From 2eac38415551c89e282483817fb5ef1450ab9011 Mon Sep 17 00:00:00 2001
From: delphij <delphij@FreeBSD.org>
Date: Tue, 2 Jul 2013 07:43:02 +0000
Subject: Fix CVE-2013-2174 for ftp/curl with a patch from vendor for now so
 that users can build the port, per popular demands on mailing list.

The upgrade patch found in ports/172325 is currently under
exp-run.  The changes in this commit against ftp/curl can be
safely reverted before applying that patch, as it's shipped
with new curl release.

Approved by:	portmgr (miwi)
---
 security/vuxml/vuln.xml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'security')

diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 69526477b930..d109da19a03c 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -209,7 +209,7 @@ Note:  Please add new entries to the beginning of this file.
     <affects>
       <package>
 	<name>curl</name>
-	<range><ge>7.7</ge><lt>7.31.0</lt></range>
+	<range><ge>7.7</ge><lt>7.24.0_4</lt></range>
       </package>
     </affects>
     <description>
@@ -257,6 +257,7 @@ Note:  Please add new entries to the beginning of this file.
     <dates>
       <discovery>2013-06-22</discovery>
       <entry>2013-06-23</entry>
+      <modified>2013-07-01</modified>
     </dates>
   </vuln>
 
-- 
cgit