ports/166990: security/vuxml update to report www/[nginx|nginx-devel] security issue
rodrigo osorio
rodrigo at bebik.net
Mon Apr 16 10:20:10 UTC 2012
>Number: 166990
>Category: ports
>Synopsis: security/vuxml update to report www/[nginx|nginx-devel] security issue
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Mon Apr 16 10:20:09 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator: rodrigo osorio
>Release:
>Organization:
>Environment:
>Description:
The www/[nginx|nginx-devel] ports was updated last friday to fix a buffer overflow issue, but the vuxml database doesn't reflect the change.
See below, the patch to update the vuln.xml file generate using the Makefile commands. Only the first part of the validation was done, the script fails unexpectedly.
http://files.bebik.net/patches/vuln.patch
>How-To-Repeat:
>Fix:
Apply the patch below :
http://files.bebik.net/patches/vuln.patch
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list