pkg audit / vuln.xml failures
Bryan Drewery
bdrewery at FreeBSD.org
Mon May 18 14:41:19 UTC 2015
On 5/17/2015 4:02 PM, Roger Marquis wrote:
> Does anyone know what's going on with vuln.xml updates? Over the last
> few weeks and months CVEs and application mailing lists have announced
> vulnerabilities for several ports that in some cases only showed up in
> vuln.xml after several days and in other cases are still not listed
> (despite email to the security team).
>
> Is there a URL outlining the policies and procedures of vuln.xml
> maintenance?
>
ports-secteam@ owns this file, not secteam at . The team needs more help.
Would you like to volunteer to submit vuxml updates? Many contributors,
and committers, feel the file is not easy to contribute to.
Regards,
Bryan Drewery
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-security/attachments/20150518/b5e4603f/attachment.sig>
More information about the freebsd-security
mailing list