Date: Tue, 2 Jul 2024 09:44:58 -0700 From: Craig Leres <leres@freebsd.org> To: Bryan Drewery <bdrewery@FreeBSD.org>, ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: Re: git: b4f09ace0fb2 - main - security/vuxml: Fix range for OpenSSH vuln. Message-ID: <9275bc57-cbc5-423f-aa69-6876cc7671ff@freebsd.org> In-Reply-To: <202407021613.462GDtC2009246@gitrepo.freebsd.org> References: <202407021613.462GDtC2009246@gitrepo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 7/2/24 09:13, Bryan Drewery wrote: > The branch main has been updated by bdrewery: > > URL: https://cgit.FreeBSD.org/ports/commit/?id=b4f09ace0fb2a43504a5d63501ddf3503a67da76 > > commit b4f09ace0fb2a43504a5d63501ddf3503a67da76 > Author: Bryan Drewery <bdrewery@FreeBSD.org> > AuthorDate: 2024-07-02 16:13:40 +0000 > Commit: Bryan Drewery <bdrewery@FreeBSD.org> > CommitDate: 2024-07-02 16:13:51 +0000 > > security/vuxml: Fix range for OpenSSH vuln. > > Security: f1a00122-3797-11ef-b611-84a93843eb75 > --- > security/vuxml/vuln/2024.xml | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/security/vuxml/vuln/2024.xml b/security/vuxml/vuln/2024.xml > index cb0b4fc0ffb3..373d4938fd97 100644 > --- a/security/vuxml/vuln/2024.xml > +++ b/security/vuxml/vuln/2024.xml > @@ -73,7 +73,7 @@ > <affects> > <package> > <name>openssh-portable</name> > - <range><lt>9.7_1,1</lt></range> > + <range><lt>9.7_2,1</lt></range> > </package> > </affects> > <description> I believe this is still wrong, it should be 9.7.p1_2,1 (my systems still report as vulnerable after updating). Craig fun 52 # pkg info | fgrep openssh openssh-portable-9.7.p1_2,1 The portable version of OpenBSD's OpenSSH fun 53 # pkg audit -qF -f /var/db/pkg/vuln.xml openssh-portable-9.7.p1_2,1
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9275bc57-cbc5-423f-aa69-6876cc7671ff>