Date: Sat, 18 Apr 2015 18:47:04 +0200 From: Andrea Venturoli <ml@netfence.it> To: ports@freebsd.org Subject: Ruby vulnerabilities Message-ID: <55328A88.50106@netfence.it>
next in thread | raw e-mail | index | archive | help
Hello. On a lot of systems, "pkg audit" gives: > ruby-2.0.0.645,1 is vulnerable: > Ruby -- OpenSSL Hostname Verification Vulnerability > CVE: CVE-2015-1855 > WWW: http://vuxml.FreeBSD.org/freebsd/d4379f59-3e9b-49eb-933b-61de4d0b0fdb.html However the links above states "ruby20 *<* 2.0.0.645,1" is affected. Why? Who is right? bye & Thanks av.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?55328A88.50106>