Date: Fri, 5 Aug 2022 17:56:36 +0200 From: =?UTF-8?Q?Fernando_Apestegu=C3=ADa?= <fernando.apesteguia@gmail.com> To: Nuno Teixeira <eduardo@freebsd.org> Cc: FreeBSD Mailing List <freebsd-ports@freebsd.org> Subject: Re: Need opinion on update vuxml Message-ID: <CAGwOe2b_CtnX7yO7VVeLf4aRFV1A7QMPyU3BojyAhdjPQLLEgg@mail.gmail.com> In-Reply-To: <CAFDf7ULUz1MoQb470Qfz2R=bcPres9zvkA4_6tfb-vCTcdKXig@mail.gmail.com> References: <CAFDf7ULUz1MoQb470Qfz2R=bcPres9zvkA4_6tfb-vCTcdKXig@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--0000000000007b9bdb05e5808d0a Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable El vie., 5 ago. 2022 14:48, Nuno Teixeira <eduardo@freebsd.org> escribi=C3= =B3: > Hello, > > As a committer do I need secteam approval to update vuxml database? > AFAICT you don't need approval, you can make the changes yourself directly. Cheers > > For what I've read in 12.3.1. The VuXML Database > <https://docs.freebsd.org/en/books/porters-handbook/book/#security-notify= -vuxml-db> > : > --- > Committers can update the VuXML database themselves, assisting the > Security Officer Team and delivering crucial information to the community > more quickly. Those who are not committers or have discovered an > exceptionally severe vulnerability should not hesitate to contact the > Security Officer Team directly, as described on the FreeBSD Security > Information <https://www.freebsd.org/security/#how>; page. > --- > > If yes, then I should make some tests do guarantee that new entry is ok: > --- > 3. use 'make validate' to verify syntax correctness > > Additional tests can be done this way: > $ make vuln-flat.xml > $ pkg audit -f ./vuln-flat.xml py26-django-1.6 (e.g.) > --- > > PR265526 have an vuxml new entry and I'm waiting for ports-secteam to > approve. > > Thanks in advance, > -- > Nuno Teixeira > FreeBSD Committer (ports) > --0000000000007b9bdb05e5808d0a Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr"><div dir=3D"auto"><div><br><br><div class=3D"gmail_quote">= <div dir=3D"ltr" class=3D"gmail_attr">El vie., 5 ago. 2022 14:48, Nuno Teix= eira <<a href=3D"mailto:eduardo@freebsd.org" target=3D"_blank">eduardo@f= reebsd.org</a>> escribi=C3=B3:<br></div><blockquote class=3D"gmail_quote= " style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><= div dir=3D"ltr"><div>Hello,</div><div><br></div><div>As a committer do I ne= ed secteam approval to update vuxml database?</div></div></blockquote></div= ></div><div dir=3D"auto"><br></div><div dir=3D"auto">AFAICT you don't n= eed approval, you can make the changes yourself directly.<br></div><div dir= =3D"auto"><br></div><div>Cheers<br></div><div dir=3D"auto"><div class=3D"gm= ail_quote"><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;bor= der-left:1px #ccc solid;padding-left:1ex"><div dir=3D"ltr"><div><br></div><= div>For what I've read in <a href=3D"https://docs.freebsd.org/en/books/= porters-handbook/book/#security-notify-vuxml-db" rel=3D"noreferrer" target= =3D"_blank">12.3.1. The VuXML Database</a>:<br></div><div>---</div><div>Com= mitters can update the VuXML database themselves, assisting the=20 Security Officer Team and delivering crucial information to the=20 community more quickly. Those who are not committers or have discovered an exceptionally severe=20 vulnerability should not hesitate to contact the Security Officer Team=20 directly, as described on the <a href=3D"https://www.freebsd.org/security/#= how" rel=3D"noreferrer" target=3D"_blank">FreeBSD Security Information</a> = page.</div><div>---</div><div><br></div><div>If yes, then I should make som= e tests do guarantee that new entry is ok:</div><div>---<br></div><div>3. u= se 'make validate' to verify syntax correctness</div><div><br></div= >Additional tests can be done this way:<br>=C2=A0$ make vuln-flat.xml<br>= =C2=A0$ pkg audit -f ./vuln-flat.xml py26-django-1.6 (e.g.)<br><div>---</di= v><div><br></div><div>PR265526 have an vuxml new entry and I'm waiting = for ports-secteam to approve.</div><div><br></div><div>Thanks in advance,<b= r></div><div>-- <br><div dir=3D"ltr" data-smartmail=3D"gmail_signature"><di= v dir=3D"ltr"><span style=3D"color:rgb(102,102,102)">Nuno Teixeira<br>FreeB= SD Committer (ports)</span></div></div></div></div> </blockquote></div></div></div> </div> --0000000000007b9bdb05e5808d0a--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAGwOe2b_CtnX7yO7VVeLf4aRFV1A7QMPyU3BojyAhdjPQLLEgg>