From owner-freebsd-apache@FreeBSD.ORG Sat Sep 3 12:27:26 2011 Return-Path: Delivered-To: freebsd-apache@FreeBSD.org Received: from mx2.freebsd.org (mx2.freebsd.org [IPv6:2001:4f8:fff6::35]) by hub.freebsd.org (Postfix) with ESMTP id 59E64106564A for ; Sat, 3 Sep 2011 12:27:26 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from 172-17-198-245.globalsuite.net (hub.freebsd.org [IPv6:2001:4f8:fff6::36]) by mx2.freebsd.org (Postfix) with ESMTP id 368A8150C29 for ; Sat, 3 Sep 2011 12:27:24 +0000 (UTC) Message-ID: <4E621D2C.2090204@FreeBSD.org> Date: Sat, 03 Sep 2011 05:27:24 -0700 From: Doug Barton Organization: http://SupersetSolutions.com/ User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:6.0.1) Gecko/20110901 Thunderbird/6.0.1 MIME-Version: 1.0 To: freebsd-apache@FreeBSD.org References: <4E621BDD.9000207@FreeBSD.org> In-Reply-To: <4E621BDD.9000207@FreeBSD.org> X-Enigmail-Version: undefined OpenPGP: id=1A1ABC84 X-Forwarded-Message-Id: <4E621BDD.9000207@FreeBSD.org> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: Subject: FreeBSD port(s) you maintain which are currently vulnerable X-BeenThere: freebsd-apache@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Support of apache-related ports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Sep 2011 12:27:26 -0000 Howdy, According to the latest portaudit database the following ports are currently vulnerable. You maintain one or more of these ports. Please consider one of the following courses of action: 1. Removing the port 2. Fixing the port 3. Allowing it to be returned to the ports@FreeBSD.org maintainer pool so that another interested party can take over maintenance of it. If I haven't heard back from you in 1 week I plan to mark the port FORBIDDEN with an expiration date of 2011-09-30. To see how the port is vulnerable you can install ports-mgmt/portaudit, run (as root) 'portaudit -Fa', then cd into the directory of the affected port and run 'portaudit -C'. Regards, Doug /usr/ports/archivers/pecl-phar /usr/ports/databases/mysql323-server /usr/ports/databases/mysql40-server /usr/ports/devel/apr0 /usr/ports/devel/libsoup22 /usr/ports/dns/bind9-sdb-ldap /usr/ports/dns/bind9-sdb-postgresql /usr/ports/dns/nsd2 /usr/ports/editors/emacs21 /usr/ports/editors/openoffice.org-2 /usr/ports/ftp/wgetpro /usr/ports/games/quake2forge /usr/ports/graphics/linux-tiff /usr/ports/japanese/mutt /usr/ports/lang/php52 /usr/ports/lang/tcl82 /usr/ports/lang/tcl83 /usr/ports/mail/horde4-imp /usr/ports/mail/libspf2-10 /usr/ports/net-mgmt/nagios2 /usr/ports/net/asterisk14 /usr/ports/net/isc-dhcp31-client /usr/ports/russian/apache13 /usr/ports/russian/apache13-modssl /usr/ports/security/gnutls-devel /usr/ports/security/stunnel /usr/ports/sysutils/dtc /usr/ports/sysutils/syslog-ng /usr/ports/textproc/kn-aspell /usr/ports/textproc/ky-aspell /usr/ports/www/apache13-ssl /usr/ports/www/apache20 /usr/ports/www/gforge /usr/ports/www/linux-flashplugin7 /usr/ports/www/mediawiki115 /usr/ports/www/opera-devel /usr/ports/www/plone3 /usr/ports/www/pyblosxom /usr/ports/www/seamonkey2 /usr/ports/www/serendipity-devel /usr/ports/www/ziproxy /usr/ports/x11-toolkits/linux-pango /usr/ports/x11-toolkits/tk82 /usr/ports/x11-toolkits/tk83 -- Nothin' ever doesn't change, but nothin' changes much. -- OK Go Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/