Date: Tue, 18 Nov 2008 13:37:13 +0100 From: Jille Timmermans <jille@quis.cx> To: Eygene Ryabinkin <rea-fbsd@codelabs.ru> Cc: freebsd-security@freebsd.org, bug-followup@freebsd.org Subject: Re: ports/128956: [patch] [vuxml] multiple vulnerabilities in PHP 5.2.6 Message-ID: <4922B6F9.2000408@quis.cx> In-Reply-To: <TqoTo5jliabZzOUld/zrRy5vtzI@%2BC9avPjAe6kfv7rH%2BxyHzR2RFw8> References: <20081118103433.38D5817115@shadow.codelabs.ru> <4922B371.6070002@quis.cx> <TqoTo5jliabZzOUld/zrRy5vtzI@%2BC9avPjAe6kfv7rH%2BxyHzR2RFw8>
next in thread | previous in thread | raw e-mail | index | archive | help
Good day to you too, "PHP 5.2 through 5.2.6" makes the most sense. However, "PHP 5.1 through" or even "PHP 5 through" are also possible. I don't know much about CVE's; can we provide them feedback for this typo ? I think the best is to wait for the CVE to get fixed and fix it in the vuxml entry afterwards. I think you also had that plan ;) -- Jille Eygene Ryabinkin wrote: > Jille, good day. > > Tue, Nov 18, 2008 at 01:22:09PM +0100, Jille Timmermans wrote: > >> I think there is a typo in the vuxml descriptions: >> "PHP 4.4.x before 4.4.9 and PHP 5.6 through 5.2.6" >> (PHP 5.6 doesn't exist (yet)) >> > > Yes: it was written in that way at the CVE entry. I had spotted this, > but was not sure how to handle this. Perhaps VuXML entry should really > say "PHP 5.2 through 5.2.6" to avoid reader's confusion. > > Thanks for spotting this! >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4922B6F9.2000408>