Date: Wed, 23 Sep 2015 16:41:33 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 203227] vuln.xml incorrectly flagging ruby20 as insecure Message-ID: <bug-203227-13-hPBXL7ud2o@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-203227-13@https.bugs.freebsd.org/bugzilla/> References: <bug-203227-13@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203227 --- Comment #10 from terry@tmk.com --- Other than some unneeded checks (ruby20 should always refer to 2.0, ruby22 should always refer to 2.2 - it is only ruby (no suffix) that can refer to multiple versions) that type of solution seems fine. However, with the entry updated as you show above, it is still complaining that ruby-2.0.0.647,1 is vulnerable. If it helps, I can give you access to a system where this is happening and chown the vuln.xml file so you can modify it to help track down the issue. -- You are receiving this mail because: You are on the CC list for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-203227-13-hPBXL7ud2o>