Re: git: a580d36be4c7 - main - security/vuxml: add FreeBSD SA released on 2023-12-05
- In reply to: Philip Paeps : "Re: git: a580d36be4c7 - main - security/vuxml: add FreeBSD SA released on 2023-12-05"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 07 Dec 2023 13:17:01 UTC
On Wed, Dec 6, 2023, at 11:55 PM, Philip Paeps wrote: > On 2023-12-07 09:10:31 (+0800), Dan Langille wrote: >> On Wed, Dec 6, 2023, at 7:52 PM, Philip Paeps wrote: >>> On 2023-12-07 08:43:21 (+0800), Dan Langille wrote: >>>> Why don't we check them and record them separately? >>> >>> I already record them separately in vuxml. If a vulnerability only >>> affects userland, I record >>> <package><name>FreeBSD</name>[...]</package>. >>> If the kernel is affected I record >>> <package><name>FreeBSD-kernel</name>[...]</package>. >>> >>> Hmm ... is that the problem? Should I set the versions to the >>> *kernel* >>> patch level for FreeBSD-kernel vulnerabilities? >> >> First, let's test if that fixes it. >> >> This fixes it for me: >> >> <range><ge>13.2</ge><lt>13.2_4</lt></range> >> >> [...] >> >>> Is something going to get upset if I change the most recent entry to >>> <lt>12.2_4</lt>? >> >> That I don't know. >> >> VUXML entries have AMENDED values don't they? > > Thanks for testing this out. I've pushed a <modified/> vuxml entry in > 4826396e5d15. Thank you. All green on Ngaios: https://twitter.com/DLangille/status/1732750820431573086 Cheers -- Dan Langille dan@langille.org