Date: Fri, 11 Apr 2014 17:13:12 -0400 From: Ryan Steinmetz <zi@FreeBSD.org> To: Matthew Seaman <matthew@FreeBSD.org> Cc: freebsd-security@freebsd.org, sbremal@hotmail.com, Erik Trulsson <Erik.Trulsson.1013@student.uu.se> Subject: Re: CVE-2014-0160? Message-ID: <20140411211312.GA82093@exodus.zi0r.com> In-Reply-To: <5348571A.9060703@FreeBSD.org> References: <DUB126-W5BC501CB4B718B4504D74A9540@phx.gbl> <alpine.DEB.2.00.1404111341450.13520@strudel.ki.iif.hu> <DUB126-W864CD6C2BD872D72C58222A9540@phx.gbl> <D0491050-C6C0-4124-966C-3153FB618532@icloud.com> <DUB126-W77A08013F5277DB2C69816A9540@phx.gbl> <20140411163453.10305uc2u7ijvcst@webmail.uu.se> <5348571A.9060703@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On (04/11/14 21:56), Matthew Seaman wrote: >http://vuxml.freebsd.org/freebsd/b72bad1c-20ed-11e3-be06-000c29ee3065.html > >This is applied inconsistently though. While there is an entry for >OpenSSL Heartbleed, it doesn't contain any reference to the FreeBSD base >system and the security advisories (at least, not at the time I was >writing this...) > Entry updated, thank you for pointing this out. http://svnweb.freebsd.org/ports/head/security/vuxml/vuln.xml?r1=351042&r2=351041&pathrev=351042 -r >It's also not a feature of pkg audit or any other tool I am aware of >that it can warn about base system vulnerabilities. Such functionality >would be very welcome though. > > Cheers, > > Matthew > >-- >Dr Matthew J Seaman MA, D.Phil. >PGP: http://www.infracaninophile.co.uk/pgpkey > > -- Ryan Steinmetz PGP: 9079 51A3 34EF 0CD4 F228 EDC6 1EF8 BA6B D028 46D7
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140411211312.GA82093>