cvs commit: ports/security/vuxml vuln.xml

Thu May 6 09:01:35 PDT 2004

On Thu, May 06, 2004 at 08:43:53AM -0700, Oliver Eikemeier wrote:
> eik         2004/05/06 08:43:53 PDT
> 
>   FreeBSD ports repository
> 
>   Modified files:
>     security/vuxml       vuln.xml 
>   Log:
>   exim buffer overflow when verify = header_syntax is used
>   
>   Revision  Changes    Path
>   1.90      +27 -0     ports/security/vuxml/vuln.xml

Thanks!
Actually, there are two bugs: CAN-2004-0399 CAN-2004-0400
Were both of these fixed?

Also, the package names and versions are not quite right.
You wrote:

      <package>
        <name>exim{,-ldap2,-mysql,-postgresql}</name>
        <range>
          <lt>exim-4.33+20_1</lt>
        </range>
      </package>

The name is not valid.
The version should not include the name again.
I think what you meant was:

      <package>
        <name>exim</name>
        <name>exim-ldap2</name>
        <name>exim-mysql</name>
        <name>exim-postgresql</name>
        <range><lt>4.33+20_1</lt></range>
      </package>

Cheers,
-- 
Jacques Vidrine / nectar at celabo.org / jvidrine at verio.net / nectar at freebsd.org