Date: Fri, 5 Aug 2022 13:47:55 +0100 From: Nuno Teixeira <eduardo@freebsd.org> To: FreeBSD Mailing List <freebsd-ports@freebsd.org> Subject: Need opinion on update vuxml Message-ID: <CAFDf7ULUz1MoQb470Qfz2R=bcPres9zvkA4_6tfb-vCTcdKXig@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
--000000000000a96e6f05e57de068 Content-Type: text/plain; charset="UTF-8" Hello, As a committer do I need secteam approval to update vuxml database? For what I've read in 12.3.1. The VuXML Database <https://docs.freebsd.org/en/books/porters-handbook/book/#security-notify-vuxml-db>; : --- Committers can update the VuXML database themselves, assisting the Security Officer Team and delivering crucial information to the community more quickly. Those who are not committers or have discovered an exceptionally severe vulnerability should not hesitate to contact the Security Officer Team directly, as described on the FreeBSD Security Information <https://www.freebsd.org/security/#how>; page. --- If yes, then I should make some tests do guarantee that new entry is ok: --- 3. use 'make validate' to verify syntax correctness Additional tests can be done this way: $ make vuln-flat.xml $ pkg audit -f ./vuln-flat.xml py26-django-1.6 (e.g.) --- PR265526 have an vuxml new entry and I'm waiting for ports-secteam to approve. Thanks in advance, -- Nuno Teixeira FreeBSD Committer (ports) --000000000000a96e6f05e57de068 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr"><div>Hello,</div><div><br></div><div>As a committer do I n= eed secteam approval to update vuxml database?</div><div><br></div><div>For= what I've read in <a href=3D"https://docs.freebsd.org/en/books/porters= -handbook/book/#security-notify-vuxml-db">12.3.1. The VuXML Database</a>:<b= r></div><div>---</div><div>Committers can update the VuXML database themsel= ves, assisting the=20 Security Officer Team and delivering crucial information to the=20 community more quickly. Those who are not committers or have discovered an exceptionally severe=20 vulnerability should not hesitate to contact the Security Officer Team=20 directly, as described on the <a href=3D"https://www.freebsd.org/security/#= how">FreeBSD Security Information</a> page.</div><div>---</div><div><br></d= iv><div>If yes, then I should make some tests do guarantee that new entry i= s ok:</div><div>---<br></div><div>3. use 'make validate' to verify = syntax correctness</div><div><br></div>Additional tests can be done this wa= y:<br>=C2=A0$ make vuln-flat.xml<br>=C2=A0$ pkg audit -f ./vuln-flat.xml py= 26-django-1.6 (e.g.)<br><div>---</div><div><br></div><div>PR265526 have an = vuxml new entry and I'm waiting for ports-secteam to approve.</div><div= ><br></div><div>Thanks in advance,<br></div><div>-- <br><div dir=3D"ltr" cl= ass=3D"gmail_signature" data-smartmail=3D"gmail_signature"><div dir=3D"ltr"= ><span style=3D"color:rgb(102,102,102)">Nuno Teixeira<br>FreeBSD Committer = (ports)</span></div></div></div></div> --000000000000a96e6f05e57de068--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAFDf7ULUz1MoQb470Qfz2R=bcPres9zvkA4_6tfb-vCTcdKXig>