From owner-freebsd-ports@freebsd.org  Fri May  5 17:19:05 2017
Return-Path: <owner-freebsd-ports@freebsd.org>
Delivered-To: freebsd-ports@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9A4ACD5FA8F
 for <freebsd-ports@mailman.ysv.freebsd.org>;
 Fri,  5 May 2017 17:19:05 +0000 (UTC)
 (envelope-from fullermd@over-yonder.net)
Received: from mail.infocus-llc.com (mail.infocus-llc.com [199.15.120.13])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 7B024A96
 for <freebsd-ports@freebsd.org>; Fri,  5 May 2017 17:19:05 +0000 (UTC)
 (envelope-from fullermd@over-yonder.net)
Received: from draco.over-yonder.net (c-75-65-60-66.hsd1.ms.comcast.net
 [75.65.60.66])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mail.tarragon.infocus-llc.com (Postfix) with ESMTPSA id 3wKJPY4vsBz1Vs;
 Fri,  5 May 2017 12:13:05 -0500 (CDT)
Received: by draco.over-yonder.net (Postfix, from userid 100)
 id 3wKJPY0Vm0z4J7; Fri,  5 May 2017 12:13:05 -0500 (CDT)
Date: Fri, 5 May 2017 12:13:05 -0500
From: "Matthew D. Fuller" <fullermd@over-yonder.net>
To: Adam Weinberger <adamw@adamw.org>
Cc: Jos Chrispijn <bsdports@cloudzeeland.nl>, freebsd-ports@freebsd.org
Subject: Re: ICU Portupdate faulty
Message-ID: <20170505171304.GV17905@over-yonder.net>
References: <1c87d7b6-54f7-77f0-7476-338bd24aee54@cloudzeeland.nl>
 <CAByVWPVRp4PnW0Fm26aL_TW4R9BUtOQvn9XEEaQtJFqHMz3xaA@mail.gmail.com>
 <8d3c7d80-d51e-3743-eb41-d6633c498153@cloudzeeland.nl>
 <CAByVWPUeeCDcNo8d8OW3EJo2S5VzENukkvAYrYzObjnix6vggA@mail.gmail.com>
 <06F34A01-9844-48E2-8ED4-FA148BC426C8@adamw.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <06F34A01-9844-48E2-8ED4-FA148BC426C8@adamw.org>
X-Editor: vi
X-OS: FreeBSD <http://www.freebsd.org/>
User-Agent: Mutt/1.8.2 (2017-04-18)
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports/>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 05 May 2017 17:19:05 -0000

On Fri, May 05, 2017 at 10:05:05AM -0600 I heard the voice of
Adam Weinberger, and lo! it spake thus:
> 
> Yes, this is the correct answer. After icu got patched, the VuXML
> entry was lowered to mark 58.2_2,1 as non-vulnerable. Jos, it sounds
> like your ports tree is after the icu update but before the VuXML
> modification. Update your ports tree to bring in the new VuXML file
> and you should be good.

No, it's not looking at the vuxml file right in ports.  It'll be using
the audit file downloaded nightly as part of
/usr/local/etc/periodic/security/410.pkg-audit, so it'll always be ~a
day out of date.  Run `pkg audit -F` manually to kick a refetch of the
latest.


-- 
Matthew Fuller     (MF4839)   |  fullermd@over-yonder.net
Systems/Network Administrator |  http://www.over-yonder.net/~fullermd/
           On the Internet, nobody can hear you scream.