Date: Wed, 24 Apr 2024 03:21:05 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 278549] security/vuxml: false positivites for www/glpi Message-ID: <bug-278549-7788-LDPTWpmsbM@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-278549-7788@https.bugs.freebsd.org/bugzilla/> References: <bug-278549-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D278549 Philip Paeps <philip@FreeBSD.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|ports-bugs@FreeBSD.org |philip@FreeBSD.org Status|New |Open CC| |philip@FreeBSD.org --- Comment #1 from Philip Paeps <philip@FreeBSD.org> --- I think what Jochen meant in https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D255948#c13 is that we d= on't add new vulnerabilities to existing vuxml entries. When new vulnerabilities become known, we create new vuxml entries for them. If previous entries are wrong though, we should correct them. In this instance: I wonder if it's worth the churn of correcting the old entries, given that newer vulnerabilities have been discovered that affect every version prior to 10.0.14. I'm happy to commit the corrections if someone could double-check them for = me, e.g. the maintainer? Does this patch look correct Mathias? --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-278549-7788-LDPTWpmsbM>