Date: Wed, 22 Apr 2020 11:02:07 -0700 From: Craig Leres <leres@freebsd.org> To: Glen Barber <gjb@FreeBSD.org>, ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: Re: svn commit: r532463 - head/security/vuxml Message-ID: <f0bca725-9dff-be68-780a-d2da56e1d51e@freebsd.org> In-Reply-To: <202004221044.03MAixGc069557@repo.freebsd.org> References: <202004221044.03MAixGc069557@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. --------------5E34AF8A02F7B618070012B4 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit On 2020-04-22 03:44, Glen Barber wrote: > Author: gjb > Date: Wed Apr 22 10:44:59 2020 > New Revision: 532463 > URL: https://svnweb.freebsd.org/changeset/ports/532463 > > Log: > Attempt number 2 to fix the vuxml build. > > Sponsored by: Rubicon Communications, LLC (netgate.com) > > Modified: > head/security/vuxml/vuln.xml > > Modified: head/security/vuxml/vuln.xml > ============================================================================== > --- head/security/vuxml/vuln.xml Wed Apr 22 10:36:57 2020 (r532462) > +++ head/security/vuxml/vuln.xml Wed Apr 22 10:44:59 2020 (r532463) > @@ -96,7 +96,6 @@ Notes: > <name>FreeBSD</name> > <range><ge>12.1</ge><lt>12.1_4</lt></range> > <range><ge>11.3</ge><lt>11.3_8</lt></range> > - </package> > <name>openssl</name> > <range><ge>1.1.1,1</ge><lt>1.1.1g,1</lt></range> > </package> I think the right fix here would have been to change </package> to <package> (instead of removing it). r532468 removes the openssl versions block completely. What I saw this morning is that my systems were briefly reporting openssl-1.1.1f,1 as vulnerable (1:46am PDT) and then later not vulnerable (4:46am). I believe the attached patch fixes this. Craig --------------5E34AF8A02F7B618070012B4 Content-Type: text/plain; charset=UTF-8; name="patch.txt" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="patch.txt" SW5kZXg6IHNlY3VyaXR5L3Z1eG1sL3Z1bG4ueG1sCj09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIHNlY3Vy aXR5L3Z1eG1sL3Z1bG4ueG1sCShyZXZpc2lvbiA1MzI0OTEpCisrKyBzZWN1cml0eS92dXht bC92dWxuLnhtbAkod29ya2luZyBjb3B5KQpAQCAtOTcsNiArOTcsMTAgQEAKIAk8cmFuZ2U+ PGdlPjEyLjE8L2dlPjxsdD4xMi4xXzQ8L2x0PjwvcmFuZ2U+CiAJPHJhbmdlPjxnZT4xMS4z PC9nZT48bHQ+MTEuM184PC9sdD48L3JhbmdlPgogICAgICAgPC9wYWNrYWdlPgorICAgICAg PHBhY2thZ2U+CisJPG5hbWU+b3BlbnNzbDwvbmFtZT4KKwk8cmFuZ2U+PGdlPjEuMS4xLDE8 L2dlPjxsdD4xLjEuMWcsMTwvbHQ+PC9yYW5nZT4KKyAgICAgIDwvcGFja2FnZT4KICAgICA8 L2FmZmVjdHM+CiAgICAgPGRlc2NyaXB0aW9uPgogICAgICAgPGJvZHkgeG1sbnM9Imh0dHA6 Ly93d3cudzMub3JnLzE5OTkveGh0bWwiPgo= --------------5E34AF8A02F7B618070012B4--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?f0bca725-9dff-be68-780a-d2da56e1d51e>