Date: Sun, 10 Aug 2014 03:08:51 +0000 From: "Sergey A. Osokin" <osa@FreeBSD.org> To: =?koi8-r?B?UmVuw6k=?= Ladan <rene@freebsd.org> Cc: svn-ports-head@freebsd.org, svn-ports-all@freebsd.org, ports-committers@freebsd.org Subject: Re: svn commit: r364460 - head/www/nginx Message-ID: <20140810030851.GA69380@FreeBSD.org> In-Reply-To: <53E6B967.1030608@freebsd.org> References: <53e66a49.2ebf.35c2c6fd@svn.freebsd.org> <53E6B967.1030608@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Rene, On Sun, Aug 10, 2014 at 02:14:31AM +0200, René Ladan wrote: > On 09-08-2014 20:36, Sergey A. Osokin wrote: > > Author: osa > > Date: Sat Aug 9 18:36:56 2014 > > New Revision: 364460 > > URL: http://svnweb.freebsd.org/changeset/ports/364460 > > QAT: https://qat.redports.org/buildarchive/r364460/ > > > > Log: > > Update from 1.6.0 to 1.6.1. > > > > <ChangeLog> > > > > *) Security: pipelined commands were not discarded after STARTTLS > > command in SMTP proxy (CVE-2014-3556); the bug had appeared in 1.5.6. > > Thanks to Chris Boulton. > The vuxml file says < 1.6.4,2 is vulnerable, I assume that is a typo? Yes, the issue has been fixed. > Also, can you add CPE information to the Makefile (see > https://wiki.freebsd.org/Ports/CPE ) ? Will do. -- Sergey A. Osokin osa@FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140810030851.GA69380>