From owner-freebsd-ports@FreeBSD.ORG Sun Jul 30 19:11:13 2006 Return-Path: X-Original-To: ports@freebsd.org Delivered-To: freebsd-ports@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6161116A4DD; Sun, 30 Jul 2006 19:11:13 +0000 (UTC) (envelope-from simon@zaphod.nitro.dk) Received: from mx.nitro.dk (zarniwoop.nitro.dk [83.92.207.38]) by mx1.FreeBSD.org (Postfix) with ESMTP id 411E343D73; Sun, 30 Jul 2006 19:11:03 +0000 (GMT) (envelope-from simon@zaphod.nitro.dk) Received: from zaphod.nitro.dk (unknown [192.168.3.39]) by mx.nitro.dk (Postfix) with ESMTP id 129262D6B66; Sun, 30 Jul 2006 19:11:02 +0000 (UTC) Received: by zaphod.nitro.dk (Postfix, from userid 3000) id B1DC91141D; Sun, 30 Jul 2006 21:11:01 +0200 (CEST) Date: Sun, 30 Jul 2006 21:11:01 +0200 From: "Simon L. Nielsen" To: Shaun Amott , Joel Hatton , ports@freebsd.org, freebsd-security@freebsd.org Message-ID: <20060730191100.GI1116@zaphod.nitro.dk> References: <200607280503.k6S53hmW007056@app.auscert.org.au> <20060729163453.GA89895@picobyte.net> <20060730154733.83EE6B828@shodan.nognu.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20060730154733.83EE6B828@shodan.nognu.de> User-Agent: Mutt/1.5.11 Cc: Subject: Re: Ruby vulnerability? X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 Jul 2006 19:11:13 -0000 On 2006.07.30 17:47:33 +0200, Frank Steinborn wrote: > Shaun Amott wrote: > > On Fri, Jul 28, 2006 at 03:03:43PM +1000, Joel Hatton wrote: > > > > > > FYI, Red Hat released an advisory today about a vulnerability in Ruby. So > > > far it doesn't appear in the VuXML, but am I correct in presuming it will > > > soon? > > > > > > > I've added it; thanks for the report. > > Hmm, i saw the flaw with "portaudit -Fda" yesterday, however - today > my ruby isn't shown as vulnerable anymore. Why? The database was broken for a bit due to an invalid entry, try again now. -- Simon L. Nielsen