From owner-freebsd-questions@FreeBSD.ORG  Sun May 10 08:11:40 2015
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 99AC3B1B
 for <freebsd-questions@freebsd.org>; Sun, 10 May 2015 08:11:40 +0000 (UTC)
Received: from vps.markoturk.info (vps.markoturk.info [95.154.208.14])
 by mx1.freebsd.org (Postfix) with ESMTP id 65C3E1EEB
 for <freebsd-questions@freebsd.org>; Sun, 10 May 2015 08:11:39 +0000 (UTC)
Received: by vps.markoturk.info (Postfix, from userid 1001)
 id 9F22E273A2; Sun, 10 May 2015 10:01:30 +0200 (CEST)
Date: Sun, 10 May 2015 10:01:30 +0200
From: Marko Turk <markoml@markoturk.info>
To: freebsd-questions@freebsd.org
Subject: Postfix vulnarebility wrongly reported by pkg audit?
Message-ID: <20150510080130.GC2534@vps.markoturk.info>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature"; boundary="c3bfwLpm8qysLVxt"
Content-Disposition: inline
User-Agent: Mutt/1.5.23 (2014-03-12)
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 10 May 2015 08:11:40 -0000


--c3bfwLpm8qysLVxt
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi,

today my postfix-2.11.4,1 was marked as vulnerable by the pkg audit
tool. But, when I go to the web pages the tool outputs it says that my
version of postfix is not vulnerable (and that this vulnerabilities are
=66rom 2011).

Is my version also vulnerable or is there an issue with version check?

BR,
Marko

--c3bfwLpm8qysLVxt
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJVTxBaAAoJEDcRe7P/w1sjb4wQAOIsf3cb22q9iHPSnRvgkyWd
N9b/W7HsYTQ5KEnOyVGT2EItpaaUT41sNZitIunG/uPB/fUqWg8hUiKvhlDVwKfz
Xd9n0oczLSsjcDgmG0AGRsNjaoGLpQX64dhn1jPG/iJcH2CfBqZ+tUtPrwoUYhgR
6dnio8b04rFUSYZTxJylY9rjNhrYz6ZYRzobOJs25oH89OA61xWw4+WLy5LEpqMT
ENjWlVhmf1hCbCotp03HNT5Ckaxuduz21j5Lmu+bPxZhsTbB+O4jjbUNPpWfRrHz
8pwaQTd+atO/v1PLZ765JKv9aktYgTk8eWxTvUOFrqJaTZuGflo6P0lYFD0dqV1X
m8V9nTKBSYCUZkdeXVVeQl/HpnD6Hk5XET6dec1L/WjsVnFM8IopBm7EXW1PMtRR
Wn1bs44OxU5PZE1T4jBCxQOt7TOq30sriPVnce0Fgk9gyrOcIKjMNUe2SftAxaIH
6Rcrcv6H9hgZXARUBkaoEFL4T9Pa2kFVgOTFbGMkvJTjbmVH9APT8I1E4N7ugfoq
TJwuZVRr+RbzStJLQH3AHLKrTPKx0xFtTgDaoS7Xa7S9f2hnZ/0reGHD9u/qs6CD
bF5NX7h72VZwkWhkyZXchiF5c4N2jfm+rdd3s35HPQpw5sBFZsLO22/WRpsfzwvx
Vx9gANvwbVrHo2i+S0Rw
=+Ey7
-----END PGP SIGNATURE-----

--c3bfwLpm8qysLVxt--