cvs commit: ports/security/vuxml vuln.xml
Remko Lodder
remko at elvandar.org
Mon Sep 5 07:46:57 UTC 2011
Dear Doug,
While having a look is not a problem, it is bad advice that someone goes for it because
I am not responsive enough. I advised Chris to have a look at possible solutions but consult
us before commits are being made.
Thanks
Remko
On Sep 5, 2011, at 2:01 AM, Doug Barton wrote:
> On 09/04/2011 13:44, Chris Rees wrote:
>> On 4 September 2011 21:15, Chris Rees <crees at freebsd.org> wrote:
>>> crees 2011-09-04 20:15:52 UTC
>>>
>>> FreeBSD ports repository
>>>
>>> Modified files:
>>> security/vuxml vuln.xml
>>> Log:
>>> - Document cfs buffer overflow vulnerability.
>>> - While here, unbreak packaudit -- it doesn't like newlines in the
>>> middle of tags. Perhaps a comment should say something?
>>
>> Actually, that's a bad long-term solution. The real solution would be
>> to fix portaudit's XML parser.
>>
>> secteam, would you like me to have a go at it, or shall I let you
>> investigate since you know the code?
>
> Please just go for it. secteam@ hasn't been very responsive of late.
>
> Will this fix the problem of new auditfile generation? The current one
> is from the 1st and there have been several changes since then.
>
> While you're at it, a feature request (although this is probably in a
> different part of the code). It would be nice if the individual HTML
> pages, such as
> http://portaudit.freebsd.org/b7b03bab-c296-11d8-bfb2-000bdb1444a4.html
> had a link back to the main page, http://portaudit.freebsd.org/.
>
>
> Doug
>
> --
>
> Nothin' ever doesn't change, but nothin' changes much.
> -- OK Go
>
> Breadth of IT experience, and depth of knowledge in the DNS.
> Yours for the right price. :) http://SupersetSolutions.com/
>
> _______________________________________________________
> Please think twice when forwarding, cc:ing, or bcc:ing
> security-team messages. Ask if you are unsure.
>
More information about the cvs-all
mailing list