From owner-svn-ports-head@freebsd.org Thu Oct 1 03:14:15 2015 Return-Path: Delivered-To: svn-ports-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6C585A0D9D9; Thu, 1 Oct 2015 03:14:15 +0000 (UTC) (envelope-from junovitch@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3EEF91C6A; Thu, 1 Oct 2015 03:14:15 +0000 (UTC) (envelope-from junovitch@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id t913EFKX046734; Thu, 1 Oct 2015 03:14:15 GMT (envelope-from junovitch@FreeBSD.org) Received: (from junovitch@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id t913EEPf046733; Thu, 1 Oct 2015 03:14:14 GMT (envelope-from junovitch@FreeBSD.org) Message-Id: <201510010314.t913EEPf046733@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: junovitch set sender to junovitch@FreeBSD.org using -f From: Jason Unovitch Date: Thu, 1 Oct 2015 03:14:14 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r398246 - head/security/vuxml X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Oct 2015 03:14:15 -0000 Author: junovitch Date: Thu Oct 1 03:14:14 2015 New Revision: 398246 URL: https://svnweb.freebsd.org/changeset/ports/398246 Log: Document security advisory for the Apache James server PR: 203461 Security: be3069c9-67e7-11e5-9909-002590263bf5 Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Thu Oct 1 02:52:46 2015 (r398245) +++ head/security/vuxml/vuln.xml Thu Oct 1 03:14:14 2015 (r398246) @@ -58,6 +58,39 @@ Notes: --> + + james -- multiple vulnerabilities + + + james + 2.3.2.1 + + + + +

The Apache James Project reports:

+
This release has many enhancements and bug fixes over the previous + release. See the Release Notes for a detailed list of changes. Some + of the earlier defects could turn a James mail server into an Open + Relay and allow files to be written on disk. All users of James + Server are urged to upgrade to version v2.3.2.1 as soon as + possible.
+

+ + + + ports/203461 + 988628 + http://james.apache.org/download.cgi#Apache_James_Server + https://blogs.apache.org/james/entry/apache_james_server_2_3 + + + 2015-09-30 + 2015-10-01 + + + otrs -- Scheduler Process ID File Access