From owner-svn-ports-all@FreeBSD.ORG  Sun Feb  2 17:39:13 2014
Return-Path: <owner-svn-ports-all@FreeBSD.ORG>
Delivered-To: svn-ports-all@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 00F15823;
 Sun,  2 Feb 2014 17:39:13 +0000 (UTC)
Received: from exodus.zi0r.com (exodus.zi0r.com [71.245.171.203])
 (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id C4DA11EA5;
 Sun,  2 Feb 2014 17:39:12 +0000 (UTC)
Received: from exodus.zi0r.com (localhost [127.0.0.1])
 by exodus.zi0r.com (Postfix) with ESMTP id 83C113A09D;
 Sun,  2 Feb 2014 12:39:11 -0500 (EST)
X-Virus-Scanned: amavisd-new at zi0r.com
Received: from exodus.zi0r.com ([127.0.0.1])
 by exodus.zi0r.com (exodus.zi0r.com [127.0.0.1]) (amavisd-new, port 10026)
 with LMTP id CZno2C5spp2O; Sun,  2 Feb 2014 12:39:10 -0500 (EST)
Received: from exodus.zi0r.com (syn.zi0r.com [71.245.171.202])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by exodus.zi0r.com (Postfix) with ESMTPSA id 92B8B3A09C;
 Sun,  2 Feb 2014 12:39:10 -0500 (EST)
Date: Sun, 2 Feb 2014 12:39:07 -0500
From: Ryan Steinmetz <zi@FreeBSD.org>
To: Bryan Drewery <bdrewery@FreeBSD.org>
Subject: Re: svn commit: r342244 - head/security/vuxml
Message-ID: <20140202173907.GA89566@exodus.zi0r.com>
References: <201402020351.s123pdKD030705@svn.freebsd.org>
 <52EE8022.1030506@FreeBSD.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Disposition: inline
In-Reply-To: <52EE8022.1030506@FreeBSD.org>
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: svn-ports-head@freebsd.org, svn-ports-all@freebsd.org,
 ports-committers@freebsd.org
X-BeenThere: svn-ports-all@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: SVN commit messages for the ports tree <svn-ports-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-all/>
List-Post: <mailto:svn-ports-all@freebsd.org>
List-Help: <mailto:svn-ports-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 02 Feb 2014 17:39:13 -0000


On (02/02/14 11:28), Bryan Drewery wrote:
>On 2/1/2014 9:51 PM, Ryan Steinmetz wrote:
>> Author: zi
>> Date: Sun Feb  2 03:51:39 2014
>> New Revision: 342244
>> URL: http://svnweb.freebsd.org/changeset/ports/342244
>> QAT: https://qat.redports.org/buildarchive/r342244/
>>
>> Log:
>>   - Add libyaml to the libyaml vulnerability entry
>
>I think this should be a separate entry. The description is specific to
>how pkg uses libyaml.
>

CVEs, library name and underlying problem are the same.  There is certainly
additional information in the entry about pkg(1), however, it's all the
same vulnerability.

-r

>Regards,
>Bryan Drewery
>



-- 
Ryan Steinmetz
PGP: EF36 D45A 5CA9 28B1 A550  18CD A43C D111 7AD7 FAF2