From owner-svn-ports-head@FreeBSD.ORG  Wed Dec 11 20:56:08 2013
Return-Path: <owner-svn-ports-head@FreeBSD.ORG>
Delivered-To: svn-ports-head@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 033B68E5;
 Wed, 11 Dec 2013 20:56:08 +0000 (UTC)
Received: from mail.jr-hosting.nl (mail.jr-hosting.nl [78.47.69.234])
 by mx1.freebsd.org (Postfix) with ESMTP id 92EC716DE;
 Wed, 11 Dec 2013 20:56:07 +0000 (UTC)
Received: from [IPv6:2001:470:d701::b04e:e9a7:c12a:6f1b] (unknown
 [IPv6:2001:470:d701:0:b04e:e9a7:c12a:6f1b])
 by mail.jr-hosting.nl (Postfix) with ESMTPSA id 6C11F38B17DB;
 Wed, 11 Dec 2013 21:56:05 +0100 (CET)
Content-Type: multipart/signed;
 boundary="Apple-Mail=_A87BF262-C8D9-42B6-88BE-7DF2450EFD89";
 protocol="application/pgp-signature"; micalg=pgp-sha1
Mime-Version: 1.0 (Mac OS X Mail 7.0 \(1822\))
Subject: Re: svn commit: r336101 - head/security/vuxml
From: Remko Lodder <remko@FreeBSD.org>
In-Reply-To: <201312101945.rBAJjCu6089287@svn.freebsd.org>
Date: Wed, 11 Dec 2013 21:56:04 +0100
Message-Id: <3E0D78CA-E59E-431F-BA83-DE5DCC1357D2@FreeBSD.org>
References: <201312101945.rBAJjCu6089287@svn.freebsd.org>
To: Sunpoet Po-Chuan Hsieh <sunpoet@FreeBSD.org>
X-Mailer: Apple Mail (2.1822)
Cc: svn-ports-head@freebsd.org, svn-ports-all@freebsd.org,
 ports-committers@freebsd.org
X-BeenThere: svn-ports-head@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: SVN commit messages for the ports tree for head
 <svn-ports-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-head/>
List-Post: <mailto:svn-ports-head@freebsd.org>
List-Help: <mailto:svn-ports-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Dec 2013 20:56:08 -0000


--Apple-Mail=_A87BF262-C8D9-42B6-88BE-7DF2450EFD89
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii


On 10 Dec 2013, at 20:45, Sunpoet Po-Chuan Hsieh <sunpoet@FreeBSD.org> =
wrote:

> Author: sunpoet
> Date: Tue Dec 10 19:45:12 2013
> New Revision: 336101
> URL: http://svnweb.freebsd.org/changeset/ports/336101
>=20
> Log:
>  - Group affected packages
>  - Sort CVE
>  - Fix indent
>=20
>  Notified by:	remko

Thanks a lot!

>=20
> Modified:
>  head/security/vuxml/vuln.xml
>=20
> Modified: head/security/vuxml/vuln.xml
> =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
> --- head/security/vuxml/vuln.xml	Tue Dec 10 19:42:51 2013	=
(r336100)
> +++ head/security/vuxml/vuln.xml	Tue Dec 10 19:45:12 2013	=
(r336101)
> @@ -102,44 +102,20 @@ Note:  Please add new entries to the beg
>     <affects>
>       <package>
> 	<name>rubygem-actionmailer</name>
> -	<range><lt>3.2.16</lt></range>
> -      </package>
> -      <package>
> 	<name>rubygem-actionpack</name>
> -	<range><lt>3.2.16</lt></range>
> -      </package>
> -      <package>
> -	<name>rubygem-actionpack4</name>
> -	<range><lt>4.0.2</lt></range>
> -      </package>
> -      <package>
> 	<name>rubygem-activemodel</name>
> -	<range><lt>3.2.16</lt></range>
> -      </package>
> -      <package>
> 	<name>rubygem-activerecord</name>
> -	<range><lt>3.2.16</lt></range>
> -      </package>
> -      <package>
> 	<name>rubygem-activeresource</name>
> -	<range><lt>3.2.16</lt></range>
> -      </package>
> -      <package>
> 	<name>rubygem-activesupport</name>
> +	<name>rubygem-rails</name>
> +	<name>rubygem-railties</name>
> 	<range><lt>3.2.16</lt></range>
>       </package>
>       <package>
> +	<name>rubygem-actionpack4</name>
> 	<name>rubygem-activesupport4</name>
> 	<range><lt>4.0.2</lt></range>
>       </package>
> -      <package>
> -	<name>rubygem-rails</name>
> -	<range><lt>3.2.16</lt></range>
> -      </package>
> -      <package>
> -	<name>rubygem-railties</name>
> -	<range><lt>3.2.16</lt></range>
> -      </package>
>     </affects>
>     <description>
>       <body xmlns=3D"http://www.w3.org/1999/xhtml">
> @@ -147,33 +123,33 @@ Note:  Please add new entries to the beg
> 	<blockquote =
cite=3D"http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_hav=
e_been_released/">
> 	  <p>Rails 3.2.16 and 4.0.2 have been released! These two
> 	    releases contain important security fixes, so please upgrade
> -		as soon as possible! In order to make upgrading as =
smooth as
> -		possible, we've only included commits directly related =
to
> -		each security issue.</p>
> +	    as soon as possible! In order to make upgrading as smooth as
> +	    possible, we've only included commits directly related to
> +	    each security issue.</p>
> 	  <p>The security fixes in 3.2.16 are:</p>
> 	  <ul>
> -	    <li>CVE-2013-6417</li>
> 	    <li>CVE-2013-4491</li>
> -	    <li>CVE-2013-6415</li>
> 	    <li>CVE-2013-6414</li>
> +	    <li>CVE-2013-6415</li>
> +	    <li>CVE-2013-6417</li>
> 	  </ul>
> 	  <p>The security fixes in 4.0.2 are:</p>
> 	  <ul>
> -	    <li>CVE-2013-6417</li>
> 	    <li>CVE-2013-4491</li>
> -	    <li>CVE-2013-6415</li>
> 	    <li>CVE-2013-6414</li>
> +	    <li>CVE-2013-6415</li>
> 	    <li>CVE-2013-6416</li>
> +	    <li>CVE-2013-6417</li>
> 	  </ul>
> 	</blockquote>
>       </body>
>     </description>
>     <references>
> -	  <cvename>CVE-2013-6417</cvename>
> -	  <cvename>CVE-2013-4491</cvename>
> -	  <cvename>CVE-2013-6415</cvename>
> -	  <cvename>CVE-2013-6414</cvename>
> -	  <cvename>CVE-2013-6416</cvename>
> +      <cvename>CVE-2013-4491</cvename>
> +      <cvename>CVE-2013-6414</cvename>
> +      <cvename>CVE-2013-6415</cvename>
> +      <cvename>CVE-2013-6416</cvename>
> +      <cvename>CVE-2013-6417</cvename>
>       =
<url>http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_b=
een_released/</url>
>     </references>
>     <dates>
> _______________________________________________
> svn-ports-all@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/svn-ports-all
> To unsubscribe, send any mail to =
"svn-ports-all-unsubscribe@freebsd.org"

--=20

/"\   Best regards,                      | remko@FreeBSD.org
\ /   Remko Lodder                       | remko@EFnet
 X    http://www.evilcoder.org/          |
/ \   ASCII Ribbon Campaign              | Against HTML Mail and News


--Apple-Mail=_A87BF262-C8D9-42B6-88BE-7DF2450EFD89
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
	filename=signature.asc
Content-Type: application/pgp-signature;
	name=signature.asc
Content-Description: Message signed with OpenPGP using GPGMail

-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJSqNFkAAoJEKjD27JZ84ywK3UQAI0Nit/tLMq5mIF8as5Apil8
ap2dYrfvPjbnevm+IekEW3KFFUiRaurv6l7NJ2TVZoL4wK9Dzn27XwtVuOamEAh8
+24Uah5Ns5yfNychGhdme0OcnH3gTrwGvHci9CcpyUmq8raTOKgZR+q+HwVDyJov
HThhPkTnfQs6YxxPFXpJ8yHvkFmbqj9XKQvyO18mCEoxFdxhQeQkBpvFz7kdF6+m
bDdNA2xN1/lYC9PROnhs3H0xGUq/mdWLrdjIUUkxJFrtuZ3sV1CJD0Zxi6pWXUTP
Zfic/HRC9G6NZcuTFhj1b/VFAyPVZXz0J7BeIEa78BfBpsFt0mPjZcV3/V3LqWBT
xi6WVwDfrad39l/Czzld6gTY3bZyiEOODzxkQCeBikWZq18ApNKCBudpw0kIHcH6
P8y95wSTwUc7inMBQ/YpwmasPtTA7a8/dtecI+wZiVGaJhMX/a7N+itZYi7aXcZK
U2H/0KqZgdP92wZImIwKP2ORQvsPwNNzaqWz0mM46gXmkq0dK5xt+aOPaUw3QoaW
U04T3OMfZ79QsQ4jdbUV7fwaz4/AHSqHZqQ3D1VtuXuQuMxRpQdAdo7eidt94d95
HVxMAxMhtvSDIQ/wCsTTvGGlJCbSjW0vt7raQ4T+PoeguuW9CYeswIrGTcJgpuio
7g+jDxeTgMhve2YdcCJR
=Zkki
-----END PGP SIGNATURE-----

--Apple-Mail=_A87BF262-C8D9-42B6-88BE-7DF2450EFD89--