Date: Mon, 3 Mar 2014 01:47:38 -0600 From: JEREMY COX <jeremy.m.cox@gmail.com> To: freebsd-python@freebsd.org Subject: pyhon33 still listed as vulnerable Message-ID: <CAPH9q1qyx=9p60XmU1_C1dC4V8Am9UJEeT2SpGzupPcF7J_6YQ@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Sorry if I wasn't more clear, my ports tree was updated a few minutes before I wrote the email, from March 3 @ 0700 UTC... and the patch for CVE-2014-1912 was already in /usr/ports/lang/python33/files... otherwise I never would have updated the port! I always verify changes with the FreeBSD svn website first. Even after the ports tree was updated, and the port was updated, pkg audit still lists python33-3.3.3_3 as vulnerable, when the CVE lists the vulnerability applicable only to python33 <= 3.3.3_2.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPH9q1qyx=9p60XmU1_C1dC4V8Am9UJEeT2SpGzupPcF7J_6YQ>