Date: Wed, 27 Aug 2025 17:17:07 +0100 From: Martin Simmons <martin@lispworks.com> To: "Wall, Stephen" <stephen.wall@redcom.com> Cc: freebsd-security@freebsd.org Subject: Re: Possible error in FreeBSD's VuXML data Message-ID: <202508271617.57RGH7k6018596@higson.cam.lispworks.com> In-Reply-To: <MW4PR09MB9284A252FCA911BAEA06D5B4EE39A@MW4PR09MB9284.namprd09.prod.outlook.com> (stephen.wall@redcom.com) References: <MW4PR09MB92843E097C039D15A8819523EE39A@MW4PR09MB9284.namprd09.prod.outlook.com> <MW4PR09MB9284A252FCA911BAEA06D5B4EE39A@MW4PR09MB9284.namprd09.prod.outlook.com>
index | next in thread | previous in thread | raw e-mail
>>>>> On Tue, 26 Aug 2025 20:25:25 +0000, Wall, Stephen said: > > I’d like to further point out that > https://vuxml.freebsd.org/freebsd/b945ce3f-6f9b-11f0-bd96-b42e991fc52e.html > is not being listed when I run `pkg audit` on the same system. That > vulnerability is listed in the `pkg audit sqlite2` output. I think it > should be, 3.46.1_1,1 is less than 3.49.1. This is because the version number in this entry is missing the portepoch (the ",1" suffix), so it appears to be older than the installed version. A script is needed to audit the vuxl to find these broken entries. __Martinhome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202508271617.57RGH7k6018596>