Re: base and ports vulnerabilities

Reply: fatty.merchandise677_a_aceecat.org: "Re: base and ports vulnerabilities"
In reply to: fatty.merchandise677_a_aceecat.org: "Re: base and ports vulnerabilities"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Graham Perrin <grahamperrin_at_gmail.com>
Date: Sun, 29 Jun 2025 06:24:18 UTC

On 28/06/2025 19:44, fatty.merchandise677@aceecat.org wrote:
> … I am confused, because
>
> https://www.vuxml.org/freebsd/
>
> says right on top:
>
> Security issues that affect the FreeBSD operating system or
>                              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> applications in the FreeBSD Ports Collection
>
> etc.


<https://www.freebsd.org/security/advisories/FreeBSD-SA-24:09.libnv.asc> 
is a security advisory that mentions CVE IDs but not VuXML.

<https://vuxml.freebsd.org/freebsd/8d1f9adf-6b4f-11ef-9a62-002590c1f29c.html> 
is the VuXML entry for SA-24:09.libnv.

----

Via 
<https://www.freebsd.org/status/report-2024-10-2024-12/#_security_engineering_at_the_freebsd_foundation>: 


<https://github.com/ossf/osv-schema/pull/237>
tools: import a conversion tool to and from VuXML by khorben · Pull 
Request #237 · ossf/osv-schema

Also:

<https://freebsdfoundation.org/blog/freebsd-ports-and-packages-security-project/>
FreeBSD Ports and Packages Security Project | FreeBSD Foundation