Date: Mon, 17 Dec 2018 02:59:52 -0500 From: Robert Simmons <rsimmons0@gmail.com> To: Roger Marquis <marquis@roble.com> Cc: freebsd-security@freebsd.org Subject: Re: SQLite vulnerability Message-ID: <CA%2BQLa9BE6Zjx1BjOi6DSLzMuAvOFwNHbTh891mTGLy8fzca3zg@mail.gmail.com> In-Reply-To: <nycvar.OFS.7.76.444.1812160753280.5993@mx.roble.com> References: <nycvar.OFS.7.76.444.1812160753280.5993@mx.roble.com>
next in thread | previous in thread | raw e-mail | index | archive | help
You're being a jerk.
This is a volunteer project. It owes you nothing.
On Sun, Dec 16, 2018, 16:42 Roger Marquis <marquis@roble.com wrote:
> Thanks to Chrome{,ium} a recently discovered SQLite exploit has been all
> over the news for a week now. It is patched on all Linux platforms but
> has not yet shown up in FreeBSD's vulxml database. Does this mean:
>
> A) FreeBSD versions prior to 3.26.0 are not vulnerable, or
>
> B) the ports-secteam is not able to properly maintain the vulnerability
> database?
>
> If the latter perhaps someone from the security team could let us know
> how such a significant vulnerability could go unflagged for so long and,
> more importantly, what might be done to address the gap in reporting?
>
> Roger Marquis
> _______________________________________________
> freebsd-security@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org
> "
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2BQLa9BE6Zjx1BjOi6DSLzMuAvOFwNHbTh891mTGLy8fzca3zg>