Date: Fri, 10 Jun 2022 21:16:15 +0900 (JST) From: Masachika ISHIZUKA <ish@amail.plala.or.jp> To: freebsd-security@freebsd.org Subject: Re: Is apache24-2.4.54 vulnerable ? Message-ID: <20220610.211615.2181623761441101839.ish@amail.plala.or.jp> In-Reply-To: <ac0ffe35-d35f-1b2f-b583-06179cac5230@hyjazi.me> References: <20220610.085155.1636577084047793852.moto@kawasaki3.org> <20220610.095448.1735421952196505841.ish@amail.plala.or.jp> <ac0ffe35-d35f-1b2f-b583-06179cac5230@hyjazi.me>
next in thread | previous in thread | raw e-mail | index | archive | help
> seems to be tagged so by vulnxml, but all this CVE are addressed and > fixed=A0 by 2.4.54 (https://downloads.apache.org/httpd/CHANGES_2.4.54= ) > = >>>> % pkg audit -F >>>> vulnxml file up-to-date >>>> apache24-2.4.54 is vulnerable: >>>> [snip] >> >> vuln-2022.xml: >> <affects> >> <package> >> <name>apache24</name> >> <range><lt>2.5.54</lt></range> <------- 2.4.54 ??? >> </package> ~~~~~~ >> </affects> Thank you for reply. vulnxml was fixed by 0bb1abdb20498df239e15e7f9e9eec33e2eec499. -- = Masachika ISHIZUKA
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20220610.211615.2181623761441101839.ish>