From owner-svn-ports-all@freebsd.org  Sat Feb 13 22:28:42 2016
Return-Path: <owner-svn-ports-all@freebsd.org>
Delivered-To: svn-ports-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id EA178AA7310;
 Sat, 13 Feb 2016 22:28:42 +0000 (UTC)
 (envelope-from junovitch@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id A94C71AE2;
 Sat, 13 Feb 2016 22:28:42 +0000 (UTC)
 (envelope-from junovitch@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u1DMSfDe085887;
 Sat, 13 Feb 2016 22:28:41 GMT (envelope-from junovitch@FreeBSD.org)
Received: (from junovitch@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id u1DMSfHE085885;
 Sat, 13 Feb 2016 22:28:41 GMT (envelope-from junovitch@FreeBSD.org)
Message-Id: <201602132228.u1DMSfHE085885@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: junovitch set sender to
 junovitch@FreeBSD.org using -f
From: Jason Unovitch <junovitch@FreeBSD.org>
Date: Sat, 13 Feb 2016 22:28:41 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r408831 - head/security/vuxml
X-SVN-Group: ports-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-all@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: SVN commit messages for the ports tree <svn-ports-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-all/>
List-Post: <mailto:svn-ports-all@freebsd.org>
List-Help: <mailto:svn-ports-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 13 Feb 2016 22:28:43 -0000

Author: junovitch
Date: Sat Feb 13 22:28:41 2016
New Revision: 408831
URL: https://svnweb.freebsd.org/changeset/ports/408831

Log:
  Reflect QEMU DoS vulnerabilities now fixed in qemu-sbruno/qemu-user-static
  
  PR:		205813
  Security:	CVE-2015-8345
  Security:	CVE-2015-8567
  Security:	CVE-2015-8568
  Security:	CVE-2015-8613
  Security:	CVE-2015-8619
  Security:	CVE-2015-8701
  Security:	https://vuxml.FreeBSD.org/freebsd/1384f2fd-b1be-11e5-9728-002590263bf5.html
  Security:	https://vuxml.FreeBSD.org/freebsd/62ab8707-b1bc-11e5-9728-002590263bf5.html
  Security:	https://vuxml.FreeBSD.org/freebsd/9ad8993e-b1ba-11e5-9728-002590263bf5.html
  Security:	https://vuxml.FreeBSD.org/freebsd/b3f9f8ef-b1bb-11e5-9728-002590263bf5.html
  Security:	https://vuxml.FreeBSD.org/freebsd/b56fe6bb-b1b1-11e5-9728-002590263bf5.html

Modified:
  head/security/vuxml/vuln.xml

Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml	Sat Feb 13 21:58:38 2016	(r408830)
+++ head/security/vuxml/vuln.xml	Sat Feb 13 22:28:41 2016	(r408831)
@@ -3027,7 +3027,7 @@ Notes:
       <package>
 	<name>qemu-sbruno</name>
 	<name>qemu-user-static</name>
-	<range><ge>0</ge></range>
+	<range><lt>2.5.50.g20160213</lt></range>
       </package>
     </affects>
     <description>
@@ -3051,10 +3051,13 @@ Notes:
       <freebsdpr>ports/205814</freebsdpr>
       <url>http://www.openwall.com/lists/oss-security/2015/12/28/6</url>
       <url>https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg04629.html</url>
+      <url>http://git.qemu.org/?p=qemu.git;a=commit;h=007cd223de527b5f41278f2d886c1a4beb3e67aa</url>
+      <url>https://github.com/seanbruno/qemu-bsd-user/commit/007cd223de527b5f41278f2d886c1a4beb3e67aa</url>
     </references>
     <dates>
       <discovery>2015-12-28</discovery>
       <entry>2016-01-03</entry>
+      <modified>2016-02-13</modified>
     </dates>
   </vuln>
 
@@ -3109,7 +3112,7 @@ Notes:
       <package>
 	<name>qemu-sbruno</name>
 	<name>qemu-user-static</name>
-	<range><ge>0</ge></range>
+	<range><lt>2.5.50.g20160213</lt></range>
       </package>
     </affects>
     <description>
@@ -3131,10 +3134,13 @@ Notes:
       <freebsdpr>ports/205814</freebsdpr>
       <url>http://www.openwall.com/lists/oss-security/2015/12/22/8</url>
       <url>https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg02930.html</url>
+      <url>http://git.qemu.org/?p=qemu.git;a=commit;h=64ffbe04eaafebf4045a3ace52a360c14959d196</url>
+      <url>https://github.com/seanbruno/qemu-bsd-user/commit/64ffbe04eaafebf4045a3ace52a360c14959d196</url>
     </references>
     <dates>
       <discovery>2015-12-23</discovery>
       <entry>2016-01-03</entry>
+      <modified>2016-02-13</modified>
     </dates>
   </vuln>
 
@@ -3149,7 +3155,7 @@ Notes:
       <package>
 	<name>qemu-sbruno</name>
 	<name>qemu-user-static</name>
-	<range><ge>0</ge></range>
+	<range><lt>2.5.50.g20160213</lt></range>
       </package>
     </affects>
     <description>
@@ -3170,10 +3176,13 @@ Notes:
       <freebsdpr>ports/205814</freebsdpr>
       <url>http://www.openwall.com/lists/oss-security/2015/12/21/7</url>
       <url>https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg03737.html</url>
+      <url>http://git.qemu.org/?p=qemu.git;a=commit;h=36fef36b91f7ec0435215860f1458b5342ce2811</url>
+      <url>https://github.com/seanbruno/qemu-bsd-user/commit/36fef36b91f7ec0435215860f1458b5342ce2811</url>
     </references>
     <dates>
       <discovery>2015-12-21</discovery>
       <entry>2016-01-03</entry>
+      <modified>2016-02-13</modified>
     </dates>
   </vuln>
 
@@ -3188,7 +3197,7 @@ Notes:
       <package>
 	<name>qemu-sbruno</name>
 	<name>qemu-user-static</name>
-	<range><ge>0</ge></range>
+	<range><lt>2.5.50.g20160213</lt></range>
       </package>
     </affects>
     <description>
@@ -3210,10 +3219,13 @@ Notes:
       <freebsdpr>ports/205814</freebsdpr>
       <url>http://www.openwall.com/lists/oss-security/2015/12/15/4</url>
       <url>https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg02299.html</url>
+      <url>http://git.qemu.org/?p=qemu.git;a=commit;h=aa4a3dce1c88ed51b616806b8214b7c8428b7470</url>
+      <url>https://github.com/seanbruno/qemu-bsd-user/commit/aa4a3dce1c88ed51b616806b8214b7c8428b7470</url>
     </references>
     <dates>
       <discovery>2015-12-15</discovery>
       <entry>2016-01-03</entry>
+      <modified>2016-02-13</modified>
     </dates>
   </vuln>
 
@@ -3411,7 +3423,7 @@ Notes:
       <package>
 	<name>qemu-sbruno</name>
 	<name>qemu-user-static</name>
-	<range><ge>0</ge></range>
+	<range><lt>2.5.50.g20160213</lt></range>
       </package>
     </affects>
     <description>
@@ -3435,10 +3447,13 @@ Notes:
       <freebsdpr>ports/205814</freebsdpr>
       <url>http://www.openwall.com/lists/oss-security/2015/11/25/3</url>
       <url>https://lists.gnu.org/archive/html/qemu-devel/2015-10/msg03911.html</url>
+      <url>http://git.qemu.org/?p=qemu.git;a=commit;h=00837731d254908a841d69298a4f9f077babaf24</url>
+      <url>https://github.com/seanbruno/qemu-bsd-user/commit/00837731d254908a841d69298a4f9f077babaf24</url>
     </references>
     <dates>
       <discovery>2015-10-16</discovery>
       <entry>2016-01-03</entry>
+      <modified>2016-02-13</modified>
     </dates>
   </vuln>