Date: Thu, 28 Oct 2010 09:29:47 +0200 From: Andrea Venturoli <ml@netfence.it> To: freebsd-ports@freebsd.org, pgollucci@freebsd.org Subject: apr vulnerability Message-ID: <4CC9266B.7000405@netfence.it>
next in thread | raw e-mail | index | archive | help
On one of the servers I manage, portaudit claims: portaudit Affected package: apr-0.9.19.0.9.19 Type of problem: apr -- multiple vulnerabilities. Reference: <http://portaudit.FreeBSD.org/eb9212f7-526b-11de-bbf2-001b77d09812.html> Following the above links, I find that apr<1.3.5.1.3.7 is involved. I see on Freshports that apr was updated on 2010/10/20 to address a security risk: the link is: http://www.vuxml.org/freebsd/dd943fbb-d0fe-11df-95a8-00219b0fc4d8.html There, however, it says apr0<0.9.19.0.9.19 is involved. So, I'm confused: is apr-0.9.19.0.9.19 (which is the one I have) vulnerable or not? bye & Thanks av.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4CC9266B.7000405>