Date: Fri, 21 Jul 2017 08:38:37 +0200 From: Romain =?iso-8859-1?Q?Tarti=E8re?= <romain@FreeBSD.org> To: Olivier Cochard <olivier@FreeBSD.org> Cc: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: Re: svn commit: r446192 - head/security/vuxml Message-ID: <20170721063837.GA36578@blogreen.org> In-Reply-To: <201707191013.v6JADkT9068240@repo.freebsd.org> References: <201707191013.v6JADkT9068240@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--cWoXeonUoKmBZSoM Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello On Wed, Jul 19, 2017 at 10:13:45AM +0000, Olivier Cochard wrote: > Log: > Document vulnerability in collectd5 > =20 > Modified: head/security/vuxml/vuln.xml > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D > --- head/security/vuxml/vuln.xml Wed Jul 19 09:43:30 2017 (r446191) > +++ head/security/vuxml/vuln.xml Wed Jul 19 10:13:45 2017 (r446192) > @@ -58,6 +58,33 @@ Notes: > + <affects> > + <package> > + <name>collectd5</name> > + <range><eq>5.7.1</eq></range> > + </package> > + </affects> This excludes 5.7.1_1, 5.7.1_2 which do not fix the issue. Quickly looking at the code on GitHub, I don't think this is a regression in 5.7.1. Doesn't it makes sense to change the range to: <range> <lt>5.7.2</lt> </range> --=20 Romain Tarti=E8re <romain@FreeBSD.org> http://people.FreeBSD.org/~romain/ pgp: 8234 9A78 E7C0 B807 0B59 80FF BA4D 1D95 5112 336F (ID: 0x5112336F) (plain text =3Dnon-HTML=3D PGP/GPG encrypted/signed e-mail much appreciated) --cWoXeonUoKmBZSoM Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQGzBAEBCAAdFiEEgjSaeOfAuAcLWYD/uk0dlVESM28FAllxoWoACgkQuk0dlVES M2+59AwAvbEIvk+HGUxi57AeJdJgFAahBsj7erlJlNDYApchmFFd50nOOvhX+xZq +moqJnWVn/tzLRtMOrWp2G4U2x/vjjLFHY2uyWMnp4vHDS3H0RHpUhS4RKUub8qV rh6LCZk8YeXVjcisU18tWHD5XxXfH/hm19ZCX7psEja0K/gh3KntNDBgYr8Lq3gO H3RqbOzh/RXxjpvmpI3hg3lqY5IvvZINHuIC1AGDlBLR+ze2BhzfhdRFRwpXKJQm fMdfZgvzDZaVAo7ZwaDPPI2MbzNaaktdFHiOf6xQhiayzg0xb5KLNlIyYDDvHrXM Km4Vu9Vn7lg3/ronSp4JSA5SLsruNLr8Tzol5YzURpQdN/1PqbEi2vIaeMdZ48n7 +F0W8TDKxwNa7EW8WybO7c/upm0a9oDPOmNUNcScs3Zxqqjq3h9QVbbrDcjAfgpz 9x6cwZty7z1WkIFXmviqVKt1Z6hQ+QNMRvceOZMKTvqoKq/zjqJ3wCD0xAw7e1wU OtkUXAwc =qo/c -----END PGP SIGNATURE----- --cWoXeonUoKmBZSoM--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20170721063837.GA36578>