FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

I am looking for an LTO tape library. Do you have one to spare?
Commit found by message id
Mon, 15 Apr 2013
[ 12:28:58 bdrewery ] Original commit   Revision:315802
sieve-connect mail files touched by this commit  An older version of this port was marked as vulnerable. Command-line client for the MANAGESIEVE protocol
vuxml security files touched by this commit Vulnerability and eXposure Markup Language DTD
- Update to 0.85
- Convert to new options framework

sieve-connect was not actually verifying TLS certificate identities matched
the expected hostname. Changes with new version:

Fix TLS verification; find server by own hostname & SRV.

* TLS hostname verification was not actually happening.

* IO::Socket::SSL requirement bumped to 1.14 (was 0.97).

* By default, if no server specified, before falling back to localhost try to
use the current hostname and SRV records in DNS to figure out if Sieve is
available. Checks for sieve, imaps & imap protocol SRV records and honours
target==. to mean "no".

* This works better with the Mozilla::PublicSuffix module installed.

* Added ability to blacklist authentication mechanisms

More info:

http://mail.globnix.net/pipermail/sieve-connect-announce/2013/000005.html

PR:		ports/177859
Submitted by:	"Alexey V. Degtyarev" <alexey@renatasystems.org> (maintainer)
Approved by:	portmgr (implicit)
Security:	a2ff483f-a5c6-11e2-9601-000d601460a4

Number of ports [& non-ports] in this commit: 2

Showing files for just one port: security/vuxml

show all files

hide all files


1 file found
ActionRevisionLinksFile
modify 315802 View diff View revision /ports/head/security/vuxml/vuln.xml
Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
bugzilla40*Apr 18
bugzilla40*Apr 18
bugzilla42*Apr 18
bugzilla42*Apr 18
bugzilla44*Apr 18
bugzilla44*Apr 18
curlApr 11
dbus-glibApr 11
libaudiofileApr 11
linux-f10-curlApr 11
linux-f10-dbus-glibApr 11
linux-f10-libaudiofileApr 11
linux-f10-nas-libsApr 11
linux-f10-openldapApr 11
mingw32-openssl*Apr 11

13 vulnerabilities affecting 18 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds


Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 24365
Broken 174
Deprecated 86
Ignore 528
Forbidden 6
Restricted 263
No CDROM 108
Vulnerable 29
Expired 8
Set to expire 73
Interactive 22
new 24 hours 5
new 48 hours8
new 7 days19
new fortnight40
new month145


Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.