From snb@smtp.earth.threerings.net  Wed Jan 30 21:30:08 2008
Return-Path: <snb@smtp.earth.threerings.net>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 765C516A46D
	for <FreeBSD-gnats-submit@freebsd.org>; Wed, 30 Jan 2008 21:30:08 +0000 (UTC)
	(envelope-from snb@smtp.earth.threerings.net)
Received: from smtp.earth.threerings.net (smtp1.earth.threerings.net [64.127.109.108])
	by mx1.freebsd.org (Postfix) with ESMTP id 6EC7313C4E1
	for <FreeBSD-gnats-submit@freebsd.org>; Wed, 30 Jan 2008 21:30:08 +0000 (UTC)
	(envelope-from snb@smtp.earth.threerings.net)
Received: by smtp.earth.threerings.net (Postfix, from userid 10038)
	id E8C2961DAF; Wed, 30 Jan 2008 13:30:07 -0800 (PST)
Message-Id: <20080130213007.E8C2961DAF@smtp.earth.threerings.net>
Date: Wed, 30 Jan 2008 13:30:07 -0800 (PST)
From: Nick Barkas <snb@threerings.net>
Reply-To: Nick Barkas <snb@threerings.net>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: [patch] security/vuxml add info about jetty 6.1.5, 6.1.6 vulnerability
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         120171
>Category:       ports
>Synopsis:       [patch] security/vuxml add info about jetty 6.1.5, 6.1.6 vulnerability
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    miwi
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Wed Jan 30 21:40:01 UTC 2008
>Closed-Date:    Mon Feb 04 07:59:17 UTC 2008
>Last-Modified:  Mon Feb  4 08:00:05 UTC 2008
>Originator:     Nick Barkas
>Release:        FreeBSD 6.2-RELEASE-p4 i386
>Organization:
Three Rings Design, Inc.
>Environment:
System: FreeBSD mail1.earth.threerings.net 6.2-RELEASE-p4 FreeBSD 6.2-RELEASE-p4 #0: Thu Apr 26 17:55:55 UTC 2007 root@i386-builder.daemonology.net:/usr/obj/usr/src/sys/SMP i386
>Description:
Patch to add an entry in VuXML for multiple / vulnerability affecting Jetty
6.1.5 and 6.1.6, as well as OpenFire 3.4.3.
>How-To-Repeat:
>Fix:
--- jetty.patch begins here ---
diff -urN jetty.orig/Makefile jetty/Makefile
--- jetty.orig/Makefile	Tue Dec 11 00:55:06 2007
+++ jetty/Makefile	Wed Jan 30 12:05:24 2008
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	jetty
-DISTVERSION=	6.1.6
+DISTVERSION=	6.1.7
 CATEGORIES=	www java
 MASTER_SITES=	http://dist.codehaus.org/jetty/${PKGNAME}/
 
diff -urN jetty.orig/distinfo jetty/distinfo
--- jetty.orig/distinfo	Tue Dec 11 00:55:06 2007
+++ jetty/distinfo	Wed Jan 30 12:35:06 2008
@@ -1,3 +1,3 @@
-MD5 (jetty-6.1.6.zip) = e2260bb4e830a229988aac3fd7b831e4
-SHA256 (jetty-6.1.6.zip) = d473499649426d3de41bf7888e58f459a23a69ae69b1795493f10729cf8a5d7a
-SIZE (jetty-6.1.6.zip) = 21848601
+MD5 (jetty-6.1.7.zip) = 22b79a589bce55bc05f14fc974a24adf
+SHA256 (jetty-6.1.7.zip) = ced7d2ba8d7e818ccbcc711586f0f1c84abc7faeb8d219962a126d9399df5f23
+SIZE (jetty-6.1.7.zip) = 23911150
--- jetty.patch ends here ---


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->secteam 
Responsible-Changed-By: edwin 
Responsible-Changed-When: Wed Jan 30 21:40:09 UTC 2008 
Responsible-Changed-Why:  
Over to maintainer (via the GNATS Auto Assign Tool) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=120171 
Responsible-Changed-From-To: secteam->miwi 
Responsible-Changed-By: miwi 
Responsible-Changed-When: Wed Jan 30 21:50:02 UTC 2008 
Responsible-Changed-Why:  
I'll take it. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=120171 
State-Changed-From-To: open->closed 
State-Changed-By: miwi 
State-Changed-When: Mon Feb 4 07:59:16 UTC 2008 
State-Changed-Why:  
Committed, with minor changes. Thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=120171 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/120171: commit references a PR
Date: Mon,  4 Feb 2008 07:59:01 +0000 (UTC)

 miwi        2008-02-04 07:58:54 UTC
 
   FreeBSD ports repository
 
   Modified files:
     security/vuxml       vuln.xml 
   Log:
   - Document jetty -- multiple vulnerability
   
   PR:             120171
   Submitted by:   Nick Barkas <snb@threerings.net>
   
   Revision  Changes    Path
   1.1553    +29 -1     ports/security/vuxml/vuln.xml
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/120171: commit references a PR
Date: Mon,  4 Feb 2008 07:59:50 +0000 (UTC)

 miwi        2008-02-04 07:59:45 UTC
 
   FreeBSD ports repository
 
   Modified files:
     www/jetty            Makefile distinfo 
   Log:
   - Update to 6.1.7
   
   PR:             120171
   Submitted by:   Nick Barkas <snb@threerings.net>
   Approved by:    maintainer
   
   Revision  Changes    Path
   1.20      +1 -1      ports/www/jetty/Makefile
   1.16      +3 -3      ports/www/jetty/distinfo
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
>Unformatted:
