Date: Mon, 30 Apr 2012 20:47:09 +0100 From: Chris Rees <crees@FreeBSD.org> To: d@delphij.net Cc: cvs-ports@freebsd.org, Xin LI <delphij@freebsd.org>, cvs-all@freebsd.org, ports-committers@freebsd.org Subject: Re: cvs commit: ports/security/vuxml vuln.xml Message-ID: <CADLo83_moWGhgVS-0BRXD0xRtiZfvW4ZDDrgKs59ah3uVGe8eQ@mail.gmail.com> In-Reply-To: <4F9ED6B3.2020508@delphij.net> References: <201204301751.q3UHpk86034193@repoman.freebsd.org> <CADLo83_kd57%2BMh0m_011JXA9aQ_2e3HAVo7uFSVn2ZSLxi25DA@mail.gmail.com> <4F9ED6B3.2020508@delphij.net>
index | next in thread | previous in thread | raw e-mail
On 30 April 2012 19:15, Xin Li <delphij@delphij.net> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On 04/30/12 11:08, Chris Rees wrote: >> On 30 April 2012 17:51, Xin LI <delphij@freebsd.org> wrote: >>> delphij 2012-04-30 17:51:46 UTC >>> >>> FreeBSD ports repository >>> >>> Modified files: security/vuxml vuln.xml Log: Document samba >>> incorrect permission checks vulnerability. >> >> + <range><gt>3.4.*</gt><lt>3.4.17</lt></range> + </package> + >> <package> + <name>samba35</name> + >> <range><gt>3.5.*</gt><lt>3.5.15</lt></range> + </package> + >> <package> + <name>samba36</name> + >> <range><gt>3.6.*</gt><lt>3.6.5</lt></range> >> >> Don't you want to use <ge /> for the minimum versions in each >> range? > > That's a good question, frankly I'm not sure... > > I used gt here because * means -NaN to me (and there is no >= -NaN but > only > -NaN), plus, older entries do this, too. It would probably a > good idea to use <ge>3.6.0<ge> instead, though. > Good point. We're better off sticking with the former though-- <ge>3.6.0</ge> misses out 3.6.a etc of course. Chrishome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADLo83_moWGhgVS-0BRXD0xRtiZfvW4ZDDrgKs59ah3uVGe8eQ>