Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 13 Nov 2013 14:07:04 +0000 (UTC)
From:      Remko Lodder <remko@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r333686 - head/security/vuxml
Message-ID:  <201311131407.rADE74ES052136@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: remko (src,doc committer)
Date: Wed Nov 13 14:07:04 2013
New Revision: 333686
URL: http://svnweb.freebsd.org/changeset/ports/333686

Log:
  Fix the OpenSSH entry, a version entry should be marked
  on a per rule basis, and not on it's own lines, because
  that would bogusly match other versions then intended.
  
  When in doubt, please let me review your changes!!
  
  hat:	secteam

Modified:
  head/security/vuxml/vuln.xml

Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml	Wed Nov 13 13:50:11 2013	(r333685)
+++ head/security/vuxml/vuln.xml	Wed Nov 13 14:07:04 2013	(r333686)
@@ -147,18 +147,16 @@ Note:  Please add new entries to the beg
     <affects>
       <package>
 	<name>openssh-portable</name>
-	<range><lt>6.4.p1,1</lt></range>
-	<range><ge>6.2.p2,1</ge></range>
+	<range><ge>6.2.p2,1</ge><lt>6.4.p1,1</lt></range>
       </package>
       <package>
 	<name>openssh-portable-base</name>
-	<range><lt>6.4.p1,1</lt></range>
-	<range><ge>6.2.p2,1</ge></range>
+	<range><ge>6.2.p2,1</ge><lt>6.4.p1,1</lt></range>
       </package>
     </affects>
     <description>
       <body xmlns="http://www.w3.org/1999/xhtml">;
-	<p>OpenSSH development team reports:</p>
+	<p>The OpenSSH development team reports:</p>
 	<blockquote cite="http://www.openssh.com/txt/gcmrekey.adv">;
 	  <p>A memory corruption vulnerability exists in the post-
 	    authentication sshd process when an AES-GCM cipher
@@ -184,7 +182,7 @@ Note:  Please add new entries to the beg
     <dates>
       <discovery>2013-11-07</discovery>
       <entry>2013-11-08</entry>
-      <modified>2013-11-11</modified>
+      <modified>2013-11-13</modified>
     </dates>
   </vuln>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201311131407.rADE74ES052136>