On Sun, Jul 8, 2012 at 12:00 PM, Eitan Adler <ead...@freebsd.org> wrote: > eadler 2012-07-08 19:00:08 UTC > > FreeBSD ports repository > > Modified files: > security/vuxml vuln.xml > Log: > openx reported a new security issue but does not provide any details: > inform users of this.
I don't think it's right to assign same identifier to different issues. For 2.8.9 I think it was: http://www.infosecstuff.com/openx-releases-patch-for-csrf-vulnerability/ And for 2.8.8 it was: http://secunia.com/advisories/48275/ It seems that OpenX does not release any information about the vulnerability which is a bad practice in my opinion by the way. Cheers, -- Xin LI <delp...@delphij.net> https://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscr...@freebsd.org"