[Bug 256236] ports-mgmt/pkg: audit command didn't work properly with port epoch

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 24 Jun 2021 11:22:01 +0000
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256236

Philip Paeps <philip_at_FreeBSD.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|New                         |Closed
         Resolution|---                         |Overcome By Events
                 CC|                            |philip_at_FreeBSD.org

--- Comment #1 from Philip Paeps <philip_at_FreeBSD.org> ---
% pkg audit nginx-1.20.0_2,2
nginx-1.20.0_2,2 is vulnerable:
  NGINX -- 1-byte memory overwrite in resolver
  CVE: CVE-2021-23017
  WWW:
https://vuxml.FreeBSD.org/freebsd/0882f019-bd60-11eb-9bdd-8c164567ca3c.html

1 problem(s) in 1 installed package(s) found.

I suspect your vuln.xml file is/was out of date.  This was fixed in
c2a2f2b35ad4:
https://cgit.freebsd.org/ports/commit/?id=c2a2f2b35ad4

Note that because of a syntax error introduced in c7737d4b2e5d on 2021-06-10,
the vuln.xml file has not been updated until approximately an hour ago.  The
build was fixed in 46119dd553f1:
https://cgit.freebsd.org/ports/commit/?id=46119dd553f18833b20a76623029a24dd4948c58

See also #256789

-- 
You are receiving this mail because:
You are the assignee for the bug.
Received on Thu Jun 24 2021 - 11:22:01 UTC

Original text of this message