Date: Mon, 09 May 2016 20:25:06 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 209404] security/vuxml CVE-2016-1541 archive/libarchive entry version incorrect 2.3 should be 3.2 Message-ID: <bug-209404-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D209404 Bug ID: 209404 Summary: security/vuxml CVE-2016-1541 archive/libarchive entry version incorrect 2.3 should be 3.2 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: ports-secteam@FreeBSD.org Reporter: dereks@lifeofadishwasher.com Assignee: ports-secteam@FreeBSD.org Flags: maintainer-feedback?(ports-secteam@FreeBSD.org) Based off the following commit: http://svnweb.freebsd.org/ports/head/security/vuxml/vuln.xml?r1=3D414860&r2= =3D414889 The latest archivers/libarchive vuxml entry (CVE-2016-1541) was fixed in 3.2 not 2.3. Appears there was confusion with the latest commit: http://svnweb.freebsd.org/ports/head/archivers/libarchive/distinfo?view=3Dl= og "Upgrading to 2.3" --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-209404-13>