Updating portaudit - strongswan (5.1.1) CVE
Dewayne Geraghty
dewayne.geraghty at heuristicsystems.com.au
Thu May 1 05:58:30 UTC 2014
We updated strongswan yesterday and noticed in their changelog the
resolution of CVE2014-2338 in strongswan 5.1.3 which was released on
14th April '14. Secunia advises that this has a "moderately critical"
rating.
I've examined the references below and other web searching, but haven't
been able to find a way to "notify" the portaudit mechanism of a port
vulnerability.
Would it be possible to mention how a port vulnerability can be raised
for review/entry into the portaudit database? Ideally at one or more of
the references below. It may be as simple as a new category at
http://www.freebsd.org/send-pr.html.
Refs:
http://www.freebsd.org/security/#sec
http://www.freebsd.org/security/reporting.html
http://www.freebsd.org/doc/handbook/security-portaudit.html
http://portaudit.freebsd.org/
Update request:
http://www.freebsd.org/cgi/query-pr.cgi?pr=189132
Regards, Dewayne
More information about the freebsd-ports
mailing list