From owner-cvs-ports@FreeBSD.ORG  Wed Feb 29 14:41:38 2012
Return-Path: <owner-cvs-ports@FreeBSD.ORG>
Delivered-To: cvs-ports@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id BD87E106564A
	for <cvs-ports@freebsd.org>; Wed, 29 Feb 2012 14:41:38 +0000 (UTC)
	(envelope-from mcdouga9@egr.msu.edu)
Received: from mail.egr.msu.edu (gribble.egr.msu.edu [35.9.37.169])
	by mx1.freebsd.org (Postfix) with ESMTP id 932008FC15
	for <cvs-ports@freebsd.org>; Wed, 29 Feb 2012 14:41:38 +0000 (UTC)
Received: from gribble (localhost [127.0.0.1])
	by mail.egr.msu.edu (Postfix) with ESMTP id 1C7B1504FC
	for <cvs-ports@freebsd.org>; Wed, 29 Feb 2012 09:25:46 -0500 (EST)
X-Virus-Scanned: amavisd-new at egr.msu.edu
Received: from mail.egr.msu.edu ([127.0.0.1])
	by gribble (gribble.egr.msu.edu [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id aYzoslvasXOs for <cvs-ports@freebsd.org>;
	Wed, 29 Feb 2012 09:25:45 -0500 (EST)
Received: from EGR authenticated sender
Message-ID: <4F4E3569.3020402@egr.msu.edu>
Date: Wed, 29 Feb 2012 09:25:45 -0500
From: Adam McDougall <mcdouga9@egr.msu.edu>
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64;
	rv:10.0.2) Gecko/20120217 Thunderbird/10.0.2
MIME-Version: 1.0
To: cvs-ports@freebsd.org
References: <201202281919.q1SJJ1Pf056109@repoman.freebsd.org>
In-Reply-To: <201202281919.q1SJJ1Pf056109@repoman.freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: cvs commit: ports/security/vuxml vuln.xml
X-BeenThere: cvs-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the ports tree <cvs-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-ports>,
	<mailto:cvs-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-ports>
List-Post: <mailto:cvs-ports@freebsd.org>
List-Help: <mailto:cvs-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-ports>,
	<mailto:cvs-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Feb 2012 14:41:38 -0000

On 02/28/12 14:19, Chris Rees wrote:
> crees       2012-02-28 19:19:01 UTC
>
>    FreeBSD ports repository
>
>    Modified files:
>      security/vuxml       vuln.xml
>    Log:
>    Document latest PostgreSQL vulnerabilities
>
>    Security:       http://www.postgresql.org/about/news/1377/
>
>    Revision  Changes    Path
>    1.2620    +36 -1     ports/security/vuxml/vuln.xml
> _______________________________________________

I think the postgresql server ports require the client to be installed, 
but shouldn't vuxml list the server ports as vulnerable too?  I think 
the current state gives a misleading impression of where the 
vulnerabilities reside and detract attention from upgrading server 
processes.  Thanks.