Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 24 Nov 2008 09:45:55 +0300
From:      Eygene Ryabinkin <rea-fbsd@codelabs.ru>
To:        Anish Mistry <amistry@am-productions.biz>
Cc:        freebsd-security@freebsd.org, bug-followup@freebsd.org
Subject:   Re: ports/129097: [vuxml] print/hplip: document CVE-2008-2940 and CVE-2008-2941
Message-ID:  <rbxTsaOyajN6FNDu7zLdCJ3jAI4@OmuuSA%2BrJzFD9lLmKTktDfHBczE>
In-Reply-To: <200811231446.43728.amistry@am-productions.biz>
References:  <20081123184449.6801AF181D@phoenix.codelabs.ru> <200811231446.43728.amistry@am-productions.biz>
next in thread | previous in thread | raw e-mail | index | archive | help 

--jFijuCULRDbBA23d
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Anish, good day.

Sun, Nov 23, 2008 at 02:46:26PM -0500, Anish Mistry wrote:
> On Sunday 23 November 2008, Eygene Ryabinkin wrote:
> > >Number:         129097
> > >Category:       ports
> > >Synopsis:       [vuxml] print/hplip: document CVE-2008-2940 and
> > > CVE-2008-2941 Confidential:   no
> > >Severity:       serious
> > >Priority:       high
> > >Responsible:    freebsd-ports-bugs
> > >State:          open
> > >Quarter:
> > >Keywords:
> > >Date-Required:
> > >Class:          sw-bug
> > >Submitter-Id:   current-users
> > >Arrival-Date:   Sun Nov 23 18:50:00 UTC 2008
> > >Closed-Date:
> > >Last-Modified:
> > >Originator:     Eygene Ryabinkin
> > >Release:        FreeBSD 7.1-PRERELEASE i386
> > >Organization:
>
> Commit it.

That's fine, thanks.  But yesterday I had sent a patch that fixes the
vulnerabilities for 2.8.2.  What do you think about it?  Could you test
the patch?  The VuXML entry details depend on this: I wrote that
hplip >=3D 2.8.4 aren't vulnerable, but if you'll approve the patch that
upgrades to 2.8.2_3, then VuXML entry should be corrected.

Thanks again!
--=20
Eygene
 _                ___       _.--.   #
 \`.|\..----...-'`   `-._.-'_.-'`   #  Remember that it is hard
 /  ' `         ,       __.--'      #  to read the on-line manual  =20
 )/' _/     \   `-_,   /            #  while single-stepping the kernel.
 `-'" `"\_  ,_.-;_.-\_ ',  fsc/as   #
     _.-'_./   {_.'   ; /           #    -- FreeBSD Developers handbook=20
    {_.-``-'         {_/            #

--jFijuCULRDbBA23d
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (FreeBSD)

iEYEARECAAYFAkkqTaMACgkQthUKNsbL7YiDMgCeIrW3GANQwaHSH77rUqKpu6Yd
GZoAn3+QVO1JCozTuRkOOACJV3jNe9fh
=1tQU
-----END PGP SIGNATURE-----

--jFijuCULRDbBA23d--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?rbxTsaOyajN6FNDu7zLdCJ3jAI4>