Date: Thu, 14 Nov 2019 18:36:02 +0100 From: Gunther Nikl <gnikl@justmail.de> To: Sunpoet Po-Chuan Hsieh <sunpoet@FreeBSD.org> Cc: svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: Re: svn commit: r517534 - head/security/vuxml Message-ID: <20191114183602.00002e6e@justmail.de> In-Reply-To: <201911132345.xADNjaGf059228@repo.freebsd.org> References: <201911132345.xADNjaGf059228@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Sunpoet Po-Chuan Hsieh <sunpoet@FreeBSD.org> wrote: > Author: sunpoet > Date: Wed Nov 13 23:45:36 2019 > New Revision: 517534 > URL: https://svnweb.freebsd.org/changeset/ports/517534 > > Log: > Document libmad vulnerability > > Modified: > head/security/vuxml/vuln.xml > > [snip] > > + <dates> > + <discovery>2017-04-30</discovery> > + <entry>2019-11-13</entry> > + </dates> > + </vuln> If I read https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508133#15 correctly, then the discovery date cannot be right. The debian bug and the patch itself are from December 2008! Apparently the CVE numbers were assigned in 2017 only. Regards, Gunther Nikl
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20191114183602.00002e6e>