svn commit: r356398 - head/security/vuxml
Drewery, Bryan
bdrewery at FreeBSD.org
Wed Jun 4 15:02:46 UTC 2014
On 6/4/14, 9:24 AM, Ryan Steinmetz wrote:
>
> On (06/04/14 08:50), Bryan Drewery wrote:
>>
>>> On Jun 4, 2014, at 3:32, Tijl Coosemans <tijl at FreeBSD.org> wrote:
>>>
>>>> On Tue, 3 Jun 2014 19:42:40 +0000 (UTC) Ryan Steinmetz wrote:
>>>> Author: zi
>>>> Date: Tue Jun 3 19:42:40 2014
>>>> New Revision: 356398
>>>> URL: http://svnweb.freebsd.org/changeset/ports/356398
>>>> QAT: https://qat.redports.org/buildarchive/r356398/
>>>>
>>>> Log:
>>>> - Document vulnerability in security/gnutls3 (CVE-2014-3466)
>>>
>>> Is security/gnutls affected by this as well? Because most ports are
>>> still using that version.
>>
>> Not sure. That port needs to just die though and all ports use the new.
>
> GnuTLS' website doesn't mention 2.x, however, I did see someones post
> that mentioned that the bad code may have been introduced in 1.x.
>
> Given that 2.x seems deprecated/unsupported by the authors, I think we
> really need to push to ditch it.
>
> -r
>
It's already planned to do so. Just needs to have the work done.
--
Regards,
Bryan Drewery
More information about the svn-ports-head
mailing list