cvs commit: ports/security/vuxml vuln.xml

Chris Rees crees at
Mon Sep 5 19:19:54 UTC 2011

On 5 September 2011 00:59, Matthias Andree <mandree at> wrote:
> Am 04.09.2011 22:15, schrieb Chris Rees:
>> crees       2011-09-04 20:15:52 UTC
>>   FreeBSD ports repository
>>   Modified files:
>>     security/vuxml       vuln.xml
>>   Log:
>>   - Document cfs buffer overflow vulnerability.
>>   - While here, unbreak packaudit -- it doesn't like newlines in the
>>     middle of tags.  Perhaps a comment should say something?
> Chris,
> Are you use that your XML and/or SGML toolchains and document type
> definitions and catalogs are properly installed?   I have seen cases
> where the catalogs were broken, and nothing short of deinstalling
> xmlcatmgr (and all ports that need it), removing leftover catalogs, and
> reinstalling all ports that got deinstalled helped.
> Are you sure that you aren't by accident tripped up by CR characters
> somewhere?
> I've reverted vuln.xml to 1.2434 and don't see how it breaks the parser
> (xsltproc), and packaudit generates a file that seems to be in proper
> working order for me.

Would certainly make sense. If you can't reproduce it, we'll assume
it's my out of date xml ports, which I thought I'd updated and
obviously failed to.

Sorry for the noise.


More information about the cvs-ports mailing list