Date: Wed, 22 Aug 2012 08:28:24 +0400 From: Eygene Ryabinkin <rea@freebsd.org> To: Eitan Adler <eadler@freebsd.org> Cc: svn-ports-head@freebsd.org, ports-security@freebsd.org, svn-ports-all@freebsd.org, ports-committers@freebsd.org Subject: Re: svn commit: r302900 - head/security/vuxml Message-ID: <20120822042824.GE59200@gprs-internet-client-10.234.sonicduo.com> In-Reply-To: <CAF6rxg=FJWHxT1ffpPcFsa4ADwAsVQSQR8Tm9p42LQW8hFxJsA@mail.gmail.com> References: <201208212056.q7LKuiwn004348@svn.freebsd.org> <CAF6rxg=FJWHxT1ffpPcFsa4ADwAsVQSQR8Tm9p42LQW8hFxJsA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--ILuaRSyQpoVaJ1HG Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Eitan, good day. Tue, Aug 21, 2012 at 05:54:15PM -0400, Eitan Adler wrote: > On 21 August 2012 16:56, Eygene Ryabinkin <rea@freebsd.org> wrote: > ... > > Log: > > rssh: document arbitrary code execution, CVE-2012-3478 > ... > > + <url>http://sourceforge.net/mailarchive/message.php?msg_id=3D292= 35647</url> >=20 > Given this mailing list discussion, should the port be marked > FORBIDDEN? No: there is a patch that fixes this issue from the main developer (last two messages in the above cited thread; they are mangled at the web page, but downloading as HTML gives the patch). I intend to update rssh to 2.3.3, apply the patch and possibly bring the support for rsync from Debian. Once my conversion of the Git repository for ports from using CVS to Subversion will end ;)) --=20 Eygene Ryabinkin ,,,^..^,,, [ Life's unfair - but root password helps! | codelabs.ru ] [ 82FE 06BC D497 C0DE 49EC 4FF0 16AF 9EAE 8152 ECFB | freebsd.org ] --ILuaRSyQpoVaJ1HG Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (Darwin) iF4EABEIAAYFAlA0X+QACgkQFq+eroFS7PtbVAD8Db4w+ewnlHyOuFSIzERNMRTK grn51AF3rLIsIbEgvGAA/2Z16bRabNxsJi+ahoh4mZ5b1n6yZoo8z6J2xnOSxutL =N4gw -----END PGP SIGNATURE----- --ILuaRSyQpoVaJ1HG--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120822042824.GE59200>