Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 14 Aug 2019 14:29:57 +0200
From:      Jochen Neumeister <joneum@FreeBSD.org>
To:        Tobias Kortkamp <tobik@freebsd.org>
Cc:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   Re: svn commit: r508895 - head/security/vuxml
Message-ID:  <fc8eed0b-d7fc-b6ce-0213-0ea13b6b64b2@FreeBSD.org>
In-Reply-To: <20190814121726.GA50509@urd.tobik.me>
References:  <201908140722.x7E7MdSW088299@repo.freebsd.org> <20190814121726.GA50509@urd.tobik.me>
next in thread | previous in thread | raw e-mail | index | archive | help 

Am 14.08.2019 um 14:17 schrieb Tobias Kortkamp:
> On Wed, Aug 14, 2019 at 07:22:39AM +0000, Jochen Neumeister wrote:
>> Author: joneum
>> Date: Wed Aug 14 07:22:39 2019
>> New Revision: 508895
>> URL: https://svnweb.freebsd.org/changeset/ports/508895
>>
>> Log:
>>    Add entry for www/nginx and www/nginx-devel
>>    
>>    Sponsored by:	Netzkommune GmbH
>>
>> Modified:
>>    head/security/vuxml/vuln.xml
>>
>> Modified: head/security/vuxml/vuln.xml
>> ==============================================================================
>> --- head/security/vuxml/vuln.xml	Wed Aug 14 07:08:19 2019	(r508894)
>> +++ head/security/vuxml/vuln.xml	Wed Aug 14 07:22:39 2019	(r508895)
>> @@ -58,6 +58,43 @@ Notes:
>>     * Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
>>   -->
>>   <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">;
>> +  <vuln vid="87679fcb-be60-11e9-9051-4c72b94353b5">
>> +    <topic>NGINX -- Multiple vulnerabilities</topic>
>> +    <affects>
>> +      <package>
>> +	<name>nginx</name>
>> +	<range><lt>1.16.1</lt></range>
>> +      </package>
> This entry is not correct:
>
> $ pkg info -E nginx
> nginx-1.16.0_1,2
> $ pkg audit -f security/vuxml/vuln.xml nginx-1.16.0_1,2
> 0 problem(s) in 0 installed package(s) found.
>
> www/nginx has PORTEPOCH=2 so the entry should have
>
> 	<range><lt>1.16.1,2</lt></range>
>
> or users will never be informed of this via pkg audit.


fixed in r508912

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?fc8eed0b-d7fc-b6ce-0213-0ea13b6b64b2>