I will submit a PR for the WebCalendar port shortly, but I wanted to get this VuXML database entry in place first. NOTE: I ran "make validate" on the old vuln.xml and my modified version. Both times, I received thousands of warnings like this: /usr/ports/security/vuxml/vuln.xml:XXXX: element p: validity error : Value for attribute xmlns of p must be "http://www.w3.org/1999/xhtml" If I need to update something on my system to remove these warnings, please let me know. Port maintainer (secteam@FreeBSD.org) is cc'd. Generated with FreeBSD Port Tools 0.77
Responsible Changed From-To: freebsd-ports-bugs->secteam Over to maintainer
Responsible Changed From-To: secteam->stefan Grab. (OK'd by: simon)
stefan 2007-04-08 14:36:53 UTC FreeBSD ports repository Modified files: security/vuxml vuln.xml Log: Add entry for webcalendar "noSet" variable overwrite vulnerability. PR: 110585 Submitted by: Greg Larkin <glarkin@sourcehosting.net> Revision Changes Path 1.1306 +36 -1 ports/security/vuxml/vuln.xml _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed Entry added to vuln.xml, thanks! A couple of notes: - You have to install the vuxml port first for 'make validate' to work. - I have removed the 'mlist' element from the entry since it seemed to point at a junk mail message.