In D4783#101603, @junovitch wrote:

Excellent. Approved. Don't forget the PR and MFH metadata in particular as this is a security update.

PR:  205841
MFH:  2016Q1

It looks like XSA-163 and XSA-164 don't effect us. Do you need any assistance preparing a VuXML entry for the rest or would you like me to do that for you? If so I'll close the Bugzilla PR once the commit, MFH, and VuXML are all in place.

I have no idea about how to prepare a VuXML entry, would you mind helping? Also, can I go ahead and commit this, or the VuXML needs to be prepared before committing so a reference can be added to the commit message?

Thanks, Roger.

In D4783#101742, @royger wrote:

I have no idea about how to prepare a VuXML entry, would you mind helping? Also, can I go ahead and commit this, or the VuXML needs to be prepared before committing so a reference can be added to the commit message?

Thanks, Roger.

Sure. Please commit the update as is and I'll prepare the VuXML entry later on. Just take a look afterwards so you can learn.

Thanks again!

The MFH: 2016Q1 line here will trigger an automatic email to portmgr@FreeBSD.org and ports-secteam@FreeBSD.org. You should receive an approval to do the MFH commit using the command /usr/ports/Tools/scripts/mfh 2016Q1 405279 (it will be in the email).

Just put an approval entry in for the MFH commit based on who approved it. It would be this for someone with the portmgr hat (see https://wiki.freebsd.org/portmgr)

Approved by: portmgr (name)

Or if the approval comes from someone with the ports-secteam hat (see https://wiki.freebsd.org/ports-secteam)

Approved by: ports-secteam (name)

In D4783#101757, @junovitch wrote:

The MFH: 2016Q1 line here will trigger an automatic email to portmgr@FreeBSD.org and ports-secteam@FreeBSD.org. You should receive an approval to do the MFH commit using the command /usr/ports/Tools/scripts/mfh 2016Q1 405279 (it will be in the email).

Just put an approval entry in for the MFH commit based on who approved it. It would be this for someone with the portmgr hat (see https://wiki.freebsd.org/portmgr)

Approved by: portmgr (name)

Or if the approval comes from someone with the ports-secteam hat (see https://wiki.freebsd.org/ports-secteam)

Approved by: ports-secteam (name)

OK, I *think* I've managed to do it. Thanks!

In D4783#101834, @royger wrote:

OK, I *think* I've managed to do it. Thanks!

I'm not entirely sure what the commit message picked up some extra characters but it did commit the correct changes.

-n MFH:
-n  r405279

xen: fix XSAs

It should have automatically filled it out as this:

MFH: r405279

 xen: fix XSAs

Thanks!

In D4783#101917, @junovitch wrote:

In D4783#101834, @royger wrote:

OK, I *think* I've managed to do it. Thanks!

I'm not entirely sure what the commit message picked up some extra characters but it did commit the correct changes.

-n MFH:
-n  r405279

xen: fix XSAs

It should have automatically filled it out as this:

MFH: r405279

 xen: fix XSAs

I had a feeling it wasn't entirely right (the -n looked weird), but since the message was auto-generated by the mfh script I wasn't sure if this was some kind of nomenclature for mfh.