258802 – No updates to vuln.xml since 2021-09-16

Bug 258802 - No updates to vuln.xml since 2021-09-16

Summary: No updates to vuln.xml since 2021-09-16

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Package Infrastructure (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Many People
Assignee:	Port Management Team

URL:	http://vuxml.freebsd.org/freebsd/vuln...
Keywords:	security

Duplicates (1):	258626 (view as bug list)
Depends on:
Blocks:

Reported:	2021-09-30 09:48 UTC by Franco Fichtner
Modified:	2021-09-30 23:05 UTC (History)
CC List:	5 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Franco Fichtner 2021-09-30 09:48:23 UTC

Hi,

Noticed via mpd5 5.9_2 fix but vuln.xml still missing a range correction via https://cgit.freebsd.org/ports/commit/security/vuxml/vuln-2021.xml?id=0727cd2415ff009027751d9da066c0bb97ec0cf3

Essentially pkg audit -F still marks mpd5 as vulnerable and missing entries past 2021-09-16

Same goes for .bz2 equivalent.


Cheers,
Franco

Comment 1 commit-hook freebsd_committer

2021-09-30 16:25:50 UTC

A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=15fa2a7a7e9f6922d8e9746b8731871bbed6db90

commit 15fa2a7a7e9f6922d8e9746b8731871bbed6db90
Author:     Li-Wen Hsu <lwhsu@FreeBSD.org>
AuthorDate: 2021-09-30 16:23:08 +0000
Commit:     Li-Wen Hsu <lwhsu@FreeBSD.org>
CommitDate: 2021-09-30 16:23:08 +0000

    security/vuxml: Fix entry 7062bce0-1b17-11ec-9d9d-0022489ad614

    This should also fix vuxml build.

    PR:             258802
    Sponsored by:   The FreeBSD Foundation

 security/vuxml/vuln-2021.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comment 2 Kubilay Kocak freebsd_committer

2021-09-30 23:05:00 UTC

*** Bug 258626 has been marked as a duplicate of this bug. ***