Created attachment 165206 [details] update to 2015.71, change email Patch is attached.
Maintainer informed via mail
@Piotr, MAINTAINER line in ports and Bugzilla account email need to match in order to count as a maintainer report, or maintainer approval
At least until this change is committed :)
I don't really feel like changing my email on Bugzilla back to pkubaj@riseup.net. Can I just send email from pkubaj@riseup.net to koobs@FreeBSD.org, or e.g. freebsd-ports list, stating that I'm changing my email address?
(In reply to Piotr Kubaj from comment #4) The latter is fine Piotr, at least then I can link to it. However, email is trivially forgeable and if you were a malicious actor, I'm sure the real maintainer would be quite upset ;)
(In reply to Kubilay Kocak from comment #5) Actually, it's not that simple to forge, when you use SPF and DKIM. I've sent an email to freebsd-ports and you are CC'd.
Comment on attachment 165206 [details] update to 2015.71, change email See mailing list URL for verification
Just in case anyone wants to make sure I am I :) https://lists.freebsd.org/pipermail/freebsd-ports/2016-January/101561.html
(In reply to Piotr Kubaj from comment #6) Just a quick comment to this. SPF and DKIM mean nothing in this case because the spoof is not in sending mail from unallowed IP, but approving a change from a random e-mail address. Eg. anyone can register a bugzilla account as pkubaj@somedomainundertheircontrol.com and say here, change the email addr to this. :) Hope this helps.
(In reply to Vladimir Krstulja from comment #9) That's right and that's why I sent the linked email from my current maintainer address.
A commit references this bug: Author: miwi Date: Sat Jan 9 09:07:27 UTC 2016 New revision: 405616 URL: https://svnweb.freebsd.org/changeset/ports/405616 Log: - Update to 2015.71 - Update maintainer mail PR: 206000 Submitted by: maintainer Changes: head/security/dropbear/Makefile head/security/dropbear/distinfo