Date: Mon, 5 Sep 2011 09:46:56 +0200 From: Remko Lodder <remko@elvandar.org> To: Doug Barton <dougb@FreeBSD.org> Cc: Chris Rees <crees@freebsd.org>, cvs-ports@freebsd.org, cvs-all@freebsd.org, secteam@freebsd.org, ports-committers@freebsd.org Subject: Re: cvs commit: ports/security/vuxml vuln.xml Message-ID: <0EC93B27-7C7F-4D0A-ADD6-ED22085FF1A6@elvandar.org> In-Reply-To: <4E641162.2000602@FreeBSD.org> References: <201109042015.p84KFqOR005039@repoman.freebsd.org> <CADLo83_poDk0J2Sfk3dE8WvU8e3J47fewVhTtzLp2DznqEYxeA@mail.gmail.com> <4E641162.2000602@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Dear Doug, While having a look is not a problem, it is bad advice that someone goes = for it because I am not responsive enough. I advised Chris to have a look at possible = solutions but consult us before commits are being made. Thanks Remko On Sep 5, 2011, at 2:01 AM, Doug Barton wrote: > On 09/04/2011 13:44, Chris Rees wrote: >> On 4 September 2011 21:15, Chris Rees <crees@freebsd.org> wrote: >>> crees 2011-09-04 20:15:52 UTC >>>=20 >>> FreeBSD ports repository >>>=20 >>> Modified files: >>> security/vuxml vuln.xml >>> Log: >>> - Document cfs buffer overflow vulnerability. >>> - While here, unbreak packaudit -- it doesn't like newlines in the >>> middle of tags. Perhaps a comment should say something? >>=20 >> Actually, that's a bad long-term solution. The real solution would be >> to fix portaudit's XML parser. >>=20 >> secteam, would you like me to have a go at it, or shall I let you >> investigate since you know the code? >=20 > Please just go for it. secteam@ hasn't been very responsive of late. >=20 > Will this fix the problem of new auditfile generation? The current one > is from the 1st and there have been several changes since then. >=20 > While you're at it, a feature request (although this is probably in a > different part of the code). It would be nice if the individual HTML > pages, such as > http://portaudit.freebsd.org/b7b03bab-c296-11d8-bfb2-000bdb1444a4.html > had a link back to the main page, http://portaudit.freebsd.org/. >=20 >=20 > Doug >=20 > --=20 >=20 > Nothin' ever doesn't change, but nothin' changes much. > -- OK Go >=20 > Breadth of IT experience, and depth of knowledge in the DNS. > Yours for the right price. :) http://SupersetSolutions.com/ >=20 > _______________________________________________________ > Please think twice when forwarding, cc:ing, or bcc:ing > security-team messages. Ask if you are unsure. >=20
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0EC93B27-7C7F-4D0A-ADD6-ED22085FF1A6>