Date: Thu, 28 May 2015 12:28:41 -0500 From: Bryan Drewery <bdrewery@FreeBSD.org> To: Mark Felder <feld@FreeBSD.org>, Roger Marquis <marquis@roble.com> Cc: freebsd-ports@freebsd.org Subject: Re: New pkg audit / vuln.xml failures (php55, unzoo) Message-ID: <55675049.1030502@FreeBSD.org> In-Reply-To: <1432833397.3252848.280655409.2ADE5952@webmail.messagingengine.com> References: <alpine.BSF.2.11.1505171402430.52815@eboyr.pbz> <20150523153029.B7BD3280@hub.freebsd.org> <1432659389.3130746.278522905.6D1E6549@webmail.messagingengine.com> <20150527174037.EF719B11@hub.freebsd.org> <556746A4.4090208@FreeBSD.org> <1432833397.3252848.280655409.2ADE5952@webmail.messagingengine.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --W5SMCe2pJ5fnFqQGE1UHaEOIpXOM88J7i Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 5/28/2015 12:16 PM, Mark Felder wrote: >=20 >=20 > On Thu, May 28, 2015, at 11:47, Bryan Drewery wrote: >> >> I think the VUXML database needs to be simpler to contribute to. Only = a >> handful of committers feel comfortable touching the file. >=20 > We could use a very friendly user-facing form that they can fill out to= > create a valid vuxml entry. And then the entry could create a github > pull request. It would be very easy then to accept or reject the > request, and accepted requests could be auto-committed to the ports tre= e > or wherever it needs to go so pkgaudit can pull it. >=20 > This would be leaps and bounds better than what we have. It would > simplify the process and permit crowdsourcing CVE reporting.=20 >=20 > Everybody wins. >=20 swills@ wrote up something a few years ago for an html form. --=20 Regards, Bryan Drewery --W5SMCe2pJ5fnFqQGE1UHaEOIpXOM88J7i Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJVZ1BJAAoJEDXXcbtuRpfPtqcH+wflYK5ig6kS/2TEdvLXo0nW NHZ/O/ftnF0MWlu97NmD/Tf+RFng4fZQJP56ZKnUn/CpxeMHLWDr85inbxDjRI6s Rvt3wQmfWGP4rTFF7e4FB69MOBhkDWcRXSaeB/edm8LxImKHull/7EKTi19UCaXT 0vMiCfZUv8FO3YlxD4xHbWGkrYsfMfjOiFx6iHmggEH0pbAPJROWFbTJGXfJG5W0 SU+exiW28rGKL7aoaM6Xkbllqv2AeYpSizzFNU2DjicMQ/tgsuhBvHLNuqceecEY QlLdp9LwNwqt9kBKbFZddjyfLkm8lUISvGMGK9NKnqpgsav1otMd3RFJdQFjYtI= =GA+F -----END PGP SIGNATURE----- --W5SMCe2pJ5fnFqQGE1UHaEOIpXOM88J7i--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?55675049.1030502>