From owner-svn-ports-head@FreeBSD.ORG Wed Jun 4 20:19:46 2014 Return-Path: Delivered-To: svn-ports-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B33AA932 for ; Wed, 4 Jun 2014 20:19:46 +0000 (UTC) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 999932BCF for ; Wed, 4 Jun 2014 20:19:46 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.8/8.14.8) with ESMTP id s54KJk9Q084341 for ; Wed, 4 Jun 2014 20:19:46 GMT (envelope-from bdrewery@freefall.freebsd.org) Received: (from bdrewery@localhost) by freefall.freebsd.org (8.14.8/8.14.8/Submit) id s54KJkP7084335 for svn-ports-head@freebsd.org; Wed, 4 Jun 2014 20:19:46 GMT (envelope-from bdrewery) Received: (qmail 95658 invoked from network); 4 Jun 2014 15:19:44 -0500 Received: from unknown (HELO blah) (freebsd@shatow.net@67.182.131.225) by sweb.xzibition.com with ESMTPA; 4 Jun 2014 15:19:44 -0500 Message-ID: <538F7F5E.1060701@FreeBSD.org> Date: Wed, 04 Jun 2014 15:19:42 -0500 From: Bryan Drewery Organization: FreeBSD User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: Cy Schubert , ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: Re: svn commit: r356534 - head/security/vuxml References: <201406041850.s54IoqbC053901@svn.freebsd.org> In-Reply-To: <201406041850.s54IoqbC053901@svn.freebsd.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Jun 2014 20:19:46 -0000 On 6/4/14, 1:50 PM, Cy Schubert wrote: > Author: cy > Date: Wed Jun 4 18:50:52 2014 > New Revision: 356534 > URL: http://svnweb.freebsd.org/changeset/ports/356534 > QAT: https://qat.redports.org/buildarchive/r356534/ > > Log: > Document gnutls CVE-2014-3466 to prevent memory corruption due to server > hello parsing. > > Security: CVE-2014-3466 > > Modified: > head/security/vuxml/vuln.xml > > Modified: head/security/vuxml/vuln.xml > ============================================================================== > --- head/security/vuxml/vuln.xml Wed Jun 4 18:03:35 2014 (r356533) > +++ head/security/vuxml/vuln.xml Wed Jun 4 18:50:52 2014 (r356534) > @@ -57,6 +57,35 @@ Notes: > > --> > > + .. > + > > gnutls -- client-side memory corruption > > Thanks! Also please run 'make validate' before committing to this file. This change added an extra that broke the parsing. -- Regards, Bryan Drewery