cvs commit: ports/www/webcalendar Makefile distinfo
Remko Lodder
remko at elvandar.org
Thu Mar 22 07:51:49 UTC 2007
On Tue, Mar 20, 2007 at 02:32:10PM -0400, Kris Kennaway wrote:
> On Tue, Mar 20, 2007 at 06:28:49PM +0000, David Thiel wrote:
> > lx 2007-03-20 18:28:49 UTC
> >
> > FreeBSD ports repository
> >
> > Modified files:
> > www/webcalendar Makefile distinfo
> > Log:
> > Update to 1.0.5, fixing a remote variable overwrite vulnerability.
> > See http://secunia.com/advisories/24403/ for more details.
> >
> > PR: ports/110587
> > Submitted by: Greg Larkin (maintainer)
> > Approved by: edwin (mentor)
>
> FYI the Security: tag should be used in such situations so that the
> security team flag it for inclusion in the vulnerability database.
>
> Kris
Hi all,
Yes indeed, the Security: tag can be used for that amongst others,
other possible items are that Freshports (this is just an example)
might be able to parse them and or keep track of them. By using
this tag filtering becomes much easier, personally I scan most
ports commits and look whether there is a mentioning of Security:
or some reference, my life would be made a lot easier when Security:
was always used for security related commits (with a reference
to the source of the Security issue, and if possible the VuXML
link).
Thanks!
--
Kind regards,
Remko Lodder ** remko at elvandar.org
FreeBSD ** remko at FreeBSD.org
/* Quis custodiet ipsos custodes */
More information about the cvs-all
mailing list