cvs commit: ports/net-p2p/i2p Makefile distinfo
Mario Sergio Fujikawa Ferreira
lioux at FreeBSD.org
Mon Jun 14 13:39:09 UTC 2010
Quoting Ion-Mihai Tetcu <itetcu at FreeBSD.org>:
> On Sun, 13 Jun 2010 11:50:43 +0000 (UTC)
> Mario Sergio Fujikawa Ferreira <lioux at FreeBSD.org> wrote:
>
>> lioux 2010-06-13 11:50:43 UTC
>>
>> FreeBSD ports repository
>>
>> Modified files:
>> net-p2p/i2p Makefile distinfo
>> Log:
>> - Update i2p to 0.7.14
>> - Update jetty to 5.1.15 due to security issues
>
> What issues? is there an VuXMl entry? Or at least an external reference
> (CVS, ...?
Sorry, according to the I2P site, they're referring to the following CERT Vulnerability Note VU#402580:
http://www.kb.cert.org/vuls/id/402580
Perhaps, we should add to VuXML that any version of the net-p2p/i2p prior to 0.7.14 is vulnerable due to that CERT. I've never added anything to VuXML before so I am not sure what is the proper procedure.
Regards,
--
Mario S F Ferreira - DF - Brazil - "I guess this is a signature."
feature, n: a documented bug | bug, n: an undocumented feature
More information about the cvs-ports
mailing list