailto:freebsd-apache-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-apache>
List-Post: <mailto:freebsd-apache@freebsd.org>
List-Help: <mailto:freebsd-apache-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-apache>,
	<mailto:freebsd-apache-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Jan 2009 10:41:44 -0000

The below two vulnerability info for ports/www/apache13+ipv6 was not
updated for a few years.
	http://www.freebsd.org/ports/portaudit/9fff8dc8-7aa7-11da-bf72-00123f589060.html
	http://www.freebsd.org/ports/portaudit/651996e0-fe07-11d9-8329-000e0c2e438a.html

The both must be fixed in apache13+ipv6-1.3.37
	http://www.freebsd.org/cgi/cvsweb.cgi/ports/www/apache13+ipv6/Makefile.diff?r1=1.50;r2=1.51

please review the below patch and update ports/security/vuxml/vuln.xml.

Thanks,

-- Sumikawa@freebsd.org

Index: vuln.xml
===================================================================
RCS file: /home/pcvs/ports/security/vuxml/vuln.xml,v
retrieving revision 1.1829
diff -u -r1.1829 vuln.xml
--- vuln.xml	21 Jan 2009 19:44:14 -0000	1.1829
+++ vuln.xml	23 Jan 2009 10:35:55 -0000
@@ -22371,10 +22371,13 @@
       </package>
       <package>
 	<name>apache_fp</name>
-	<name>apache+ipv6</name>
 	<range><ge>0</ge></range>
       </package>
       <package>
+	<name>apache+ipv6</name>
+	<range><lt>1.3.37</lt></range>
+      </package>
+      <package>
 	<name>ru-apache</name>
 	<range><lt>1.3.34+30.22_1</lt></range>
       </package>
@@ -26306,10 +26309,13 @@
       </package>
       <package>
 	<name>apache_fp</name>
-	<name>apache+ipv6</name>
 	<range><gt>0</gt></range>
       </package>
       <package>
+	<name>apache+ipv6</name>
+	<range><lt>1.3.37</lt></range>
+      </package>
+      <package>
 	<name>ru-apache</name>
 	<range><lt>1.3.34+30.22</lt></range>
       </package>