cvs commit: ports/security/vuxml vuln.xml
Jacques Vidrine
nectar at FreeBSD.org
Fri Aug 13 01:36:36 PDT 2004
On Aug 12, 2004, at 7:26 PM, Oliver Eikemeier wrote:
> Jacques Vidrine wrote:
>
>> nectar 2004-08-12 18:43:01 UTC
>>
>> FreeBSD ports repository
>>
>> Modified files:
>> security/vuxml vuln.xml
>> Log:
>> Correct version information syntax in a number of entries.
>> VuXML-using
>> tools are expected only to understand actual package names and
>> version
>> numbers, not globs such as `foo-{bar,baz}' or `1.*'.
>
> The globs help against database bloat,
I don't believe that this is a significant benefit.
> and make checking faster.
This is only true if you are doing linear searching.
> 1.* is no glob, as you might remember from a previous discussion.
I remember the previous discussion, but that had to do with your
version of pkg_* tools. Outside of that context, "1.*" looks like a
glob, and I was just using that to be descriptive.
> portaudit understands these just fine, and I guess it is the main
> client right now.
I think VuXML.org is the main client :-) but of course that's not the
point. As previously discussed, the semantics of VuXML <name> and
<range> elements are package names and version numbers respectively,
not globs or glob-like patterns. In particular, the semantics are not
FreeBSD or FreeBSD Ports Collection specific.
> Besides, it seems like this commit introduced some errors. How should
> we handle this?
Hit me over the head with the specific errors, please :-) Let's
resolve them.
Cheers,
--
Jacques A Vidrine / NTT/Verio
nectar at celabo.org / jvidrine at verio.net / nectar at freebsd.org
More information about the cvs-ports
mailing list