Created attachment 178645 [details] adding CPE information to Makefile www/h2o has had vulnerabilities with a CPE identifier assigned (e.g. CVE-2016-4817). This patch adds CPE information as suggested in the FreeBSD wiki[0]. [0] https://wiki.freebsd.org/Ports/CPE
\o/ thanks! I am just preparing the 2.1.0 release for h2o so I will include your contribution into that directly, as its a very small patch. If that's acceptable please close this PR.
BTW cpe database seems a bit out of date - https://web.nvd.nist.gov/view/cpe/search/results?keyword=h2o&status=FINAL&orderBy=CPEURI&namingFormat=2.3 so I hope this doesn't confuse people. I have tried to keep security/vuxml 100% complete so that should be found in `pkg audit` and friends.
thanks shun@ I added PR#217088 which has your cpe patch in it. If you want your patch credit details in that PR amended, please comment over there. I think we can close this PR now.
*** This bug has been marked as a duplicate of bug 217088 ***