Created attachment 155001 [details]
adding CPE information to Makefile
devel/maven3 has had vulnerabilities with a CPE identifier assigned (e.g. CVE-2013-0253). This patch adds CPE information as suggested in the FreeBSD wiki.
Thank you for your patch, it actually makes sense to have this. However, as explained in bug 188110, there are currently plans to deprecate all maven ports and just keep 3.3 since backwards compatibility is pretty good.
I do however think your changes are very useful, so we should definitely look into incorporating those. I'll update the other bug.
A commit references this bug:
Date: Mon Apr 13 19:26:10 UTC 2015
New revision: 383957
- Add CPE information
Submitted by: shun <email@example.com>
Approved by: portmgr (blanket)