Anish, good day. Sun, Nov 23, 2008 at 02:46:26PM -0500, Anish Mistry wrote: > On Sunday 23 November 2008, Eygene Ryabinkin wrote: > > >Number: 129097 > > >Category: ports > > >Synopsis: [vuxml] print/hplip: document CVE-2008-2940 and > > > CVE-2008-2941 Confidential: no > > >Severity: serious > > >Priority: high > > >Responsible: freebsd-ports-bugs > > >State: open > > >Quarter: > > >Keywords: > > >Date-Required: > > >Class: sw-bug > > >Submitter-Id: current-users > > >Arrival-Date: Sun Nov 23 18:50:00 UTC 2008 > > >Closed-Date: > > >Last-Modified: > > >Originator: Eygene Ryabinkin > > >Release: FreeBSD 7.1-PRERELEASE i386 > > >Organization: > > Commit it.
That's fine, thanks. But yesterday I had sent a patch that fixes the
vulnerabilities for 2.8.2. What do you think about it? Could you test
the patch? The VuXML entry details depend on this: I wrote that
hplip >= 2.8.4 aren't vulnerable, but if you'll approve the patch that
upgrades to 2.8.2_3, then VuXML entry should be corrected.
Thanks again!
--
Eygene
_ ___ _.--. #
\`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard
/ ' ` , __.--' # to read the on-line manual
)/' _/ \ `-_, / # while single-stepping the kernel.
`-'" `"\_ ,_.-;_.-\_ ', fsc/as #
_.-'_./ {_.' ; / # -- FreeBSD Developers handbook
{_.-``-' {_/ #
pgpZmtZlcQBxJ.pgp
Description: PGP signature
