svn commit: r364460 - head/www/nginx

Sergey A. Osokin osa at FreeBSD.org
Sun Aug 10 03:08:51 UTC 2014


Hi Rene,

On Sun, Aug 10, 2014 at 02:14:31AM +0200, Renц╘ Ladan wrote:
> On 09-08-2014 20:36, Sergey A. Osokin wrote:
> > Author: osa
> > Date: Sat Aug  9 18:36:56 2014
> > New Revision: 364460
> > URL: http://svnweb.freebsd.org/changeset/ports/364460
> > QAT: https://qat.redports.org/buildarchive/r364460/
> >
> > Log:
> >   Update from 1.6.0 to 1.6.1.
> >   
> >   <ChangeLog>
> >   
> >   *) Security: pipelined commands were not discarded after STARTTLS
> >      command in SMTP proxy (CVE-2014-3556); the bug had appeared in 1.5.6.
> >      Thanks to Chris Boulton.
> The vuxml file says < 1.6.4,2 is vulnerable, I assume that is a typo?

Yes, the issue has been fixed.

> Also, can you add CPE information to the Makefile (see
> https://wiki.freebsd.org/Ports/CPE ) ?

Will do.

-- 
Sergey A. Osokin
osa at FreeBSD.org


More information about the svn-ports-head mailing list