Date: Wed, 5 Feb 2020 11:57:36 -0500 From: Dan McGrath <danmcgrath.ca@gmail.com> To: freebsd-ports@freebsd.org Subject: security/openssl: 1.1.1d in 2020Q1 still vulnerable? Message-ID: <CAK82gMEB=bUyNDd7ZTd2HObA-hh65gF-zEye%2BYRpfYG8gLnUyA@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi, Was just noticing that the 2020Q1 port for OpenSSL was still showing up with 11 different CVE's, yet I noticed that the commit [1] in r511808 says it fixed 9e0c6f7a-d46d-11e9-a1c7-b499baebfeaf, yet it still shows up in pkg audit for CVE-2019-1549 and CVE-2019-1547. Any idea what the story is here? [1] - https://svnweb.freebsd.org/ports?view=revision&revision=511808 Thanks, Danny McGrath
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAK82gMEB=bUyNDd7ZTd2HObA-hh65gF-zEye%2BYRpfYG8gLnUyA>