Date: Thu, 4 May 2023 19:56:02 +0200 From: Miroslav Lachman <000.fbsd@quip.cz> To: FreeBSD-security@freebsd.org Subject: vulnerablities in base unreported in VuXML Message-ID: <08443176-fdef-ee00-ed7e-6d90d2b241f7@quip.cz>
next in thread | raw e-mail | index | archive | help
As was noted on FreeBSD forum [1], there is problem with missing SA entries in VuXML (again). The last entry is from 2022-08-31 for zlip heap buffer overflow [2] 5 SA entries are missing. Can somebody from Securitu Officers take a look on it and publish missing entries? And fix the SA release process for all future SAs so we do not miss any again? Periodic 405.pkg-base-audit from pkg is usless without up to date VuXML. [1] https://forums.freebsd.org/threads/pkg-audit-vuln-xml-no-more-updates-for-base-system-and-kernel.71239/#post-609407 [2] https://www.vuxml.org/freebsd/pkg-FreeBSD.html Kind regards Miroslav Lachman
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?08443176-fdef-ee00-ed7e-6d90d2b241f7>