Date: Sun, 1 Jan 2006 17:46:03 +0900 (JST) From: KOMATSU Shinichiro <koma2@lovepeers.org> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/91156: security/vuxml: Fix the affected versions of curl vulnerability. Message-ID: <20060101084603.BC71F11589@koma2-45.wins.timedia.co.jp> Resent-Message-ID: <200601010850.k018o3ld050671@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 91156 >Category: ports >Synopsis: security/vuxml: Fix the affected versions of curl vulnerability. >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sun Jan 01 08:50:03 GMT 2006 >Closed-Date: >Last-Modified: >Originator: KOMATSU Shinichiro >Release: FreeBSD 5.4-RELEASE-p8 i386 >Organization: >Environment: FreeBSD 5.4-RELEASE-p8 i386 >Description: According to the cURL Security Advisory [1], affected versions of CVE-2005-4077 issue are "7.11.2 to and **including** 7.15.0". [1] http://curl.haxx.se/docs/adv_20051207.html >How-To-Repeat: >Fix: Apply the following patch and fix the entry of VuXML ID "9b4facec-6761-11da-99f6-00123ffe8333". Index: security/vuxml/vuln.xml =================================================================== RCS file: /home/ncvs/ports/security/vuxml/vuln.xml,v retrieving revision 1.918 diff -u -r1.918 vuln.xml --- security/vuxml/vuln.xml 25 Dec 2005 22:23:51 -0000 1.918 +++ security/vuxml/vuln.xml 1 Jan 2006 08:14:08 -0000 @@ -369,7 +369,7 @@ <affects> <package> <name>curl</name> - <range><ge>7.11.2</ge><lt>7.15.0</lt></range> + <range><ge>7.11.2</ge><le>7.15.0</le></range> </package> </affects> <description> >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060101084603.BC71F11589>