apr vulnerability
Andrea Venturoli
ml at netfence.it
Thu Oct 28 07:44:28 UTC 2010
On one of the servers I manage, portaudit claims:
portaudit
Affected package: apr-0.9.19.0.9.19
Type of problem: apr -- multiple vulnerabilities.
Reference:
<http://portaudit.FreeBSD.org/eb9212f7-526b-11de-bbf2-001b77d09812.html>
Following the above links, I find that apr<1.3.5.1.3.7 is involved.
I see on Freshports that apr was updated on 2010/10/20 to address a
security risk: the link is:
http://www.vuxml.org/freebsd/dd943fbb-d0fe-11df-95a8-00219b0fc4d8.html
There, however, it says apr0<0.9.19.0.9.19 is involved.
So, I'm confused: is apr-0.9.19.0.9.19 (which is the one I have)
vulnerable or not?
bye & Thanks
av.
More information about the freebsd-ports
mailing list