cvs commit: ports/security/vuxml vuln.xml
Xin LI
delphij at gmail.com
Sun Jul 8 19:27:49 UTC 2012
On Sun, Jul 8, 2012 at 12:00 PM, Eitan Adler <eadler at freebsd.org> wrote:
> eadler 2012-07-08 19:00:08 UTC
>
> FreeBSD ports repository
>
> Modified files:
> security/vuxml vuln.xml
> Log:
> openx reported a new security issue but does not provide any details: inform users of this.
I don't think it's right to assign same identifier to different
issues. For 2.8.9 I think it was:
http://www.infosecstuff.com/openx-releases-patch-for-csrf-vulnerability/
And for 2.8.8 it was:
http://secunia.com/advisories/48275/
It seems that OpenX does not release any information about the
vulnerability which is a bad practice in my opinion by the way.
Cheers,
--
Xin LI <delphij at delphij.net> https://www.delphij.net/
FreeBSD - The Power to Serve! Live free or die
More information about the cvs-all
mailing list