Date: Sun, 6 Nov 2016 13:34:17 +0000 (UTC) From: Tijl Coosemans <tijl@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r425491 - head/security/vuxml Message-ID: <201611061334.uA6DYHgF071073@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: tijl Date: Sun Nov 6 13:34:17 2016 New Revision: 425491 URL: https://svnweb.freebsd.org/changeset/ports/425491 Log: Undocument linux-*-expat vulnerabilities. linux-*-expat is only used by linux-*-fontconfig to read configuration files written in XML and by dbus-binding-tool(1) from linux-*-dbus-glib, a development tool that generates C code from an Introspection XML file to expose a GObject via D-Bus. These vulnerabilities are therefore not believed to be exploitable on FreeBSD and only cause annoying warnings and prevent installation of linux-*-expat. It also does not look like Red Hat will provide fixes for these any time soon. PR: 210155 Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Sun Nov 6 13:27:16 2016 (r425490) +++ head/security/vuxml/vuln.xml Sun Nov 6 13:34:17 2016 (r425491) @@ -8688,11 +8688,6 @@ and CVE-2013-0155.</p> <name>expat</name> <range><lt>2.1.1_1</lt></range> </package> - <package> - <name>linux-c6-expat</name> - <name>linux-f10-expat</name> - <range><ge>0</ge></range> - </package> </affects> <description> <body xmlns="http://www.w3.org/1999/xhtml">; @@ -8716,6 +8711,7 @@ and CVE-2013-0155.</p> <dates> <discovery>2016-03-18</discovery> <entry>2016-06-09</entry> + <modified>2016-11-06</modified> </dates> </vuln> @@ -9579,14 +9575,6 @@ and CVE-2013-0155.</p> <name>expat</name> <range><lt>2.1.1</lt></range> </package> - <package> - <name>linux-c6-expat</name> - <range><lt>2.1.1</lt></range> - </package> - <package> - <name>linux-f10-expat</name> - <range><lt>2.1.1</lt></range> - </package> </affects> <description> <body xmlns="http://www.w3.org/1999/xhtml">; @@ -9609,7 +9597,7 @@ and CVE-2013-0155.</p> <dates> <discovery>2016-05-17</discovery> <entry>2016-05-20</entry> - <modified>2016-06-05</modified> + <modified>2016-11-06</modified> </dates> </vuln>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201611061334.uA6DYHgF071073>