svn commit: r364460 - head/www/nginx
Sergey A. Osokin
osa at FreeBSD.org
Sun Aug 10 03:28:30 UTC 2014
On Sun, Aug 10, 2014 at 03:08:51AM +0000, Sergey A. Osokin wrote:
> Hi Rene,
>
> On Sun, Aug 10, 2014 at 02:14:31AM +0200, Renц╘ Ladan wrote:
> > On 09-08-2014 20:36, Sergey A. Osokin wrote:
> > > Author: osa
> > > Date: Sat Aug 9 18:36:56 2014
> > > New Revision: 364460
> > > URL: http://svnweb.freebsd.org/changeset/ports/364460
> > > QAT: https://qat.redports.org/buildarchive/r364460/
> > >
> > > Log:
> > > Update from 1.6.0 to 1.6.1.
> > >
> > > <ChangeLog>
> > >
> > > *) Security: pipelined commands were not discarded after STARTTLS
> > > command in SMTP proxy (CVE-2014-3556); the bug had appeared in 1.5.6.
> > > Thanks to Chris Boulton.
> > The vuxml file says < 1.6.4,2 is vulnerable, I assume that is a typo?
>
> Yes, the issue has been fixed.
>
> > Also, can you add CPE information to the Makefile (see
> > https://wiki.freebsd.org/Ports/CPE ) ?
>
> Will do.
Done.
--
Sergey A. Osokin
osa at FreeBSD.org
More information about the svn-ports-head
mailing list