From owner-cvs-all@FreeBSD.ORG  Tue Mar 20 18:32:12 2007
Return-Path: <owner-cvs-all@FreeBSD.ORG>
X-Original-To: cvs-all@FreeBSD.org
Delivered-To: cvs-all@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 74E3216A400;
	Tue, 20 Mar 2007 18:32:12 +0000 (UTC)
	(envelope-from kris@obsecurity.org)
Received: from elvis.mu.org (elvis.mu.org [192.203.228.196])
	by mx1.freebsd.org (Postfix) with ESMTP id 58BA413C4F4;
	Tue, 20 Mar 2007 18:32:12 +0000 (UTC)
	(envelope-from kris@obsecurity.org)
Received: from obsecurity.dyndns.org (elvis.mu.org [192.203.228.196])
	by elvis.mu.org (Postfix) with ESMTP id C5F911A4D80;
	Tue, 20 Mar 2007 11:32:11 -0700 (PDT)
Received: by obsecurity.dyndns.org (Postfix, from userid 1000)
	id C267451824; Tue, 20 Mar 2007 14:32:10 -0400 (EDT)
Date: Tue, 20 Mar 2007 14:32:10 -0400
From: Kris Kennaway <kris@obsecurity.org>
To: David Thiel <lx@FreeBSD.org>
Message-ID: <20070320183210.GA15384@xor.obsecurity.org>
References: <200703201828.l2KISn1V037775@repoman.freebsd.org>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="6c2NcOVqGQ03X4Wi"
Content-Disposition: inline
In-Reply-To: <200703201828.l2KISn1V037775@repoman.freebsd.org>
User-Agent: Mutt/1.4.2.2i
Cc: cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org, ports-committers@FreeBSD.org
Subject: Re: cvs commit: ports/www/webcalendar Makefile distinfo
X-BeenThere: cvs-all@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the entire tree <cvs-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-all>
List-Post: <mailto:cvs-all@freebsd.org>
List-Help: <mailto:cvs-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Mar 2007 18:32:12 -0000


--6c2NcOVqGQ03X4Wi
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Mar 20, 2007 at 06:28:49PM +0000, David Thiel wrote:
> lx          2007-03-20 18:28:49 UTC
>=20
>   FreeBSD ports repository
>=20
>   Modified files:
>     www/webcalendar      Makefile distinfo=20
>   Log:
>   Update to 1.0.5, fixing a remote variable overwrite vulnerability.
>   See http://secunia.com/advisories/24403/ for more details.
>  =20
>   PR:             ports/110587
>   Submitted by:   Greg Larkin (maintainer)
>   Approved by:    edwin (mentor)

FYI the Security: tag should be used in such situations so that the
security team flag it for inclusion in the vulnerability database.

Kris

--6c2NcOVqGQ03X4Wi
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (FreeBSD)

iD8DBQFGACipWry0BWjoQKURAhQqAJwIeM41UUwNcvRcTWVD57mrP0wlxACeLCfK
lka+dYRiDWeiu+N+W6GN4Lk=
=7rqn
-----END PGP SIGNATURE-----

--6c2NcOVqGQ03X4Wi--