Date: Sun, 16 Jun 2013 17:29:59 +0200 From: Eitan Adler <eadler@freebsd.org> To: bf1783@gmail.com Cc: svn-ports-head@freebsd.org, svn-ports-all@freebsd.org, ports-committers@freebsd.org Subject: Re: svn commit: r321045 - head/security/tor-devel Message-ID: <CAF6rxgnC8hDDwTW9NxqCDs8YEYyFRLzzDm=g=94A5Fn6GdXveA@mail.gmail.com> In-Reply-To: <CAGFTUwPZM4u6LYvx_rsF4My7tHPZKS3V_N2YO7ur29HQyesOsQ@mail.gmail.com> References: <201306161247.r5GCloLW020616@svn.freebsd.org> <CAF6rxgm3x4VgGCnWBJC5SanViZuj1ZNQ-qfsZFgwiSmpBkvXuQ@mail.gmail.com> <CAGFTUwPZM4u6LYvx_rsF4My7tHPZKS3V_N2YO7ur29HQyesOsQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Jun 16, 2013 at 4:06 PM, b.f. <bf1783@googlemail.com> wrote: > In this case no CVEs were issued This is odd. > and I rarely bother with VuXML > entries for the -devel port, because users have come to expect > frequent updates and bug disclosures, and a full list of the secure > versions would be complicated and subject to frequent changes. > However, I can add an entry marking all prior versions as vulnerable > in this case if users think that it would be helpful. I am fine with an entry that marks all previous entries as insecure - the minimum affected version is not important here. -- Eitan Adler Source, Ports, Doc committer Bugmeister, Ports Security teams
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAF6rxgnC8hDDwTW9NxqCDs8YEYyFRLzzDm=g=94A5Fn6GdXveA>