From nobody Thu Dec 07 01:07:59 2023 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Slx3V0jmYz53JHV; Thu, 7 Dec 2023 01:08:22 +0000 (UTC) (envelope-from dan@langille.org) Received: from wout3-smtp.messagingengine.com (wout3-smtp.messagingengine.com [64.147.123.19]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4Slx3T5phdz4TL8; Thu, 7 Dec 2023 01:08:21 +0000 (UTC) (envelope-from dan@langille.org) Authentication-Results: mx1.freebsd.org; none Received: from compute7.internal (compute7.nyi.internal [10.202.2.48]) by mailout.west.internal (Postfix) with ESMTP id 5B75E3200A7C; Wed, 6 Dec 2023 20:08:20 -0500 (EST) Received: from imap42 ([10.202.2.92]) by compute7.internal (MEProxy); Wed, 06 Dec 2023 20:08:20 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=langille.org; h= cc:cc:content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:sender :subject:subject:to:to; s=fm1; t=1701911299; x=1701997699; bh=d/ BVV4sBrJGww2K4pOHaVIy9DZQ1o2VtzNiZ6HnS1ws=; b=mMkhE0EizOvZwamkMY 0ieMS6Um4B7gd8RJhB6E03Vck+zWLBcu+oAqYjh0WCmbb2g/kBFLxB6pzMVltNPa IYqfrp4Gz8WoBGUGhBw4EmqEamPIbJB2nLy6JfOwkIPI2cTghQOS84vURhzihXIZ r8Oi7pgQS1BinqPSUfy2Z2sDvKiwkn+Zp9GfCdIZRqpGvViCWUzfT8KJVB9mrEkV XSBzQ47l5HxFpnQQVesqSCH3/ifRIOuDZcTMa+jBK7zjfdZYX7EjWb8puZh1woud Wz2xJpKLdovuB+LCMK14BMMBI2clF8izegethDv5na1axY78HMO+bJ/xav0GBR+f Ep7g== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; t=1701911299; x=1701997699; bh=d/BVV4sBrJGww 2K4pOHaVIy9DZQ1o2VtzNiZ6HnS1ws=; b=GOU6RGwNdr9hXipaDVkr7jS6dcD8Z T11yBQZLJKbUEEsc/yS29OBBhfaIj1SbiAtfgqtzCX3Oe6V9Bx21WJ8LCKq87NOr xqbuqlYJUwxvqZNRkkqqiAwoaEYDr5skRXdc/coJsQpiiKkrK1i5xQuImrvCJ/UZ 8PpI8oBaVlYyE4aMIUpFus9D5HjKI9xapKY4SOutwEwu1JcXvfp5riy1Hl4J+uNt VT/Xt2NRkz6eI2PxlYcNxaRHSGvMe32QKMaRrNg07bTetmgp7mcf+fRCku39fFBi IqQde8Csr1761RR2ao98B8eYQSpsZLdAJf9xJdtkSoNvIFsJ0W2MbFIjg== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrudekuddgvdelucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfgjfhffhffvvefutgesth dtredtreertdenucfhrhhomhepfdffrghnucfnrghnghhilhhlvgdfuceouggrnheslhgr nhhgihhllhgvrdhorhhgqeenucggtffrrghtthgvrhhnpedvtedvgeeghfeuheetgeehje dtuddtjeettdfgfeeltdegjeefiedtgfegffelveenucevlhhushhtvghrufhiiigvpedt necurfgrrhgrmhepmhgrihhlfhhrohhmpegurghnsehlrghnghhilhhlvgdrohhrgh X-ME-Proxy: Feedback-ID: ifbf9424e:Fastmail Received: by mailuser.nyi.internal (Postfix, from userid 501) id 9226ABC007C; Wed, 6 Dec 2023 20:08:19 -0500 (EST) X-Mailer: MessagingEngine.com Webmail Interface User-Agent: Cyrus-JMAP/3.9.0-alpha0-1178-geeaf0069a7-fm-20231114.001-geeaf0069 List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org MIME-Version: 1.0 Message-Id: <1c336fc9-6187-4acd-8eef-a637e395b69e@app.fastmail.com> In-Reply-To: References: <202312052304.3B5N4IOf078862@gitrepo.freebsd.org> <4c967ca4-bfa1-4e30-b330-feb94d6c765b@app.fastmail.com> <38DAC2D1-58B0-43C5-9F1E-97281068AFD5@freebsd.org> Date: Wed, 06 Dec 2023 20:07:59 -0500 From: "Dan Langille" To: "Philip Paeps" Cc: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: Re: git: a580d36be4c7 - main - security/vuxml: add FreeBSD SA released on 2023-12-05 Content-Type: text/plain X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:29838, ipnet:64.147.123.0/24, country:US] X-Spamd-Bar: ---- X-Rspamd-Queue-Id: 4Slx3T5phdz4TL8 On Wed, Dec 6, 2023, at 7:52 PM, Philip Paeps wrote: > On 2023-12-07 08:43:21 (+0800), Dan Langille wrote: >> On Wed, Dec 6, 2023, at 7:34 PM, Philip Paeps wrote: >>> On 2023-12-07 01:37:01 (+0800), Dan Langille wrote: >>>> On Tue, Dec 5, 2023, at 6:04 PM, Philip Paeps wrote: >>>>> The branch main has been updated by philip: >>>>> >>>>> [...] >>>>> >>>>> + >>>>> + FreeBSD-kernel >>>>> + 14.014.0_2 >>>>> + 13.213.2_7 >>>> >>>> [...] >>>> >>>> I hope to avoid a situation where false positives continue until the >>>> user land and kernel are on the patch levels. >>> >>> This is the same problem we've had before, isn't it? >> >> Yes. > > Phew. I was worried I typo-ed something. ;-) > >>> Did we find an >>> actual solution to that, or do we have to wait until the next SA >>> brings >>> the freebsd-version numbers back in line? >> >> The world waited. ;) >> >>> In other words: is there anything I can do, right now, to make this >>> better for you? :-) >> >> It seems there kernel vulns and userland vulns. >> >> Why don't we check them and record them separately? > > I already record them separately in vuxml. If a vulnerability only > affects userland, I record FreeBSD[...]. > If the kernel is affected I record > FreeBSD-kernel[...]. > > Hmm ... is that the problem? Should I set the versions to the *kernel* > patch level for FreeBSD-kernel vulnerabilities? Is something going to > get upset if I change the most recent entry to 12.2_4? First, let's test if that fixes it. This fixes it for me: 13.213.2_4 given: -- Dan Langille dan@langille.org