On 4 Sep 2011, at 22:44, Chris Rees wrote: > On 4 September 2011 21:15, Chris Rees <[email protected]> wrote: >> crees 2011-09-04 20:15:52 UTC >> >> FreeBSD ports repository >> >> Modified files: >> security/vuxml vuln.xml >> Log: >> - Document cfs buffer overflow vulnerability. >> - While here, unbreak packaudit -- it doesn't like newlines in the >> middle of tags. Perhaps a comment should say something? > > Actually, that's a bad long-term solution. The real solution would be > to fix portaudit's XML parser. > > secteam, would you like me to have a go at it, or shall I let you > investigate since you know the code?
I would happily accept patches (if they work and don't break things! :-) ). It's so long ago that I looked at the build code (packaudit) so I can't recall how ugly that is. I just remember portaudit's embedded awk in sh makes me want to run away :-). Portaudit and packaudit haven't really been touched in any significant way since eik@ left the project. - Simon L. B. Nielsen Hat: FreeBSD Deputy Security Officer _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "[email protected]"
