From nobody Thu Jun 23 19:24:55 2022 X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 94E45868180; Thu, 23 Jun 2022 19:25:08 +0000 (UTC) (envelope-from lwhsu@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4LTVZX3m1fz4TMf; Thu, 23 Jun 2022 19:25:08 +0000 (UTC) (envelope-from lwhsu@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1656012308; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=KOmMIexCWoyUj0thMrp4t7FfRDyB8Mx/a62WJUrJTzc=; b=Rhhkdw2F33/SimpZXG38vH5qek+jr76cjFVJ+SImvBMFu/eENIuim6OAjYDvxj/9nqBQqU UDYuR4pPmhbO3pCscB0FZ7NpuitiBI9rDM1mKPoVC2CVvAOZ+dkfjxmdEeYFVeJpI9gv6c sXsgWd7QYdxEgJfKfjA6QKDNpbNOaoRd06Y5SoriOYNpMhctwpVtfZUkAlIbUeyzGe/zCX 29uVueSlfJTqLOSPuhrGLFae7HVV2QSGKftd3hf77wKYMoNl98/kXzUZSSSv78Rw1dsPRz DmDWB2HLOugUku/uuNmfh6bY2WF1jNTp9NhfKSPUEsdoLUaOksqgllMQa9J5Tg== Received: from mail-ed1-f50.google.com (mail-ed1-f50.google.com [209.85.208.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) (Authenticated sender: lwhsu/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 59EF41526; Thu, 23 Jun 2022 19:25:08 +0000 (UTC) (envelope-from lwhsu@freebsd.org) Received: by mail-ed1-f50.google.com with SMTP id e40so397851eda.2; Thu, 23 Jun 2022 12:25:08 -0700 (PDT) X-Gm-Message-State: AJIora9vC2Lhmxvouk9T3QBIouqizIB+XoIcDkFBiE6s77ZWohyQURYm XIVWIWmg7kejo+HlJ9y95xU6JBdFl4qOuXavYqs= X-Google-Smtp-Source: AGRyM1vBW/QTAxzexOiKkcHCJngzx+zOTeGtvtaBSafp1wBzZFRUuHpuKN40Q4S6UVtY1zKmclmLKnMcnnlUTDP660M= X-Received: by 2002:a05:6402:5207:b0:435:a27b:88f7 with SMTP id s7-20020a056402520700b00435a27b88f7mr12704442edd.22.1656012307373; Thu, 23 Jun 2022 12:25:07 -0700 (PDT) List-Id: Commits to the main branch of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-main@freebsd.org X-BeenThere: dev-commits-ports-main@freebsd.org MIME-Version: 1.0 References: <202206221911.25MJBpc8036885@gitrepo.freebsd.org> <87sfnvelgl.wl-herbert@gojira.at> In-Reply-To: <87sfnvelgl.wl-herbert@gojira.at> From: Li-Wen Hsu Date: Fri, 24 Jun 2022 03:24:55 +0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: git: 28676937f7e1 - main - security/vuxml: Document Jenkins Security Advisory 2022-06-22 To: "Herbert J. Skuhra" Cc: ports-committers , dev-commits-ports-all@freebsd.org, dev-commits-ports-main@freebsd.org Content-Type: text/plain; charset="UTF-8" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1656012308; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=KOmMIexCWoyUj0thMrp4t7FfRDyB8Mx/a62WJUrJTzc=; b=qbfYnNh2E4DUypdM+9yIQ9CYgyVHjHuCPfNW3CT0Wn+I48ZDvAO2RuHUkZif8Xn5jtHVD4 3hBOWdub7/3vuTbs5Os3h0D0EpinmzpYPVoRVoW20YaxWIkUdbibZQemwWSHymMxO9v3hb dogDmo6SagnDFiMOWYwNgBSiSSnnGXjVmmm3Paq6czfiSpgMQuglEVUycWoOac7ojp8dj0 XlJfth0aK52r1en0ZrsxvY34i+o4GcK3Cz3TW1UcL116Y12drl3AKn1d2wdTVNV1wHq5xP 12vjuU9E4JV+TwHC+DnciHvcYjRdm1Z5IFluysuxzC8QJGuvwcb7/6/ZYUDWZA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1656012308; a=rsa-sha256; cv=none; b=BbtwFl5hd8BMBuBdAsdck6VGqStJjgtM5399KziNJj49vBV64K/DtcRiCKjd2j3Ijks/fr tNlU+1iHF87FZ+b1Zq0JxmiYtXEgGuqYQSohjXGJ4dp+eORJzaVpIA8QxZKKjhBolusnnT ww0XVc/lbPHwo04XpqrvKh2lwRvmnKXoeUfvjfL1vTe84XVU4tv9IODOunZaLCAbhzCoGv JA9Et3bDwVx1c7rR3Zf34Ltzbswg4lGtuw/yF9il/zDRXxZYHfnD1e8XjPhdfzGa3bsJgV 9JUx+UAS4jfA+H8EqsLALeOu023dkifOjW7FAoyeWFQrVRxmtC7l6DGCc5TPmw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N On Thu, Jun 23, 2022 at 6:15 PM Herbert J. Skuhra wrote: > > On Wed, 22 Jun 2022 21:11:51 +0200, Li-Wen Hsu wrote: > > > > The branch main has been updated by lwhsu: > > > > URL: https://cgit.FreeBSD.org/ports/commit/?id=28676937f7e12203df395188b61af15f451fa006 > > > > commit 28676937f7e12203df395188b61af15f451fa006 > > Author: Li-Wen Hsu > > AuthorDate: 2022-06-22 19:05:48 +0000 > > Commit: Li-Wen Hsu > > CommitDate: 2022-06-22 19:11:40 +0000 > > > > security/vuxml: Document Jenkins Security Advisory 2022-06-22 > > > > Sponsored by: The FreeBSD Foundation > > --- > > security/vuxml/vuln-2022.xml | 41 +++++++++++++++++++++++++++++++++++++++++ > > 1 file changed, 41 insertions(+) > > Hi, > > why are https://vuxml.freebsd.org/freebsd/index.html and > https://vuxml.freebsd.org/freebsd/rss.xml again not > up-to-date and why is 'pkg audit -F' not updating? I think at least > six entries are missing. > > $ ls -l /var/db/pkg/vuln.xml > -r--r--r-- 1 root wheel 7146577 Jun 13 03:56 /var/db/pkg/vuln.xml > > # pkg audit -F > vulnxml file up-to-date > 0 problem(s) in 0 installed package(s) found. > > Building and validating security/vuxml works. I think this fix the issue: https://cgit.freebsd.org/ports/commit/?id=7395437ea1bc4a020112ce58f1225a3d4d0561f8 It seems that there are more restrictive rules applied when building theoe files. I'll see what we can do for reporting when there is failure. Best, Li-Wen