From owner-svn-ports-all@FreeBSD.ORG Wed Nov 13 16:12:00 2013 Return-Path: Delivered-To: svn-ports-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C5DCEBB4 for ; Wed, 13 Nov 2013 16:12:00 +0000 (UTC) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 93F9E2C5A for ; Wed, 13 Nov 2013 16:12:00 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id rADGC0fF014723 for ; Wed, 13 Nov 2013 16:12:00 GMT (envelope-from bdrewery@freefall.freebsd.org) Received: (from bdrewery@localhost) by freefall.freebsd.org (8.14.7/8.14.7/Submit) id rADGC0FG014718 for svn-ports-all@freebsd.org; Wed, 13 Nov 2013 16:12:00 GMT (envelope-from bdrewery) Received: (qmail 82294 invoked from network); 13 Nov 2013 10:11:58 -0600 Received: from unknown (HELO roundcube.xk42.net) (10.10.5.5) by sweb.xzibition.com with SMTP; 13 Nov 2013 10:11:58 -0600 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Date: Wed, 13 Nov 2013 10:11:58 -0600 From: Bryan Drewery To: Remko Lodder Subject: Re: svn commit: r333686 - head/security/vuxml Organization: FreeBSD In-Reply-To: <201311131407.rADE74ES052136@svn.freebsd.org> References: <201311131407.rADE74ES052136@svn.freebsd.org> Message-ID: <2b05965727bce01d9ae11bf0f254eac1@shatow.net> X-Sender: bdrewery@FreeBSD.org User-Agent: Roundcube Webmail/0.9.3 Cc: svn-ports-head@freebsd.org, svn-ports-all@freebsd.org, owner-ports-committers@freebsd.org, ports-committers@freebsd.org X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Nov 2013 16:12:00 -0000 On 2013-11-13 08:07, Remko Lodder wrote: > Author: remko (src,doc committer) > Date: Wed Nov 13 14:07:04 2013 > New Revision: 333686 > URL: http://svnweb.freebsd.org/changeset/ports/333686 > > Log: > Fix the OpenSSH entry, a version entry should be marked > on a per rule basis, and not on it's own lines, because > that would bogusly match other versions then intended. Thanks! > > When in doubt, please let me review your changes!! I had no doubt! > hat: secteam > > Modified: > head/security/vuxml/vuln.xml > > Modified: head/security/vuxml/vuln.xml > ============================================================================== > --- head/security/vuxml/vuln.xml Wed Nov 13 13:50:11 2013 (r333685) > +++ head/security/vuxml/vuln.xml Wed Nov 13 14:07:04 2013 (r333686) > @@ -147,18 +147,16 @@ Note: Please add new entries to the beg > > > openssh-portable > - 6.4.p1,1 > - 6.2.p2,1 > + 6.2.p2,16.4.p1,1 > > > openssh-portable-base > - 6.4.p1,1 > - 6.2.p2,1 > + 6.2.p2,16.4.p1,1 > > > > > -

OpenSSH development team reports:

> +

The OpenSSH development team reports:

>
>

A memory corruption vulnerability exists in the post- > authentication sshd process when an AES-GCM cipher > @@ -184,7 +182,7 @@ Note: Please add new entries to the beg > > 2013-11-07 > 2013-11-08 > - 2013-11-11 > + 2013-11-13 > > -- Regards, Bryan Drewery