Date: Sun, 02 Feb 2014 11:28:02 -0600 From: Bryan Drewery <bdrewery@FreeBSD.org> To: Ryan Steinmetz <zi@FreeBSD.org>, ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: Re: svn commit: r342244 - head/security/vuxml Message-ID: <52EE8022.1030506@FreeBSD.org> In-Reply-To: <201402020351.s123pdKD030705@svn.freebsd.org> References: <201402020351.s123pdKD030705@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --NrcElrAX3bESBE4bl0NT4GAaj1nHFUHSn Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 2/1/2014 9:51 PM, Ryan Steinmetz wrote: > Author: zi > Date: Sun Feb 2 03:51:39 2014 > New Revision: 342244 > URL: http://svnweb.freebsd.org/changeset/ports/342244 > QAT: https://qat.redports.org/buildarchive/r342244/ >=20 > Log: > - Add libyaml to the libyaml vulnerability entry I think this should be a separate entry. The description is specific to how pkg uses libyaml. >=20 > Modified: > head/security/vuxml/vuln.xml >=20 > Modified: head/security/vuxml/vuln.xml > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D > --- head/security/vuxml/vuln.xml Sun Feb 2 03:46:48 2014 (r342243) > +++ head/security/vuxml/vuln.xml Sun Feb 2 03:51:39 2014 (r342244) > @@ -52,9 +52,13 @@ Note: Please add new entries to the beg > --> > <vuxml xmlns=3D"http://www.vuxml.org/apps/vuxml-1"> > <vuln vid=3D"111f1f84-1d14-4ff2-a9ea-cf07119c0d3b"> > - <topic>pkg -- libyaml heap overflow resulting in possible code exe= cution</topic> > + <topic>libyaml heap overflow resulting in possible code execution<= /topic> > <affects> > <package> > + <name>libyaml</name> > + <range><lt>0.1.4_3</lt></range> > + </package> > + <package> > <name>pkg</name> > <range><lt>1.2.6</lt></range> > </package> >=20 --=20 Regards, Bryan Drewery --NrcElrAX3bESBE4bl0NT4GAaj1nHFUHSn Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJS7oAjAAoJEDXXcbtuRpfPI0UH/0Xca5IxyiPLIvPehn9K7uR2 7B4v/jO7jpf71hmrZYmwa17eoj34PA1e2Msj6PjneG9iq/eNNtUDjoTEvgQrV5Nd VueLpUjMVgzon9WH80hWcvtGr6BtdylfGcve8wZpJ1QdkR+N3tf3wmfAYNFs/KnR fAoIMfSc8A8kCYXDVtQMPbEB+HQ7sY3fQqgYMkVDm9v7UjselbsZm6vQRthOWoH7 T/a7JSJGH3r/Zzqn8D9fZLmM6KPyiA7PqDTefWgqn04LWls+3zgfVebp1sL67luf aQ7x9b3rDs0UpzrCiraT8V+/P/+rO80MzygnHcbI9AvSZQ8nM7nvvUL/wJZa7FA= =jl51 -----END PGP SIGNATURE----- --NrcElrAX3bESBE4bl0NT4GAaj1nHFUHSn--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?52EE8022.1030506>