From owner-freebsd-vuxml@FreeBSD.ORG  Thu Sep 30 10:35:41 2004
Return-Path: <owner-freebsd-vuxml@FreeBSD.ORG>
Delivered-To: freebsd-vuxml@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 68AE316A4CE; Thu, 30 Sep 2004 10:35:41 +0000 (GMT)
Received: from bast.unixathome.org (bast.unixathome.org [66.11.174.150])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 39CC343D45; Thu, 30 Sep 2004 10:35:41 +0000 (GMT)
	(envelope-from dan@langille.org)
Received: from wocker (wocker.unixathome.org [192.168.0.99])
	by bast.unixathome.org (Postfix) with ESMTP id 618873D37;
	Thu, 30 Sep 2004 06:35:40 -0400 (EDT)
From: "Dan Langille" <dan@langille.org>
To: Tom Rhodes <trhodes@FreeBSD.org>
Date: Thu, 30 Sep 2004 06:35:40 -0400
MIME-Version: 1.0
Message-ID: <415BA93C.28930.190F364F@localhost>
Priority: normal
In-reply-to: <20040929170602.43a2738a@localhost>
References: <415A5622.28007.13E297A6@localhost>
X-mailer: Pegasus Mail for Windows (v4.12a)
Content-type: text/plain; charset=US-ASCII
Content-transfer-encoding: 7BIT
Content-description: Mail message body
cc: freebsd-vuxml@FreeBSD.org
cc: Tom Rhodes <trhodes@FreeBSD.org>
Subject: Re: (Fwd) cvs commit: ports/security/vuxml vuln.xml
X-BeenThere: freebsd-vuxml@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Documenting security issues in VuXML <freebsd-vuxml.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-vuxml>,
	<mailto:freebsd-vuxml-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-vuxml>
List-Post: <mailto:freebsd-vuxml@freebsd.org>
List-Help: <mailto:freebsd-vuxml-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-vuxml>,
	<mailto:freebsd-vuxml-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Sep 2004 10:35:41 -0000

On 29 Sep 2004 at 17:06, Tom Rhodes wrote:

> On Wed, 29 Sep 2004 06:28:50 -0400
> "Dan Langille" <dan@langille.org> wrote:
> 
> > On 28 Sep 2004 at 18:27, Tom Rhodes wrote:
> > 
> > > On Tue, 28 Sep 2004 18:23:42 -0400
> > > "Dan Langille" <dan@langille.org> wrote:
> > > 
> > > > FWIW, between the other fixes and this one, the number of affected 
> > > > packages went from up by 40 to 395, and the number of vulns went up 
> > > > by 3 to 174.
> > > > 
> > > > http://beta.freshports.org/vuxml.php?list and the rest of FreshPorts 
> > > > has been updated with the recent changes.
> > > > 
> > > > The next step is to automate what I've been doing manually so that 
> > > > FreshPorts VuXML data is updated automagically with each vuxml.xml 
> > > > commit.
> > > 
> > > Is it just a script that updates when run or?
> > 
> > Yes.  It is a two stage process:
> > 
> >   # import the vulnerabilities
> >   perl process_vuxml.pl < ~/ports/security/vuxml/vuln.xml
> > 
> >   # mark the commits
> >   perl vuxml_mark_commits.pl
> 
> Oh, then just drop it into cron(8).  :)

Close!

I need to conver both into packages, and call them from a single 
script with transaction control.  Then invoke that script when a 
commit against vuxml.xml is found.

-- 
Dan Langille : http://www.langille.org/
BSDCan - The Technical BSD Conference - http://www.bsdcan.org/