Re: Is apache24-2.4.54 vulnerable ?
- In reply to: Peter Blok : "Re: Is apache24-2.4.54 vulnerable ?"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 10 Jun 2022 17:23:20 UTC
Am 10.06.22 um 16:36 schrieb Peter Blok: > I think the question is this a typo in the vuln-2022.xml, because the changelog shows the CVE are fixed in 2.4.54 See: https://cgit.freebsd.org/ports/commit/?id=0bb1abdb20498df239e15e7f9e9eec33e2eec499 > > > >> On 10 Jun 2022, at 15:20, Wall, Stephen <stephen.wall@redcom.com> wrote: >> >>> vuln-2022.xml: >>> <affects> >>> <package> >>> <name>apache24</name> >>> <range><lt>2.5.54</lt></range> <------- 2.4.54 ??? >>> </package> ~~~~~~ >>> </affects> >>> -- >>> Masachika ISHIZUKA >> `<lt>` indicates it affects versions less than 2.5.54. >> >> >> -spw >