From owner-freebsd-ports@FreeBSD.ORG  Sun Apr 24 17:48:59 2005
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: freebsd-ports@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id AD7D716A4CE
	for <ports@FreeBSD.org>; Sun, 24 Apr 2005 17:48:59 +0000 (GMT)
Received: from mail.logicx.net (coda.LogicX.net [69.9.186.70])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 2E20C43D1F
	for <ports@FreeBSD.org>; Sun, 24 Apr 2005 17:48:59 +0000 (GMT)
	(envelope-from FreeBSD@LogicX.us)
Received: (qmail 22046 invoked by uid 89); 24 Apr 2005 17:49:32 -0000
Received: from unknown (HELO ?192.168.1.18?) (LogicX@LogicX.us@69.162.20.202)
	by mail.logicx.net with (DHE-RSA-AES256-SHA encrypted) SMTP;
	24 Apr 2005 17:49:32 -0000
Message-ID: <426BDC16.4050101@LogicX.us>
Date: Sun, 24 Apr 2005 13:49:10 -0400
From: Mike Schroll <FreeBSD@LogicX.us>
Organization: LogicX Network Services
User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: r.vdooren@snow.nl
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
cc: ports@FreeBSD.org
Subject: FreeBSD Port: rsnapshot-1.1.6 - outdated & insecure
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: FreeBSD@LogicX.us
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 24 Apr 2005 17:48:59 -0000

The latest version of this port is 1.2.1, which fixes the following 
security vulnerability:
 http://www.rsnapshot.org/security/2005/001.html

This is present in the current 1.1.6 port in the ports tree.

I've already notified the FreeBSD Security team concerning this, so 
hopefully it'll be added to vuXML shortly --
in the meantime, I suggest updating this port so users can upgrade to a 
secure version.

-Mike Schroll

-- 
Applied Networking System Administration Major
Rochester Institute of Technology
Rochester, NY

Information Sciences and Technology Major
Penn State University
University Park, PA

FreeBSD@LogicX.us
AIM: L0g1cX
http://MSchroll.com