Date: Wed, 23 Sep 2015 18:34:41 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 203227] vuln.xml incorrectly flagging ruby20 as insecure Message-ID: <bug-203227-13-LPAGb93jv6@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-203227-13@https.bugs.freebsd.org/bugzilla/> References: <bug-203227-13@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203227 --- Comment #16 from terry@tmk.com --- (In reply to Mark Felder from comment #15) Yes, that seems to fix it. I also tested changing the affected version from 2.0.0.645,1 to 2.0.0.648,1 and that correctly flagged my 2.0.0.647,1 install as vulnerable. So, it seem good to go here. My only comment would be to perhaps change: <package> <name>ruby</name> <range><ge>2.1,1</ge><lt>2.1.6,1</lt></range> </package> to: <package> <name>ruby</name> <name>ruby21</name> <range><ge>2.1,1</ge><lt>2.1.6,1</lt></range> </package> so that this doesn't pop up again if the default Ruby version is changed to 2.2 at some future time. Thanks! -- You are receiving this mail because: You are on the CC list for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-203227-13-LPAGb93jv6>