From owner-freebsd-ports@FreeBSD.ORG Sun Mar 25 15:26:38 2012 Return-Path: Delivered-To: ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 50DF5106564A; Sun, 25 Mar 2012 15:26:38 +0000 (UTC) (envelope-from bogorodskiy@gmail.com) Received: from mail-bk0-f54.google.com (mail-bk0-f54.google.com [209.85.214.54]) by mx1.freebsd.org (Postfix) with ESMTP id A28DC8FC08; Sun, 25 Mar 2012 15:26:37 +0000 (UTC) Received: by bkcjc3 with SMTP id jc3so4741668bkc.13 for ; Sun, 25 Mar 2012 08:26:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; bh=cX03G2u3rImmWimEy7hs6Wl2uG107TCgJdDE1n2Uo4s=; b=NM6sLkGMUrOXbgJZgRUWPf/dePmxr/EhARJA23lVMhk9UVAUr6f6aZD+fDNsMw+GdB fLW4JLBwuflaREHiUpO7cEH4wcGPaUyWFcCP+NE4EzfgIpSWHB4czde3WdQnyLVYIozg kPPTTKpfOhwvFxgYYVpEW9nzzmVf+9B3xJf+1gi3vWk+xRJUk3eE5LxfcZMQLl7oxWw4 i6cYraLGXozaejS/+twchU1kKHQLQxFEMP581YblnjivJhvLn01eIVsB/Rq4ZwTtNwrw T6n+ybkykcJWSeDq7PcahgNXxgoDvRLfurORfF1997BsoqCBJnCnSjoU1rKOWqNNgvgv jIqw== Received: by 10.205.130.13 with SMTP id hk13mr7163526bkc.26.1332689196718; Sun, 25 Mar 2012 08:26:36 -0700 (PDT) Received: from kloomba ([95.104.129.104]) by mx.google.com with ESMTPS id z17sm18440217bkw.12.2012.03.25.08.26.34 (version=TLSv1/SSLv3 cipher=OTHER); Sun, 25 Mar 2012 08:26:35 -0700 (PDT) Date: Sun, 25 Mar 2012 19:26:34 +0400 From: Roman Bogorodskiy To: Jason Hellenthal Message-ID: <20120325152632.GC1293@kloomba> References: <20120324172937.GA43822@DataIX.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="9UV9rz0O2dU/yYYn" Content-Disposition: inline In-Reply-To: <20120324172937.GA43822@DataIX.net> User-Agent: Mutt/1.5.21 (2010-09-15) Cc: ports@freebsd.org, novel@freebsd.org Subject: Re: security/gnutls update when... X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Mar 2012 15:26:38 -0000 --9UV9rz0O2dU/yYYn Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Jason Hellenthal wrote: >=20 > Apparently this port has fell two versions behind. Is there anything > that is going to happen to update it to the current stable version ? >=20 >=20 > These advisories have been out for a week now. And the current version > is 2.12.18. >=20 >=20 > Database created: Sat Mar 24 13:15:03 EDT 2012 > Affected package: gnutls-2.12.16 > Type of problem: libtasn1 -- ASN.1 length decoding vulnerability. > Reference: > http://portaudit.FreeBSD.org/2e7e9072-73a0-11e1-a883-001cc0a36e12.html >=20 > Affected package: gnutls-2.12.16 > Type of problem: gnutls -- possible overflow/Denial of service > vulnerabilities. > Reference: > http://portaudit.FreeBSD.org/aecee357-739e-11e1-a883-001cc0a36e12.html >=20 > 2 problem(s) in your installed packages found. The port was updated to 2.12.18 with some hacks to prevent shlib version bump. Please report if you have any problems with that. Roman Bogorodskiy --9UV9rz0O2dU/yYYn Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (FreeBSD) iQEcBAEBAgAGBQJPbzkoAAoJEMltX/4IwiJqzrUIAMD0SDuqhdQeT36S3fjotpvb Mmri9xsL/3LcBtJMRSGbjXSIbLYQYqwuuilstgw8VpFv3GLx1JPMNswjnJjk4/QA 8Zjs78Q2j2Jj3XezfAwdPtDdGNLteGpmCJ1DqdQF13YdFPQ0/l7WaB8sWg7ATvfr pjkdAFmpsDiDECGXuhhtuZIXqRY3pkqp3ZH9QULT7B0HFt+lxW0i5bMeRF95OSyW lAXbgBan1cdKfn0w7S6KlVrYt2zMXhzeNLyqlyN+H5BYuBV6xDoep0dgDX6e6ZJE 77TaZk/9A1dyCnxJKzQE4XIqTiVgc9JKkMe9Xq0r7cynnL1kt2bApp++IvICeYQ= =nYKS -----END PGP SIGNATURE----- --9UV9rz0O2dU/yYYn--