Matthew Seaman m.seaman at infracaninophile.co.uk
Thu Oct 7 21:02:23 UTC 2010

On 07/10/2010 21:47:34, Harlan Stenn wrote:
> Hi,
> I've seen the security alert for the current horde-base (3.3.8) port.
> It looks like 3.3.9 was released just over a week ago, and the release
> notes seem to indicate it fixes the security problems.
> I also see http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/151191, but
> I have no idea if that patch will actually fix the problem or not, or
> when that PR will be resolved.
> Should I just wait quietly, or is there a  minimally-intrusive way I
> could figure out the timeline on these things?

Hmmmm... that PR doesn't really help itself much.  It would receive more
attention if it mentioned the magic word "security" in the subject line.
 Even better would be to CC it to sec-team at ...[*]

Best of all though would be both of the above plus being sent as a
maintainer-update.  Unfortunately it seems the horde apps are without a
Maintainer at the moment.



[*] This isn't intended as a criticism of the person generating the PR
-- looks like they are writing in what to them is a foreign language,
and they've done a lot better than I would if I had to try and write in
their language.

Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
JID: matthew at infracaninophile.co.uk               Kent, CT11 9PW

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 267 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-ports/attachments/20101007/f9b04159/signature.pgp

More information about the freebsd-ports mailing list