From owner-dev-commits-ports-main@freebsd.org  Sat Sep 18 06:19:38 2021
Return-Path: <owner-dev-commits-ports-main@freebsd.org>
Delivered-To: dev-commits-ports-main@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7F85467250F
 for <dev-commits-ports-main@mailman.nyi.freebsd.org>;
 Sat, 18 Sep 2021 06:19:38 +0000 (UTC)
 (envelope-from decke@freebsd.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4HBLJV2nzSz3LRS
 for <dev-commits-ports-main@freebsd.org>; Sat, 18 Sep 2021 06:19:38 +0000 (UTC)
 (envelope-from decke@freebsd.org)
Received: from mail-il1-f178.google.com (mail-il1-f178.google.com
 [209.85.166.178])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK))
 (Authenticated sender: decke)
 by smtp.freebsd.org (Postfix) with ESMTPSA id 39FD924C53
 for <dev-commits-ports-main@freebsd.org>; Sat, 18 Sep 2021 06:19:38 +0000 (UTC)
 (envelope-from decke@freebsd.org)
Received: by mail-il1-f178.google.com with SMTP id b8so12600376ilh.12
 for <dev-commits-ports-main@freebsd.org>; Fri, 17 Sep 2021 23:19:38 -0700 (PDT)
X-Gm-Message-State: AOAM531wzy2dHIKrs28mCBw36SQwvNIaIXjxVTIOga8XRLMrvfQaYA7a
 xJ5RhGQxltHdmF0wjQxE+xAnlaqgXbu4u1AY218wrA==
X-Google-Smtp-Source: ABdhPJw1FnNPS1vBS4YShKuyOQp89rD3vG1KN4M3BUoyTeBcZTT+1ZEhTX0xpcL6kYa8bokAfw2OLOV36Adeurg1XZ8=
X-Received: by 2002:a92:cbc2:: with SMTP id s2mr10384153ilq.228.1631945977482; 
 Fri, 17 Sep 2021 23:19:37 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a92:503:0:0:0:0:0 with HTTP;
 Fri, 17 Sep 2021 23:19:37 -0700 (PDT)
In-Reply-To: <czp6-g9bo-wny@FreeBSD.org>
References: <202109172138.18HLc4NF056932__21043.0593624309$1631914770$gmane$org@gitrepo.freebsd.org>
 <czp6-g9bo-wny@FreeBSD.org>
From: =?UTF-8?Q?Bernhard_Fr=C3=B6hlich?= <decke@freebsd.org>
Date: Sat, 18 Sep 2021 08:19:37 +0200
X-Gmail-Original-Message-ID: <CAE-m3X37tK0H4xvD=B9DE0b+_LKgh_Z=wvQcsJ4nhwA4LBWTXg@mail.gmail.com>
Message-ID: <CAE-m3X37tK0H4xvD=B9DE0b+_LKgh_Z=wvQcsJ4nhwA4LBWTXg@mail.gmail.com>
Subject: Re: git: f07b3de4630f - main - security/vuxml: update seatd 0.6.{0,
 1} entry
To: Jan Beich <jbeich@freebsd.org>
Cc: "ports-committers@freebsd.org" <ports-committers@freebsd.org>, 
 "dev-commits-ports-all@freebsd.org" <dev-commits-ports-all@freebsd.org>, 
 "dev-commits-ports-main@freebsd.org" <dev-commits-ports-main@freebsd.org>
Content-Type: text/plain; charset="UTF-8"
X-Content-Filtered-By: Mailman/MimeDel 2.1.34
X-BeenThere: dev-commits-ports-main@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the main branch of the FreeBSD ports repository
 <dev-commits-ports-main.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-ports-main>, 
 <mailto:dev-commits-ports-main-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-ports-main/>
List-Post: <mailto:dev-commits-ports-main@freebsd.org>
List-Help: <mailto:dev-commits-ports-main-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-ports-main>, 
 <mailto:dev-commits-ports-main-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Sep 2021 06:19:38 -0000

On Friday, September 17, 2021, Jan Beich <jbeich@freebsd.org> wrote:

> Jan Beich <jbeich@FreeBSD.org> writes:
>
> > The branch main has been updated by jbeich:
> >
> > URL: https://cgit.FreeBSD.org/ports/commit/?id=
> f07b3de4630f5062f4de92232b6a5f5902ad21c8
> >
> > commit f07b3de4630f5062f4de92232b6a5f5902ad21c8
> > Author:     Jan Beich <jbeich@FreeBSD.org>
> > AuthorDate: 2021-09-17 21:34:14 +0000
> > Commit:     Jan Beich <jbeich@FreeBSD.org>
> > CommitDate: 2021-09-17 21:37:59 +0000
> >
> >     security/vuxml: update seatd 0.6.{0,1} entry
> >
> >     - Discovered 1 day before announcement
> >     - Assigned CVE-2021-41387
>
> Bernhard, can you check if sysutils/seatd now needs USES=cpe?
> I've tried looking at NVD link[1] but it doesn't seem to list
> "Known Affected Software Configurations".
>
> [1] https://nvd.nist.gov/vuln/detail/CVE-2021-41387
>

The source oft truth is the CPE Dictionary but I could not find a matching
entry yet.


https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=seatd

This is a nice example to check the timing when it is added to the CPE
Dictionary. The CVE entry is currently in received state.


-- 
Bernhard Froehlich
http://www.bluelife.at/