From owner-freebsd-ports@FreeBSD.ORG  Tue Jul 15 19:45:42 2014
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: ports@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 8AEB720D;
 Tue, 15 Jul 2014 19:45:42 +0000 (UTC)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.20])
 (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mout.gmx.net", Issuer "TeleSec ServerPass DE-1" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 213E92CCA;
 Tue, 15 Jul 2014 19:45:41 +0000 (UTC)
Received: from [192.168.0.100] ([87.139.233.65]) by mail.gmx.com (mrgmx102)
 with ESMTPSA (Nemesis) id 0Lkzph-1WWQbP099p-00ajvl; Tue, 15 Jul 2014 21:32:34
 +0200
Message-ID: <53C581D1.8020702@gmx.de>
Date: Tue, 15 Jul 2014 21:32:33 +0200
From: olli hauer <ohauer@gmx.de>
User-Agent: Mozilla/5.0 (Windows NT 5.1;
 rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: =?UTF-8?B?UmVuw6kgTGFkYW4=?= <rene@freebsd.org>
Subject: Re: marking vulnerable ports forbidden?
References: <CADL2u4gw7VSvuYwk_N26QnrOCyBd71=-R9U225372vYPEVz=Bw@mail.gmail.com>
In-Reply-To: <CADL2u4gw7VSvuYwk_N26QnrOCyBd71=-R9U225372vYPEVz=Bw@mail.gmail.com>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Provags-ID: V03:K0:hZ8X+5MnzOE+qLEgqUDZCBbDCZWVfEuj8sevN6VVugFpPpm4N6y
 eEq8ZL+qTlob+bEvI5dFyC79IntpVjW2cidfh4e1uXgWQ8OQpJxKC7Pe7O8taEMjoAcI88a
 +PcVV1SlmUF68vT7FrRHiSfhciCUmaO9VfHIfErSUxuGhBwSEA4hrMNAz6W5+IymNQiLw8E
 QyD0LyQuFWOBAjxUDtZ8g==
Cc: "ports@freebsd.org Ports" <ports@freebsd.org>
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports/>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Jul 2014 19:45:42 -0000

On 2014-07-15 14:45, René Ladan wrote:
> Hi,
> 
> according to Freshports [1] there are currently 24 vulnerable ports not
> marked as forbidden.
> How about checking this list on a regular basis and marking such ports and
> forbidden and optionally as deprecated? This would inform users not using
> vuxml earlier about vulnerabilities.
> 
> [1] http://www.freshports.org/ports-vulnerable.php
> 

Hm, in case of mod/php5-5.4.30 I cannot find a vuxml entry or a hint about current issues in www/php5 or lang/php5.
Please double check against vuxml and the MASTERPORT before marking the ports FORBIDDEN.