svn commit: r302966 - head/security/vuxml
Eitan Adler
eadler at freebsd.org
Thu Aug 23 04:14:44 UTC 2012
On 22 August 2012 17:10, Eygene Ryabinkin <rea at freebsd.org> wrote:
> Author: rea
> Date: Wed Aug 22 21:10:10 2012
> New Revision: 302966
> URL: http://svn.freebsd.org/changeset/ports/302966
>
> Log:
> VuXML: document CVE-2012-3525 in jabberd 2.x
>
> Modified:
> head/security/vuxml/vuln.xml
>
> Modified: head/security/vuxml/vuln.xml
> ==============================================================================
> --- head/security/vuxml/vuln.xml Wed Aug 22 20:40:40 2012 (r302965)
> +++ head/security/vuxml/vuln.xml Wed Aug 22 21:10:10 2012 (r302966)
> @@ -51,6 +51,39 @@ Note: Please add new entries to the beg
>
> -->
> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
> + <vuln vid="4d1d2f6d-ec94-11e1-8bd8-0022156e8794">
> + <topic>jabberd -- domain spoofing in server dialback protocol</topic>
> + <affects>
> + <package>
> + <name>jabberd</name>
> + <range><lt>2.2.16_2</lt></range>
> + </package>
> + </affects>
It seems like this vuln affects multiple ports:
http://xmpp.org/resources/security-notices/server-dialback/
Do we want one vuxml for all of them or separate vuxmls? My
preference is for one combined entry.
--
Eitan Adler
Source & Ports committer
X11, Bugbusting teams
More information about the svn-ports-all
mailing list