Re: git: 0f0638d4ab0b - main - security/vuxml: add security/p5-Authen-SASL

In reply to: Rodrigo Osorio : "git: 0f0638d4ab0b - main - security/vuxml: add security/p5-Authen-SASL"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Craig Leres <leres_at_freebsd.org>
Date: Sat, 16 Aug 2025 04:05:11 UTC

On 8/13/2025 2:24 AM, Rodrigo Osorio wrote:
> The branch main has been updated by rodrigo:
> 
> URL: https://cgit.FreeBSD.org/ports/commit/?id=0f0638d4ab0bdc81a39a423f27f62fa3386e45b7
> 
> commit 0f0638d4ab0bdc81a39a423f27f62fa3386e45b7
> Author:     Rodrigo Osorio <rodrigo@FreeBSD.org>
> AuthorDate: 2025-08-13 08:37:28 +0000
> Commit:     Rodrigo Osorio <rodrigo@FreeBSD.org>
> CommitDate: 2025-08-13 09:19:28 +0000
> 
>      security/vuxml: add security/p5-Authen-SASL
> ---
>   security/vuxml/vuln/2025.xml | 32 ++++++++++++++++++++++++++++++++
>   1 file changed, 32 insertions(+)
> 
> diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml
> index 479b1cbd8d4d..95e0daf3107f 100644
> --- a/security/vuxml/vuln/2025.xml
> +++ b/security/vuxml/vuln/2025.xml
> @@ -1,3 +1,35 @@
> +  <vuln vid="defe9a20-781e-11f0-97c4-40b034429ecf">
> +    <topic>p5-Authen-SASL -- Insecure source of randomness</topic>
> +    <affects>
> +      <package>
> +	<name>p5-Authen-SASL</name>
> +	<range><lt>2.1900</lt></range>
> +      </package>

I have the "new" version installed but p5-Authen-SASL is still flagged 
as vulnerable. Is the new version 2.1900 or 2.19? I think it's the latter.

		Craig

zinc 19 % pkg info | fgrep p5-Authen-SASL
p5-Authen-SASL-2.19            Perl5 module for SASL authentication