svn commit: r474804 - head/security/vuxml

Glen Barber gjb at FreeBSD.org
Tue Jul 17 17:27:20 UTC 2018 

On Tue, Jul 17, 2018 at 09:17:15PM +0400, Roman Bogorodskiy wrote:
>   Glen Barber wrote:
> 
> > Author: gjb
> > Date: Tue Jul 17 15:38:01 2018
> > New Revision: 474804
> > URL: https://svnweb.freebsd.org/changeset/ports/474804
> > 
> > Log:
> >   Comment a project-specific CVE reference in attempt to fix the build.
> >   
> >   Sponsored by:	The FreeBSD Foundation
> > 
> > Modified:
> >   head/security/vuxml/vuln.xml
> > 
> > Modified: head/security/vuxml/vuln.xml
> > ==============================================================================
> > --- head/security/vuxml/vuln.xml	Tue Jul 17 15:29:24 2018	(r474803)
> > +++ head/security/vuxml/vuln.xml	Tue Jul 17 15:38:01 2018	(r474804)
> > @@ -101,10 +101,12 @@ Notes:
> >        </body>
> >      </description>
> >      <references>
> > +      <?ignore
> >        <cvename>CORE-SA-2018-001</cvename>
> >        <cvename>CORE-SA-2018-002</cvename>
> >        <cvename>CORE-SA-2018-003</cvename>
> >        <cvename>CORE-SA-2018-004</cvename>
> > +      ?>
> >        <url>https://typo3.org/security/advisory/typo3-core-sa-2018-001/</url>
> >        <url>https://typo3.org/security/advisory/typo3-core-sa-2018-002/</url>
> >        <url>https://typo3.org/security/advisory/typo3-core-sa-2018-003/</url>
> > 
> 
> It fails 'make validate' for me with:
> 
> Checking if tidy differs...
> --- /usr/home/novel/ports_stuff/vuxml/vuln.xml  2018-07-17 21:13:31.691273000 +0400
> +++ /usr/home/novel/ports_stuff/vuxml/vuln.xml.tidy     2018-07-17 21:15:36.994435000 +0400
> @@ -101,8 +101,7 @@
>        </body>
>      </description>
>      <references>
> -      <?ignore
> -      <cvename>CORE-SA-2018-001</cvename>
> +      <?ignore <cvename>CORE-SA-2018-001</cvename>
>        <cvename>CORE-SA-2018-002</cvename>
>        <cvename>CORE-SA-2018-003</cvename>
>        <cvename>CORE-SA-2018-004</cvename>
> *** Error code 1
> 
> Is that a problem or that's just me?
> 

It seems to be just you, but I'll remove the cvename tags, since these
are (AFAIK) Mitre CVE numbers, not vendor-created CVE numbers.

Glen

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/svn-ports-all/attachments/20180717/f711a911/attachment-0001.sig>

More information about the svn-ports-all mailing list