svn commit: r331796 - head/security/vuxml

Remko Lodder remko at FreeBSD.org
Sun Oct 27 19:48:57 UTC 2013 

On 27 Oct 2013, at 19:19, Sunpoet Po-Chuan Hsieh <sunpoet at FreeBSD.org> wrote:

> Author: sunpoet
> Date: Sun Oct 27 18:19:16 2013
> New Revision: 331796
> URL: http://svnweb.freebsd.org/changeset/ports/331796
> 
> Log:
>  - Revert previous commit

This cannot happen. 

24741   <vuln vid="b2a6fc0e-070f-11e0-a6e9-00215c6a37bb">$
24742     <cancelled/>$
24743   </vuln>$

Something like that should have been done…

Can you please update it as such? Also, why is this being reverted? The commit message does not state
that, and there are issues within Wordpress (occasionally) so it does not seem unreasonable something
like below is actually a problem within Wordpress?

Thanks
Remko

> 
> Modified:
>  head/security/vuxml/vuln.xml
> 
> Modified: head/security/vuxml/vuln.xml
> ==============================================================================
> --- head/security/vuxml/vuln.xml	Sun Oct 27 18:19:13 2013	(r331795)
> +++ head/security/vuxml/vuln.xml	Sun Oct 27 18:19:16 2013	(r331796)
> @@ -51,39 +51,6 @@ Note:  Please add new entries to the beg
> 
> -->
> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
> -  <vuln vid="cd082cc6-1548-4b8d-a3aa-a007be611a29">
> -    <topic>WordPress -- Cross-site scripting vulnerability</topic>
> -    <affects>
> -      <package>
> -	<name>de-wordpress</name>
> -	<name>ja-wordpress</name>
> -	<name>ru-wordpress</name>
> -	<name>wordpress</name>
> -	<name>zh-wordpress-zh_CN</name>
> -	<name>zh-wordpress-zh_TW</name>
> -	<range><lt>3.7</lt></range>
> -      </package>
> -    </affects>
> -    <description>
> -      <body xmlns="http://www.w3.org/1999/xhtml">
> -	<p>iBliss Security Advisory:</p>
> -	<blockquote cite="http://archives.neohapsis.com/archives/bugtraq/2013-09/0055.html">
> -	  <p>The walkthrouth web page does not validate the step parameter leading to 
> -	     a Cross-site scripting flaw. An no authenticated user is required to 
> -	     exploit these security flaws.</p>
> -	</blockquote>
> -      </body>
> -    </description>
> -    <references>
> -      <cvename>CVE-2013-5711</cvename>
> -      <url>http://wordpress.org/plugins/design-approval-system/other_notes/</url>
> -    </references>
> -    <dates>
> -      <discovery>2013-09-09</discovery>
> -      <entry>2013-10-27</entry>
> -    </dates>
> -  </vuln>
> -
>   <vuln vid="9065b930-3d8b-11e3-bd1a-e840f2096bd0">
>     <topic>gnutls -- denial of service</topic>
>     <affects>
> _______________________________________________
> svn-ports-all at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/svn-ports-all
> To unsubscribe, send any mail to "svn-ports-all-unsubscribe at freebsd.org"

-- 
/"\   With kind regards,			| remko at elvandar.org
\ /   Remko Lodder			| remko at FreeBSD.org
X    FreeBSD					| http://www.evilcoder.org
/ \   The Power to Serve		| Quis custodiet ipsos custodes

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freebsd.org/pipermail/svn-ports-head/attachments/20131027/560a4c6a/attachment.sig>

More information about the svn-ports-head mailing list