From owner-freebsd-ports-bugs@freebsd.org  Wed Sep 23 14:22:30 2015
Return-Path: <owner-freebsd-ports-bugs@freebsd.org>
Delivered-To: freebsd-ports-bugs@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 480F5A07CCB
 for <freebsd-ports-bugs@mailman.ysv.freebsd.org>;
 Wed, 23 Sep 2015 14:22:30 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2001:1900:2254:206a::16:76])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 3483E1ABA
 for <freebsd-ports-bugs@FreeBSD.org>; Wed, 23 Sep 2015 14:22:30 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from bugs.freebsd.org ([127.0.1.118])
 by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id t8NEMUP6078582
 for <freebsd-ports-bugs@FreeBSD.org>; Wed, 23 Sep 2015 14:22:30 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
From: bugzilla-noreply@freebsd.org
To: freebsd-ports-bugs@FreeBSD.org
Subject: [Bug 203227] vuln.xml incorrectly flagging ruby20 as insecure
Date: Wed, 23 Sep 2015 14:22:29 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Ports & Packages
X-Bugzilla-Component: Ports Framework
X-Bugzilla-Version: Latest
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: mat@FreeBSD.org
X-Bugzilla-Status: Open
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: ports-secteam@FreeBSD.org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-203227-13-kUxQ8GYjPs@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-203227-13@https.bugs.freebsd.org/bugzilla/>
References: <bug-203227-13@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: freebsd-ports-bugs@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-ports-bugs>, 
 <mailto:freebsd-ports-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs/>
List-Post: <mailto:freebsd-ports-bugs@freebsd.org>
List-Help: <mailto:freebsd-ports-bugs-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
 <mailto:freebsd-ports-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Sep 2015 14:22:30 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203227

--- Comment #7 from Mathieu Arnold <mat@FreeBSD.org> ---
(In reply to Mark Felder from comment #5)
> (In reply to Mathieu Arnold from comment #2)
> 
> I'm not sure there's anything ports-secteam can do about this then. The
> vuxml entries match on PKGNAME and if this change alters PKGNAME the vuxml
> data will not accurately match.
> 
> This sounds like both Perl and Ruby need to change their behavior because
> this is very unexpected.

Sorry, what ?
I'm sorry, but no, the *default* Perl or Ruby package is always called "perl5"
or "ruby", and the non default Perl ports are called perl5.xx, and the non
default Ruby ports are called rubyXX. This is not going to change, especially
as I'm quite sure vuxml can cope easily.

-- 
You are receiving this mail because:
You are on the CC list for the bug.