Date: Thu, 11 Nov 2021 08:23:15 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 259534] archivers/advancecomp: Update to 2.2.g20210429 (Fixes multiple security vulnerabilities) Message-ID: <bug-259534-7788-kEPiDKjfTf@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-259534-7788@https.bugs.freebsd.org/bugzilla/> References: <bug-259534-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D259534 --- Comment #9 from Robert Clausecker <fuz@fuz.su> --- (In reply to Guangyuan Yang from comment #8) There is no version out that fixes this. I had used 2.2.* to cover the ver= sion I had originally used for this patch (i.e. 2.2.g20210429). The meaning is: > In a range specification, * (asterisk) denotes the smallest version numbe= r. In particular, 2.* is less than 2.a. Therefore an asterisk may be used f= or a range to match all possible alpha, beta, and RC versions. For instance= , <ge>2.</ge><lt>3.</lt> will selectively match every 2.x version while <ge= >2.0</ge><lt>3.0</lt> will not since the latter misses 2.r3 and matches 3.b. (see Porter's Handbook, =C2=A712.3.2 A Short Introduction to VuXML) However it is correct that with the corrected version for this patch, this = is no longer correct. Please change the upper bound to <lt>2.1.6</lt> to addr= ess this. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-259534-7788-kEPiDKjfTf>