From owner-cvs-all@FreeBSD.ORG  Wed Sep 15 15:19:36 2004
Return-Path: <owner-cvs-all@FreeBSD.ORG>
Delivered-To: cvs-all@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 5432816A4CE; Wed, 15 Sep 2004 15:19:36 +0000 (GMT)
Received: from gw.celabo.org (gw.celabo.org [208.42.49.153])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 19C5F43D45; Wed, 15 Sep 2004 15:19:36 +0000 (GMT)
	(envelope-from nectar@FreeBSD.org)
Received: from localhost (localhost [127.0.0.1])
	by gw.celabo.org (Postfix) with ESMTP
	id 8A65654889; Wed, 15 Sep 2004 10:19:35 -0500 (CDT)
Received: from gw.celabo.org ([127.0.0.1])
 by localhost (hellblazer.celabo.org [127.0.0.1]) (amavisd-new, port 10024)
 with SMTP id 61081-08; Wed, 15 Sep 2004 10:19:25 -0500 (CDT)
Received: from lum.celabo.org (dhcp-207.celabo.org [10.0.1.207])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(Client CN "lum.celabo.org", Issuer "celabo.org CA" (verified OK))
	by gw.celabo.org (Postfix) with ESMTP
	id 5BF825486E; Wed, 15 Sep 2004 10:19:24 -0500 (CDT)
Received: from [127.0.0.1] (localhost [127.0.0.1])
	by lum.celabo.org (Postfix) with ESMTP
	id 7C1D741E804; Wed, 15 Sep 2004 10:19:18 -0500 (CDT)
Message-ID: <41485D76.5070305@FreeBSD.org>
Date: Wed, 15 Sep 2004 10:19:18 -0500
From: Jacques Vidrine <nectar@FreeBSD.org>
User-Agent: Mozilla Thunderbird 0.8 (Macintosh/20040913)
X-Accept-Language: en-us, en
MIME-Version: 1.0
References: <200409151516.i8FFGaQE083186@repoman.freebsd.org>
In-Reply-To: <200409151516.i8FFGaQE083186@repoman.freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
cc: cvs-ports@FreeBSD.org
cc: cvs-all@FreeBSD.org
cc: ports-committers@FreeBSD.org
Subject: Re: cvs commit: ports/security/vuxml vuln.xml
X-BeenThere: cvs-all@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: CVS commit messages for the entire tree <cvs-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-all>
List-Post: <mailto:cvs-all@freebsd.org>
List-Help: <mailto:cvs-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Sep 2004 15:19:36 -0000

Jacques Vidrine wrote:
> nectar      2004-09-15 15:16:36 UTC
> 
>   FreeBSD ports repository
> 
>   Modified files:
>     security/vuxml       vuln.xml 
>   Log:
>   Note new libXpm vulnerabilities.
>   
>   Approved by:    portmgr
>   
>   Revision  Changes    Path
>   1.225     +47 -1     ports/security/vuxml/vuln.xml

http://vuxml.freebsd.org/ef253f8b-0727-11d9-b45d-000c41e2cdad.html

This may be overly cautious:  I have flagged all ports that contain a 
`libXpm', and have not yet manually inspected all of them.  Of course, 
the most important ones (XFree86, Xorg) are certainly affected.

Cheers,
-- 
Jacques A Vidrine / NTT/Verio
nectar@celabo.org / jvidrine@verio.net / nectar@FreeBSD.org