On 2006.10.05 16:30:52 +0000, Andrew Pantyukhin wrote: > sat 2006-10-05 16:30:52 UTC > > FreeBSD ports repository > > Modified files: > security/vuxml vuln.xml > Log: > - Document buffer overflow vulnerabilities in tin > > Revision Changes Path > 1.1172 +32 -1 ports/security/vuxml/vuln.xml > http://cvsweb.FreeBSD.org/ports/security/vuxml/vuln.xml.diff?r1=1.1171&r2=1.1172 [...] > | + <vuln vid="19a92df1-548d-11db-8f1a-000a48049292"> > | + <topic>tin -- buffer overflow vulnerabilities</topic> > | + <affects> > | + <package> > | + <name>tin</name> > | + <range><lt>1.8.2</lt></range> > | + </package> > | + </affects> > | + <description> > | + <body xmlns="http://www.w3.org/1999/xhtml";> > | + <blockquote > cite="ftp://ftp.tin.org/pub/news/clients/tin/stable/CHANGES";> > | + <p>Urs Janssen and Aleksey Salow report possible buffer > | + overflows in tin versions 1.8.0 and 1.8.1.</p> > | + </blockquote> > | + <blockquote > cite="http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.005-tin.html";> > | + <p>OpenPKG project elaborates there is an allocation > | + off-by-one bug in version 1.8.0 which can lead to a buffer > | + overflow.</p> > | + </blockquote>
Text should only be inside blockquotes if it is really direct quotes. If you written the text yourself you should just stick the references in the references section - you don't need to use explicit references in the body. See also earlier entries for how it has been done in the past (in particular in entries by nectar, remko or me). -- Simon L. Nielsen _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "[EMAIL PROTECTED]"
