cvs commit: ports/security/vuxml vuln.xml
Doug Barton
dougb at FreeBSD.org
Mon Sep 5 00:01:41 UTC 2011
On 09/04/2011 13:44, Chris Rees wrote:
> On 4 September 2011 21:15, Chris Rees <crees at freebsd.org> wrote:
>> crees 2011-09-04 20:15:52 UTC
>>
>> FreeBSD ports repository
>>
>> Modified files:
>> security/vuxml vuln.xml
>> Log:
>> - Document cfs buffer overflow vulnerability.
>> - While here, unbreak packaudit -- it doesn't like newlines in the
>> middle of tags. Perhaps a comment should say something?
>
> Actually, that's a bad long-term solution. The real solution would be
> to fix portaudit's XML parser.
>
> secteam, would you like me to have a go at it, or shall I let you
> investigate since you know the code?
Please just go for it. secteam@ hasn't been very responsive of late.
Will this fix the problem of new auditfile generation? The current one
is from the 1st and there have been several changes since then.
While you're at it, a feature request (although this is probably in a
different part of the code). It would be nice if the individual HTML
pages, such as
http://portaudit.freebsd.org/b7b03bab-c296-11d8-bfb2-000bdb1444a4.html
had a link back to the main page, http://portaudit.freebsd.org/.
Doug
--
Nothin' ever doesn't change, but nothin' changes much.
-- OK Go
Breadth of IT experience, and depth of knowledge in the DNS.
Yours for the right price. :) http://SupersetSolutions.com/
More information about the cvs-ports
mailing list