Date: Fri, 19 Nov 2004 03:39:22 -0800 From: Kris Kennaway <kris@obsecurity.org> To: Feczak Szabolcs <feczo@siodigit.hu> Cc: freebsd-ports@freebsd.org Subject: Re: ruby-1.8.2.p2_1 has known vulnerabilities-- CGI DoS Message-ID: <20041119113922.GB87454@xor.obsecurity.org> In-Reply-To: <1100859287.8003.4.camel@localhost.localdomain> References: <1100859287.8003.4.camel@localhost.localdomain>
next in thread | previous in thread | raw e-mail | index | archive | help
--mxv5cy4qt+RJ9ypb Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Fri, Nov 19, 2004 at 11:14:46AM +0100, Feczak Szabolcs wrote: > Please mark the port forbidden according to > http://www.freebsd.org/ports/portaudit/d656296b-33ff-11d9-a9e7-0001020eed82.html > till the update comes That probably wouldn't be appropriate since the vulnerability affects only one aspect of the ruby port that is irrelevant for most users (consider that most people use ruby for portupgrade). portaudit already knows about this problem, which is the appropriate place for minor problems like this. Kris --mxv5cy4qt+RJ9ypb Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQFBndtqWry0BWjoQKURAvzaAKD1cI3agc/wNy3Obwt31jGW7VjbwwCgiZ3h Zi3ngKRqzvvS+G1wJljxRc0= =7EWM -----END PGP SIGNATURE----- --mxv5cy4qt+RJ9ypb--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041119113922.GB87454>