Maintainer of atheme-services, The upcoming 7.2.7 of atheme-services may have CVE's assigned to security issues found. Can you ensure the port gets updated when the update is release and documented in VuXML appropriately? http://www.openwall.com/lists/oss-security/2016/05/02/2
Assign to committer that resolved in https://svnweb.FreeBSD.org/changeset/ports/428616
A commit references this bug: Author: junovitch Date: Fri Dec 16 02:14:29 UTC 2016 New revision: 428640 URL: https://svnweb.freebsd.org/changeset/ports/428640 Log: Document two CVEs fixed in Atheme 7.2.7 PR: 209217 Security: CVE-2014-9773 Security: CVE-2016-4478 Security: https://vuxml.FreeBSD.org/freebsd/e47ab5db-c333-11e6-ae1b-002590263bf5.html Changes: head/security/vuxml/vuln.xml
Set maintainer-feedback+ based on the approved by in r428616. Drop the needs-* as that's not valid anymore. VuXML is done. Mikhail, Please set merge-quarterly+ after you have committed per my approval email and go ahead and close when you are done. Thanks!
A commit references this bug: Author: misha Date: Fri Dec 16 09:07:23 UTC 2016 New revision: 428662 URL: https://svnweb.freebsd.org/changeset/ports/428662 Log: MFH: r428616 - update from 7.2.6 to 7.2.7 - add LICENSE - add 'ssl', 'localbase' and 'cpe' to USES - simplify options handling PR: 209217 Approved by: ports-secteam (junovitch) Security: CVE-2014-9773 Security: CVE-2016-4478 Changes: _U branches/2016Q4/ branches/2016Q4/irc/atheme-services/Makefile branches/2016Q4/irc/atheme-services/distinfo branches/2016Q4/irc/atheme-services/pkg-plist