svn commit: r342244 - head/security/vuxml
Bryan Drewery
bdrewery at FreeBSD.org
Sun Feb 2 17:28:11 UTC 2014
On 2/1/2014 9:51 PM, Ryan Steinmetz wrote:
> Author: zi
> Date: Sun Feb 2 03:51:39 2014
> New Revision: 342244
> URL: http://svnweb.freebsd.org/changeset/ports/342244
> QAT: https://qat.redports.org/buildarchive/r342244/
>
> Log:
> - Add libyaml to the libyaml vulnerability entry
I think this should be a separate entry. The description is specific to
how pkg uses libyaml.
>
> Modified:
> head/security/vuxml/vuln.xml
>
> Modified: head/security/vuxml/vuln.xml
> ==============================================================================
> --- head/security/vuxml/vuln.xml Sun Feb 2 03:46:48 2014 (r342243)
> +++ head/security/vuxml/vuln.xml Sun Feb 2 03:51:39 2014 (r342244)
> @@ -52,9 +52,13 @@ Note: Please add new entries to the beg
> -->
> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
> <vuln vid="111f1f84-1d14-4ff2-a9ea-cf07119c0d3b">
> - <topic>pkg -- libyaml heap overflow resulting in possible code execution</topic>
> + <topic>libyaml heap overflow resulting in possible code execution</topic>
> <affects>
> <package>
> + <name>libyaml</name>
> + <range><lt>0.1.4_3</lt></range>
> + </package>
> + <package>
> <name>pkg</name>
> <range><lt>1.2.6</lt></range>
> </package>
>
--
Regards,
Bryan Drewery
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 553 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/svn-ports-all/attachments/20140202/73e8c8a1/attachment.sig>
More information about the svn-ports-all
mailing list