svn commit: r364460 - head/www/nginx
Sergey A. Osokin
osa at FreeBSD.org
Sun Aug 10 03:08:51 UTC 2014
Hi Rene,
On Sun, Aug 10, 2014 at 02:14:31AM +0200, Renц╘ Ladan wrote:
> On 09-08-2014 20:36, Sergey A. Osokin wrote:
> > Author: osa
> > Date: Sat Aug 9 18:36:56 2014
> > New Revision: 364460
> > URL: http://svnweb.freebsd.org/changeset/ports/364460
> > QAT: https://qat.redports.org/buildarchive/r364460/
> >
> > Log:
> > Update from 1.6.0 to 1.6.1.
> >
> > <ChangeLog>
> >
> > *) Security: pipelined commands were not discarded after STARTTLS
> > command in SMTP proxy (CVE-2014-3556); the bug had appeared in 1.5.6.
> > Thanks to Chris Boulton.
> The vuxml file says < 1.6.4,2 is vulnerable, I assume that is a typo?
Yes, the issue has been fixed.
> Also, can you add CPE information to the Makefile (see
> https://wiki.freebsd.org/Ports/CPE ) ?
Will do.
--
Sergey A. Osokin
osa at FreeBSD.org
More information about the svn-ports-head
mailing list