Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 23 Sep 2015 20:24:28 +0000 (UTC)
From:      Mark Felder <feld@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r397659 - head/security/vuxml
Message-ID:  <201509232024.t8NKOSiN021205@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: feld
Date: Wed Sep 23 20:24:28 2015
New Revision: 397659
URL: https://svnweb.freebsd.org/changeset/ports/397659

Log:
  Fix older ruby vuxml entry
  
  If you follow official instructions to change your default ruby version
  it alters the ruby package name and vuxml will produce false positives.
  This change will solve these scenarios.
  
  PR:		203227

Modified:
  head/security/vuxml/vuln.xml

Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml	Wed Sep 23 20:18:05 2015	(r397658)
+++ head/security/vuxml/vuln.xml	Wed Sep 23 20:24:28 2015	(r397659)
@@ -10304,16 +10304,19 @@ Notes:
     <topic>Ruby -- OpenSSL Hostname Verification Vulnerability</topic>
     <affects>
       <package>
+	<name>ruby</name>
 	<name>ruby20</name>
-	<range><lt>2.0.0.645,1</lt></range>
+	<range><ge>2.0,1</ge><lt>2.0.0.645,1</lt></range>
       </package>
       <package>
 	<name>ruby</name>
-	<range><lt>2.1.6,1</lt></range>
+	<name>ruby21</name>
+	<range><ge>2.1,1</ge><lt>2.1.6,1</lt></range>
       </package>
       <package>
+	<name>ruby</name>
 	<name>ruby22</name>
-	<range><lt>2.2.2,1</lt></range>
+	<range><ge>2.2,1</ge><lt>2.2.2,1</lt></range>
       </package>
     </affects>
     <description>
@@ -10337,6 +10340,7 @@ Notes:
     <dates>
       <discovery>2015-04-13</discovery>
       <entry>2015-04-14</entry>
+      <modified>2015-09-23</modified>
     </dates>
   </vuln>
 



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201509232024.t8NKOSiN021205>