Date: Fri, 29 Sep 2023 18:00:33 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 274159] security/krb5: 1.20 is not vulnerable to CVE-2023-39975 Message-ID: <bug-274159-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D274159 Bug ID: 274159 Summary: security/krb5: 1.20 is not vulnerable to CVE-2023-39975 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: cy@FreeBSD.org Reporter: wollman@FreeBSD.org Flags: maintainer-feedback?(cy@FreeBSD.org) Assignee: cy@FreeBSD.org `pkg audit` erroneously reports krb5-1.20.2 as vulnerable to CVE-2023-39975= but this applies only to 1.21 and higher. Fix: adjust VuXML entry a6986f0f-3ac0-11ee-9a88-206a8a720317 to exclude krb= 5 < 1.21. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-274159-7788>