From owner-freebsd-ports@FreeBSD.ORG Mon Mar 6 08:43:42 2006 Return-Path: X-Original-To: freebsd-ports@freebsd.org Delivered-To: freebsd-ports@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7175D16A424 for ; Mon, 6 Mar 2006 08:43:42 +0000 (GMT) (envelope-from dmitry@atlantis.dp.ua) Received: from postman.atlantis.dp.ua (postman.atlantis.dp.ua [193.108.47.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id E50BE43D7D for ; Mon, 6 Mar 2006 08:43:36 +0000 (GMT) (envelope-from dmitry@atlantis.dp.ua) Received: from smtp.atlantis.dp.ua (smtp.atlantis.dp.ua [193.108.46.231]) by postman.atlantis.dp.ua (8.13.1/8.13.1) with ESMTP id k268hXc5066961 for ; Mon, 6 Mar 2006 10:43:33 +0200 (EET) (envelope-from dmitry@atlantis.dp.ua) Date: Mon, 6 Mar 2006 10:43:33 +0200 (EET) From: Dmitry Pryanishnikov To: freebsd-ports@freebsd.org Message-ID: <20060306103204.C51066@atlantis.atlantis.dp.ua> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Subject: ssh2-nox11 vs vid=594ad3c5-a39b-11da-926c-0800209adf0e X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2006 08:43:42 -0000 Hello! I've noticed the freshly-added entry in vuln.xml regarding SSH.COM SFTP server vulnerability (vid=594ad3c5-a39b-11da-926c-0800209adf0e) only by inspecting cvs-ports. Portaudit doesn't show my ssh2-nox11-3.2.9.1_3 packages as being vulnerable. Isn't this an overlook in vuln.xml entry? It seems to me that this vulnerability doesn't depend on X11-related code. Sincerely, Dmitry -- Atlantis ISP, System Administrator e-mail: dmitry@atlantis.dp.ua nic-hdl: LYNX-RIPE