svn commit: r302900 - head/security/vuxml
Eygene Ryabinkin
rea at freebsd.org
Wed Aug 22 04:28:30 UTC 2012
Eitan, good day.
Tue, Aug 21, 2012 at 05:54:15PM -0400, Eitan Adler wrote:
> On 21 August 2012 16:56, Eygene Ryabinkin <rea at freebsd.org> wrote:
> ...
> > Log:
> > rssh: document arbitrary code execution, CVE-2012-3478
> ...
> > + <url>http://sourceforge.net/mailarchive/message.php?msg_id=29235647</url>
>
> Given this mailing list discussion, should the port be marked
> FORBIDDEN?
No: there is a patch that fixes this issue from the main developer
(last two messages in the above cited thread; they are mangled
at the web page, but downloading as HTML gives the patch).
I intend to update rssh to 2.3.3, apply the patch and possibly
bring the support for rsync from Debian. Once my conversion
of the Git repository for ports from using CVS to Subversion
will end ;))
--
Eygene Ryabinkin ,,,^..^,,,
[ Life's unfair - but root password helps! | codelabs.ru ]
[ 82FE 06BC D497 C0DE 49EC 4FF0 16AF 9EAE 8152 ECFB | freebsd.org ]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/svn-ports-head/attachments/20120822/0ec16856/attachment.sig>
More information about the svn-ports-head
mailing list