Updating portaudit - strongswan (5.1.1) CVE
m.seaman at infracaninophile.co.uk
Thu May 1 08:33:44 UTC 2014
On 05/01/14 06:08, Dewayne Geraghty wrote:
> We updated strongswan yesterday and noticed in their changelog the
> resolution of CVE2014-2338 in strongswan 5.1.3 which was released on
> 14th April '14. Secunia advises that this has a "moderately critical"
> I've examined the references below and other web searching, but haven't
> been able to find a way to "notify" the portaudit mechanism of a port
Portaudit data derives from vuxml -- your best bet here is to prod the
port's maintainer preferably by means of a PR. Make it clear this is a
security fix. The maintainer should supply a patch to vuln.xml as part
of the update to 5.1.3, or else the committer should add one.
Alternatively, and if you don't get a timely response from the
maintainer, bring up the issue on the freebsd-ports at .... mailing list,
which you've done.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1029 bytes
Desc: OpenPGP digital signature
More information about the freebsd-ports