pkg/41917: pull-up to 2009Q2 for security/gnutls?

To: pkg-manager%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,pkgsrc-bugs%netbsd.org@localhost
Subject: pkg/41917: pull-up to 2009Q2 for security/gnutls?
From: "Mark E. Perkins" <perkinsm%bway.net@localhost>
Date: Sat, 22 Aug 2009 10:00:00 +0000 (UTC)

>Number:         41917
>Category:       pkg
>Synopsis:       pull-up to 2009Q2 for security/gnutls?
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Aug 22 10:00:00 +0000 2009
>Originator:     Mark E. Perkins
>Release:        Darwin 8.11.0 Power Macintosh
>Organization:
>Environment:


System: Darwin crow.fringe.mep 8.11.0 Darwin Kernel Version 8.11.0: Wed Oct 10 
18:26:00 PDT 2007; root:xnu-792.24.17~1/RELEASE_PPC Power Macintosh


>Description:


I'm using pkgsrc-2009Q2, and audit-packages has been warning about gnutls since 
about 2009-08-13:

Package gnutls-2.8.0 has a ssl-cert-spoofing vulnerability, see 
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2730

gnutls in HEAD was updated a week ago, but AFAICT, the update has not been 
pulled up to 2009Q2.

Can someone take care of that?


>How-To-Repeat:


N/A


>Fix:

Prev by Date: Re: pkg/32163 (pkg_create: @src does not override @cwd as advertised)
Next by Date: PR/31095 CVS commit: src/usr.bin/sort
Previous by Thread: Re: pkg/32163 (pkg_create: @src does not override @cwd as advertised)
Next by Thread: PR/31095 CVS commit: src/usr.bin/sort
Indexes:

Home | Main Index | Thread Index | Old Index