-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 I'm hoping I didn't screw this up, since I couldn't figure out how to get 'packaudit' to actually generate an auditfile based on my update ... although it did create correct-looking files in ~/public_html/portaudit. I tried 'packaudit' on its own, and 'VUXMLDIR=$PWD packaudit'. The latter worked for public_html, but the resulting auditfile contained no entries for BIND at all, not even old ones. The documentation at http://www.freebsd.org/doc/en/books/porters-handbook/security-notify.html seems to be missing some steps, has some awkward passages, and some of the markup is wrong if anyone is interested in taking that up as a project. I did run 'make validate' and got a result of "successful" although there are a lot of errors generated by both 'make validate' and packaudit. This was very disconcerting for a first-timer like me, especially considering that it doesn't exactly go out of its way to tell you where the errors are. So if I did break something, please feel free to bust out the LART, and or jump in and fix it for me. This is a pretty important update so I wanted to get the word out ASAP. Doug On 07/05/2011 16:39, Doug Barton wrote: | dougb 2011-07-05 23:39:46 UTC | | FreeBSD ports repository | | Modified files: | security/vuxml vuln.xml | Log: | Document BIND vulnerabilities for ports. This was inspired by the PR, | but re-formatted and edited by me, so responsibility for errors is mine. | | PR: ports/158672 http://www.FreeBSD.org/cgi/query-pr.cgi?pr=158672 | Submitted by: Ryan Steinmetz<rpsfa@rit.edu> | | Revision Changes Path | 1.2397 +67 -1 ports/security/vuxml/vuln.xml | | http://www.FreeBSD.org/cgi/cvsweb.cgi/ports/security/vuxml/vuln.xml.diff?&r1=1.2396&r2=1.2397&f=h | - -- Nothin' ever doesn't change, but nothin' changes much. -- OK Go Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (FreeBSD) iQEcBAEBCAAGBQJOE6KOAAoJEFzGhvEaGryEmj4H/jfDObHmvREUtGiuS5Mzrhhy 8N1WVEE9uOXUuNkNjlbIxMPOa2wSctXab+C6XoaiwWTU1gpN4M4OE+TKJX1rd8WF c7ijTK4h7YwET547ygva2HwAbS54g8xi0Tkj7q5bkxoOJXnKDSfuYJCErfyWZs1x wiRqgnF2cBuKOFWaLtrBDN1ThCBp3cS4eGhxoG/Kh3OLBjhOzaotWHDu89pu4txX iMeASCRT6zI11pXboxafHvUOsC8GPzm7qOu+M25RPR3dN7pXTryIZZ2aNt8sTwmQ ETDmlOK+TXGbb+C9R8eQwASAF/P26rlGoRfGn+qOOgAWnlvyUhVCriz/K967Zsc=wi5z -----END PGP SIGNATURE-----