Page MenuHomeFreeBSD

VuXML entry for gitlab
ClosedPublic

Authored by mfechner on Mar 27 2018, 4:51 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Oct 13, 1:48 PM
Unknown Object (File)
Tue, Oct 7, 1:06 AM
Unknown Object (File)
Sun, Sep 28, 12:22 AM
Unknown Object (File)
Fri, Sep 19, 12:59 AM
Unknown Object (File)
Tue, Sep 16, 7:39 AM
Unknown Object (File)
Sep 9 2025, 2:08 PM
Unknown Object (File)
Aug 29 2025, 7:37 AM
Unknown Object (File)
Aug 23 2025, 7:57 AM
Subscribers

Details

Summary

Entry was created as described in security/vuxml vuln.xml.
As it is my first commit into this file, could you please review it carefully?

I hope it is ok that I added ports-secteam to reviews.

Commit message:
Document gitlab vulnerability

Test Plan

Following command where executed:
make validate
make VID=dc0c201c-31da-11e8-ac53-d8cb8abf62dd html

Tests where done to make sure to match correct version like:
pkg audit -f ./vuln.xml gitlab-10.4.4

Diff Detail

Repository
rP FreeBSD ports repository
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

tz requested changes to this revision.Mar 28 2018, 8:16 AM
tz added inline comments.
security/vuxml/vuln.xml
82

Please add an block:
<cvename>CVE-2018-8801</cvename>

This revision now requires changes to proceed.Mar 28 2018, 8:16 AM
tz added a subscriber: remko.

Approved after the requested change

security/vuxml/vuln.xml
76

The Review Tool lost my second comment: Please convert this one single line into multiple lines with an maximum length of 80 chars. Otherwise @remko will ask you to perform this change ;)

It makes the reading in various editors much easier while it does not change anything else in the process.

This revision is now accepted and ready to land.Mar 28 2018, 12:48 PM

Thanks, I will commit it with the requested change, even if make validate now complains with:
... see above
Consider using /usr/home/idefix/svn/ports/security/vuxml/vuln.xml.unexpanded for final commit

which wants everything in one line...

In D14870#312892, @idefix_fechner.net wrote:

Thanks, I will commit it with the requested change, even if make validate now complains with:
... see above
Consider using /usr/home/idefix/svn/ports/security/vuxml/vuln.xml.unexpanded for final commit

which wants everything in one line...

This isn't right. It should work with multiple lines just fine. Mh.