From owner-svn-ports-all@FreeBSD.ORG Wed Apr 30 18:20:34 2014 Return-Path: Delivered-To: svn-ports-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 58570FAE for ; Wed, 30 Apr 2014 18:20:34 +0000 (UTC) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3EBCE130B for ; Wed, 30 Apr 2014 18:20:34 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.8/8.14.8) with ESMTP id s3UIKYoS001345 for ; Wed, 30 Apr 2014 18:20:34 GMT (envelope-from bdrewery@freefall.freebsd.org) Received: (from bdrewery@localhost) by freefall.freebsd.org (8.14.8/8.14.8/Submit) id s3UIKXPq001344 for svn-ports-all@freebsd.org; Wed, 30 Apr 2014 18:20:33 GMT (envelope-from bdrewery) Received: (qmail 43583 invoked from network); 30 Apr 2014 13:20:28 -0500 Received: from unknown (HELO roundcube.xk42.net) (10.10.5.5) by sweb.xzibition.com with SMTP; 30 Apr 2014 13:20:28 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Date: Wed, 30 Apr 2014 13:20:28 -0500 From: Bryan Drewery To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: Re: svn commit: r352694 - head/security/vuxml Organization: FreeBSD In-Reply-To: <201404301751.s3UHpUWc057181@svn.freebsd.org> References: <201404301751.s3UHpUWc057181@svn.freebsd.org> Message-ID: <60e45e3e33d7dc103d7395e745146d5a@shatow.net> X-Sender: bdrewery@FreeBSD.org User-Agent: Roundcube Webmail/0.9.5 X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Apr 2014 18:20:34 -0000 All take note to please use *1* per for now. Not wanting to get into a big discussion on this, but this is working around a bug either in our usage, the "schema", or pkg-audit. So for now just split things up. Thanks. On 2014-04-30 12:51, Olli Hauer wrote: > Author: ohauer > Date: Wed Apr 30 17:51:29 2014 > New Revision: 352694 > URL: http://svnweb.freebsd.org/changeset/ports/352694 > QAT: https://qat.redports.org/buildarchive/r352694/ > > Log: > - fix some entries so they are really detected > by old and new pkg audit tools > > Approved by: portmgr (bdrewery) > > Modified: > head/security/vuxml/vuln.xml > > Modified: head/security/vuxml/vuln.xml > ============================================================================== > --- head/security/vuxml/vuln.xml Wed Apr 30 17:43:50 2014 (r352693) > +++ head/security/vuxml/vuln.xml Wed Apr 30 17:51:29 2014 (r352694) > @@ -40,6 +40,10 @@ QUICK GUIDE TO ADDING A NEW ENTRY > 4. fix any errors > 5. profit! > > +Addtional tests can be done this way: > + $ env PKG_DBDIR=/usr/ports/security/vuxml pkg audit py26-django-1.6 > + $ env PKG_DBDIR=/usr/ports/security/vuxml pkg audit py27-django-1.6.1 > + > Extensive documentation of the format and help with writing and > verifying > a new entry is available in The Porter's Handbook at: > > @@ -228,35 +232,81 @@ Note: Please add new entries to the beg > > > py26-django > + 1.61.6.3 > + > + > py27-django > + 1.61.6.3 > + > + > py31-django > + 1.61.6.3 > + > + > py32-django > + 1.61.6.3 > + > + > py33-django > + 1.61.6.3 > + > + > py34-django > 1.61.6.3 > - 1.51.5.6 > - 1.41.4.11 > > > py26-django15 > + 1.51.5.6 > + > + > py27-django15 > + 1.51.5.6 > + > + > py31-django15 > + 1.51.5.6 > + > + > py32-django15 > + 1.51.5.6 > + > + > py33-django15 > + 1.51.5.6 > + > + > py34-django15 > 1.51.5.6 > > > py26-django14 > + 1.41.4.11 > + > + > py27-django14 > + 1.41.4.11 > + > + > py31-django14 > + 1.41.4.11 > + > + > py32-django14 > + 1.41.4.11 > + > + > py33-django14 > + 1.41.4.11 > + > + > py34-django14 > 1.41.4.11 > > > py26-django-devel > + 20140423,1 > + > + > py27-django-devel > 20140423,1 > > @@ -282,7 +332,7 @@ Note: Please add new entries to the beg > > 2014-04-21 > 2014-04-23 > - 2014-04-24 > + 2014-04-30 > > > > @@ -403,6 +453,9 @@ Note: Please add new entries to the beg > > > openldap24-client > + 2.4.18 > + > + > linux-f10-openldap > 2.4.18 > > @@ -434,6 +487,9 @@ Note: Please add new entries to the beg > > > curl > + 7.10.67.21.6 > + > + > linux-f10-curl > 7.10.67.21.6 > > @@ -456,6 +512,7 @@ Note: Please add new entries to the beg > > 2011-06-23 > 2014-04-11 > + 2014-04-30 > > > > @@ -464,6 +521,9 @@ Note: Please add new entries to the beg > > > dbus-glib > + 0.100.1 > + > + > linux-f10-dbus-glib > 0.100.1 > > @@ -488,6 +548,7 @@ Note: Please add new entries to the beg > > 2013-02-15 > 2014-04-11 > + 2014-04-30 > > > > @@ -496,6 +557,9 @@ Note: Please add new entries to the beg > > > nas > + 1.9.4 > + > + > linux-f10-nas-libs > 1.9.4 > > @@ -527,6 +591,9 @@ Note: Please add new entries to the beg > > > libaudiofile > + 0.2.7 > + > + > linux-f10-libaudiofile > 0.2.7 > > @@ -549,6 +616,7 @@ Note: Please add new entries to the beg > > 2008-12-30 > 2014-04-11 > + 2014-04-30 > > > > @@ -912,8 +980,10 @@ Note: Please add new entries to the beg > > > joomla2 > - joomla3 > 2.5.*2.5.18 > + > + > + joomla3 > 3.0.*3.2.2 > > > @@ -947,6 +1017,7 @@ Note: Please add new entries to the beg > > 2014-03-01 > 2014-03-23 > + 2014-04-30 > > > > @@ -1621,11 +1692,18 @@ Note: Please add new entries to the beg > > > gnutls > + 2.12.23_4 > + > + > linux-f10-gnutls > 2.12.23_4 > > > gnutls-devel > + 3.1.22 > + 3.2.03.2.12 > + > + > gnutls3 > 3.1.22 > 3.2.03.2.12 > @@ -1661,7 +1739,7 @@ Note: Please add new entries to the beg > > 2014-03-03 > 2014-03-04 > - 2014-03-04 > + 2014-04-30 > > > > @@ -1747,9 +1825,21 @@ Note: Please add new entries to the beg > > > subversion > + 1.3.01.7.16 > 1.8.01.8.8 > + > + > + subversion16 > 1.3.01.7.16 > > + > + subversion17 > + 1.3.01.7.16 > + > + > + subversion18 > + 1.8.01.8.8 > + > > > > @@ -1771,6 +1861,7 @@ Note: Please add new entries to the beg > > 2014-01-10 > 2014-02-26 > + 2014-04-30 > > > > @@ -2760,16 +2851,25 @@ JavaScript code would be executed.

> > > bind99 > + 9.9.4.2 > + > + > bind99-base > 9.9.4.2 > > > bind98 > + 9.8.6.2 > + > + > bind98-base > 9.8.6.2 > > > bind96 > + 9.6.3.2.ESV.R10.2 > + > + > bind96-base > 9.6.3.2.ESV.R10.2 > > @@ -2802,7 +2902,7 @@ JavaScript code would be executed.

> > 2014-01-08 > 2014-01-13 > - 2014-01-15 > + 2014-04-30 > > > > @@ -2957,6 +3057,9 @@ JavaScript code would be executed.

> > > gnupg > + 1.4.16 > + > + > gnupg1 > 1.4.16 > > @@ -2993,7 +3096,7 @@ JavaScript code would be executed.

> > 2013-12-18 > 2013-12-18 > - 2013-12-18 > + 2014-04-30 > > > > @@ -3297,17 +3400,41 @@ JavaScript code would be executed.

> > > rubygem-actionmailer > + 3.2.16 > + > + > rubygem-actionpack > + 3.2.16 > + > + > rubygem-activemodel > + 3.2.16 > + > + > rubygem-activerecord > + 3.2.16 > + > + > rubygem-activeresource > + 3.2.16 > + > + > rubygem-activesupport > + 3.2.16 > + > + > rubygem-rails > + 3.2.16 > + > + > rubygem-railties > 3.2.16 > > > rubygem-actionpack4 > + 4.0.2 > + > + > rubygem-activesupport4 > 4.0.2 > > @@ -3350,6 +3477,7 @@ JavaScript code would be executed.

> > 2013-12-03 > 2013-12-08 > + 2014-04-23 > > > > @@ -3453,8 +3581,10 @@ JavaScript code would be executed.

> > > joomla2 > - joomla3 > 2.5.*2.5.14 > + > + > + joomla3 > 3.0.*3.1.5 > > > @@ -3483,6 +3613,7 @@ JavaScript code would be executed.

> > 2013-11-01 > 2013-12-04 > + 2014-04-23 > > > > @@ -4178,9 +4309,21 @@ JavaScript code would be executed.

> > > py26-pycrypto > + 2.6.1 > + > + > py27-pycrypto > + 2.6.1 > + > + > py31-pycrypto > + 2.6.1 > + > + > py32-pycrypto > + 2.6.1 > + > + > py33-pycrypto > 2.6.1 > > @@ -4205,6 +4348,7 @@ JavaScript code would be executed.

> > 2013-10-17 > 2013-10-19 > + 2014-04-30 > > > > @@ -4213,10 +4357,25 @@ JavaScript code would be executed.

> > > zh-wordpress-zh_CN > + 3.6.1 > + > + > zh-wordpress-zh_TW > + 3.6.1 > + > + > de-wordpress > + 3.6.1 > + > + > ja-wordpress > + 3.6.1 > + > + > ru-wordpress > + 3.6.1 > + > + > wordpress > 3.6.1 > > @@ -4251,6 +4410,7 @@ JavaScript code would be executed.

> > 2013-09-11 > 2013-10-19 > + 2014-04-30 > > > > @@ -4288,11 +4448,18 @@ JavaScript code would be executed.

> > > bugzilla > + 4.0.04.0.11 > + > + > bugzilla40 > - bugzilla42 > - bugzilla44 > 4.0.04.0.11 > + > + > + bugzilla42 > 4.2.04.2.7 > + > + > + bugzilla44 > 4.44.4.1 > > > @@ -4341,6 +4508,7 @@ JavaScript code would be executed.

> > 2013-10-16 > 2013-10-17 > + 2014-04-30 > > > > @@ -4632,9 +4800,21 @@ affected..

> > > py26-graphite-web > + 0.9.50.9.11 > + > + > py27-graphite-web > + 0.9.50.9.11 > + > + > py31-graphite-web > + 0.9.50.9.11 > + > + > py32-graphite-web > + 0.9.50.9.11 > + > + > py33-graphite-web > 0.9.50.9.11 > > @@ -4656,7 +4836,7 @@ affected..

> > 2013-08-21 > 2013-09-30 > - 2013-09-30 > + 2014-04-30 > > > > @@ -4665,12 +4845,19 @@ affected..

> > > py26-django > + 1.51.5.4 > + 1.41.4.8 > + > + > py27-django > 1.51.5.4 > 1.41.4.8 > > > py26-django-devel > + 20130922,1 > + > + > py27-django-devel > 20130922,1 > > @@ -4692,7 +4879,7 @@ affected..

> > 2013-09-15 > 2013-09-22 > - 2013-09-30 > + 2014-04-30 > > > > @@ -4926,12 +5113,19 @@ affected..

> > > py26-django > + 1.51.5.3 > + 1.41.4.7 > + > + > py27-django > 1.51.5.3 > 1.41.4.7 > > > py26-django-devel > + 20130912,1 > + > + > py27-django-devel > 20130912,1 > > @@ -4954,7 +5148,7 @@ affected..

> > 2013-09-10 > 2013-09-12 > - 2013-09-30 > + 2014-04-30 > > > > @@ -5182,6 +5376,9 @@ affected..

> > > libgcrypt > + 1.5.3 > + > + > linux-f10-libgcrypt > 1.5.3 > > @@ -5751,9 +5948,21 @@ affected..

> > > zh-wordpress-zh_CN > + 3.5.2 > + > + > zh-wordpress-zh_TW > + 3.5.2 > + > + > de-wordpress > + 3.5.2 > + > + > ja-wordpress > + 3.5.2 > + > + > ru-wordpress > 3.5.2 > > @@ -5791,6 +6000,7 @@ affected..

> > 2013-06-21 > 2013-07-27 > + 2014-04-30 > > > > @@ -5799,11 +6009,17 @@ affected..

> > > bind99 > + 9.9.39.9.3.2 > + > + > bind99-base > 9.9.39.9.3.2 > > > bind98 > + 9.8.59.8.5.2 > + > + > bind98-base > 9.8.59.8.5.2 > > @@ -8576,8 +8792,17 @@ affected..

> > > opera > + 12.15 > + > + > opera-devel > + 12.15 > + > + > linux-opera > + 12.15 > + > + > linux-opera-devel > 12.15 > > @@ -8597,7 +8822,7 @@ affected..

> > > 2013-04-04 > - 2013-04-06 > + 2014-04-30 > > > > @@ -10929,9 +11154,21 @@ affected..

> > > zh-wordpress-zh_CN > + 3.5.1 > + > + > zh-wordpress-zh_TW > + 3.5.1 > + > + > de-wordpress > + 3.5.1 > + > + > ja-wordpress > + 3.5.1 > + > + > ru-wordpress > 3.5.1 > > @@ -10968,6 +11205,7 @@ affected..

> > 2013-01-24 > 2013-01-29 > + 2014-04-30 > > > > @@ -11977,8 +12215,17 @@ executed in your Internet Explorer while > > > opera > + 12.12 > + > + > opera-devel > + 12.12 > + > + > linux-opera > + 12.12 > + > + > linux-opera-devel > 12.12 > > @@ -12003,6 +12250,7 @@ executed in your Internet Explorer while > > 2012-12-18 > 2012-12-18 > + 2014-04-30 > > > > @@ -12450,8 +12698,17 @@ executed in your Internet Explorer while > > > opera > + 12.11 > + > + > opera-devel > + 12.11 > + > + > linux-opera > + 12.11 > + > + > linux-opera-devel > 12.11 > > @@ -12476,6 +12733,7 @@ executed in your Internet Explorer while > > 2012-11-19 > 2012-11-22 > + 2014-04-30 > > > > @@ -13041,8 +13299,17 @@ executed in your Internet Explorer while > > > opera > + 12.10 > + > + > opera-devel > + 12.10 > + > + > linux-opera > + 12.10 > + > + > linux-opera-devel > 12.10 > > @@ -13075,6 +13342,7 @@ executed in your Internet Explorer while > > 2012-11-06 > 2012-11-06 > + 2014-04-30 > > > > @@ -13604,6 +13872,9 @@ executed in your Internet Explorer while > > > xlockmore > + 5.40_1 > + > + > ja-xlockmore > 5.40_1 > > @@ -13626,6 +13897,7 @@ executed in your Internet Explorer while > > 2012-10-17 > 2012-10-17 > + 2014-04-30 > > > > @@ -14186,11 +14458,17 @@ executed in your Internet Explorer while > > > ImageMagick > + 6.7.8.6 > + > + > ImageMagick-nox11 > 6.7.8.6 > > > GraphicsMagick > + 1.3.01.3.16 > + > + > GraphicsMagick-nox11 > 1.3.01.3.16 > > @@ -14221,6 +14499,7 @@ executed in your Internet Explorer while > > 2012-07-28 > 2012-09-20 > + 2014-04-30 > > > > @@ -16425,12 +16704,19 @@ executed in your Internet Explorer while > > > py26-django > + 1.41.4.1 > + 1.31.3.2 > + > + > py27-django > 1.41.4.1 > 1.31.3.2 > > > py26-django-devel > + 20120731,1 > + > + > py27-django-devel > 20120731,1 > > @@ -16460,7 +16746,7 @@ executed in your Internet Explorer while > > 2012-07-30 > 2012-07-31 > - 2012-08-02 > + 2014-04-30 > > > > @@ -17454,6 +17740,9 @@ executed in your Internet Explorer while > > > ImageMagick > + 6.7.6.4 > + > + > ImageMagick-nox11 > 6.7.6.4 > > @@ -17479,6 +17768,7 @@ executed in your Internet Explorer while > > 2012-03-28 > 2012-06-14 > + 2014-04-30 > > > > @@ -18126,6 +18416,9 @@ executed in your Internet Explorer while > > > libxml2 > + 2.7.8_3 > + > + > linux-f10-libxml2 > 2.7.8_3 > > @@ -18155,6 +18448,7 @@ executed in your Internet Explorer while > > 2012-05-15 > 2012-05-18 > + 2014-04-30 > > -- Regards, Bryan Drewery