D29219.id85570.diff
No OneTemporary
Actions

Size

1 KB

Referenced Files

None

Subscribers

None

D29219.id85570.diff
View Options

	diff --git a/documentation/content/en/books/porters-handbook/security/chapter.adoc b/documentation/content/en/books/porters-handbook/security/chapter.adoc
	--- a/documentation/content/en/books/porters-handbook/security/chapter.adoc
	+++ b/documentation/content/en/books/porters-handbook/security/chapter.adoc
	@@ -198,6 +198,14 @@
	% make validate
	....

	+The previous command generates the [.filename]#vuln-flat.xml# file. It can also
	+be generated with:
	+
	+[source,bash]
	+....
	+% make vuln-flat.xml
	+....
	+
	[NOTE]
	====
	At least one of these packages needs to be installed: package:textproc/libxml2[], package:textproc/jade[].
	@@ -207,7 +215,7 @@

	[source,bash]
	....
	-% pkg audit -f ${PORTSDIR}/security/vuxml/vuln.xml dropbear-2013.58
	+% pkg audit -f ${PORTSDIR}/security/vuxml/vuln-flat.xml dropbear-2013.58
	....

	Make sure that the entry produces no spurious matches in the output.
	@@ -216,7 +224,7 @@

	[source,bash]
	....
	-% pkg audit -f ${PORTSDIR}/security/vuxml/vuln.xml dropbear-2013.58 dropbear-2013.59
	+% pkg audit -f ${PORTSDIR}/security/vuxml/vuln-flat.xml dropbear-2013.58 dropbear-2013.59
	dropbear-2012.58 is vulnerable:
	dropbear -- exposure of sensitive information, DoS
	CVE: CVE-2013-4434