From owner-svn-ports-head@freebsd.org  Thu Dec 10 09:51:29 2020
Return-Path: <owner-svn-ports-head@freebsd.org>
Delivered-To: svn-ports-head@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id BABCE47B791;
 Thu, 10 Dec 2020 09:51:29 +0000 (UTC)
 (envelope-from philip@freebsd.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "smtp.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4Cs8M54wSKz3Qw4;
 Thu, 10 Dec 2020 09:51:29 +0000 (UTC)
 (envelope-from philip@freebsd.org)
Received: from weatherwax.trouble.is (weatherwax.trouble.is [46.235.227.50])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "weatherwax.trouble.is",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 (Authenticated sender: philip/mail)
 by smtp.freebsd.org (Postfix) with ESMTPSA id 892B04223;
 Thu, 10 Dec 2020 09:51:29 +0000 (UTC)
 (envelope-from philip@freebsd.org)
Received: from rincewind.trouble.is (rincewind.trouble.is
 [IPv6:2a01:4f9:2a:1715::1:1])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "rincewind.trouble.is",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by weatherwax.trouble.is (Postfix) with ESMTPS id 4Cs8M44l0Qz16lP;
 Thu, 10 Dec 2020 09:51:28 +0000 (UTC)
Received: by rincewind.trouble.is (Postfix, authenticated sender philip)
 id 4Cs8M04Tlmz5tB3; Thu, 10 Dec 2020 09:51:24 +0000 (UTC)
From: "Philip Paeps" <philip@freebsd.org>
To: "Yasuhiro KIMURA" <yasu@utahime.org>
Cc: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: Re: svn commit: r557415 - head/security/vuxml
Date: Thu, 10 Dec 2020 17:51:20 +0800
X-Clacks-Overhead: GNU Terry Pratchett
X-Mailer: MailMate (1.14r5748)
Message-ID: <21CAC509-31D2-4B9A-AFAB-93F9202598C3@freebsd.org>
In-Reply-To: <20201210.184124.1878529902245224941.yasu@utahime.org>
References: <202012100602.0BA62MXX057987@repo.freebsd.org>
 <20201210.184124.1878529902245224941.yasu@utahime.org>
MIME-Version: 1.0
Content-Type: text/plain; format=flowed
Content-Transfer-Encoding: quoted-printable
X-BeenThere: svn-ports-head@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: SVN commit messages for the ports tree for head
 <svn-ports-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-head>, 
 <mailto:svn-ports-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-head/>
List-Post: <mailto:svn-ports-head@freebsd.org>
List-Help: <mailto:svn-ports-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Dec 2020 09:51:29 -0000

On 2020-12-10 17:41:24 (+0800), Yasuhiro KIMURA wrote:
> From: Philip Paeps <philip@FreeBSD.org>
> Subject: svn commit: r557415 - head/security/vuxml
> Date: Thu, 10 Dec 2020 06:02:22 +0000 (UTC)
>
>> Author: philip
>> Date: Thu Dec 10 06:02:22 2020
>> New Revision: 557415
>> URL: https://svnweb.freebsd.org/changeset/ports/557415
>>
>> Log:
>>   security/vuxml: add FreeBSD SA to OpenSSL entry
>>
>>   Reference FreeBSD-SA-20:33.openssl and note the fixed patch =

>> releases in
>>   the recent OpenSSL entry.
>>
>> Modified:
>>   head/security/vuxml/vuln.xml
>>
>> Modified: head/security/vuxml/vuln.xml
>> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D
>> --- head/security/vuxml/vuln.xml	Thu Dec 10 05:52:39 2020	(r557414)
>> +++ head/security/vuxml/vuln.xml	Thu Dec 10 06:02:22 2020	(r557415)
>> @@ -95,6 +95,11 @@ Notes:
>>  	<name>openssl</name>
>>  	<range><ge>1.0.2,1</ge><lt>1.1.1i,1</lt></range>
>>        </package>
>> +      <package>
>> +	<name>FreeBSD</name>
>> +	<range><ge>12.2</ge><lt>12.2_2</lt></range>
>> +	<range><ge>12.1</ge><lt>12.1_12</lt></range>
>> +      </package>
>>      </affects>
>
> Accoding to the security advisory of FreeBSD-SA-20:33.openssl, this
> vulnerability affects all supported FreeBSD versions. So should
> 11.4-RELEASE also be added to range?

Good point.  I can do that.

Thanks.

Philip

-- =

Philip Paeps
Senior Reality Engineer
Alternative Enterprises