svn commit: r321045 - head/security/tor-devel
b.f.
bf1783 at googlemail.com
Sun Jun 16 14:06:06 UTC 2013
On 6/16/13, Eitan Adler <eadler at freebsd.org> wrote:
> On Sun, Jun 16, 2013 at 2:47 PM, Brendan Fabeny <bf at freebsd.org> wrote:
>> Author: bf
>> Date: Sun Jun 16 12:47:50 2013
>> New Revision: 321045
>> URL: http://svnweb.freebsd.org/changeset/ports/321045
>>
>> Log:
>> Remove a problematic mirror, and note that the commit message for
>> r321043
>> should have read:
>>
>> Update to 0.2.4.13-alpha
>>
>> Security: Tor bug 8833 and other potential remote crash
>> vulnerabilities
>
> Is this documented in VuXML?
> FWIW the Security tag is usually the CVE id or VuXML id for the issue.
That is often the case, but we have always permitted other reliable
references as well.
In this case no CVEs were issued, and I rarely bother with VuXML
entries for the -devel port, because users have come to expect
frequent updates and bug disclosures, and a full list of the secure
versions would be complicated and subject to frequent changes.
However, I can add an entry marking all prior versions as vulnerable
in this case if users think that it would be helpful.
b.
More information about the svn-ports-all
mailing list