vulnerablities in base unreported in VuXML
- Reply: Miroslav Lachman : "Re: vulnerablities in base unreported in VuXML"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 04 May 2023 17:56:02 UTC
As was noted on FreeBSD forum [1], there is problem with missing SA entries in VuXML (again). The last entry is from 2022-08-31 for zlip heap buffer overflow [2] 5 SA entries are missing. Can somebody from Securitu Officers take a look on it and publish missing entries? And fix the SA release process for all future SAs so we do not miss any again? Periodic 405.pkg-base-audit from pkg is usless without up to date VuXML. [1] https://forums.freebsd.org/threads/pkg-audit-vuln-xml-no-more-updates-for-base-system-and-kernel.71239/#post-609407 [2] https://www.vuxml.org/freebsd/pkg-FreeBSD.html Kind regards Miroslav Lachman