[Bug 203227] vuln.xml incorrectly flagging ruby20 as insecure
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Wed Sep 23 17:37:21 UTC 2015
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203227
--- Comment #14 from Mark Felder <feld at FreeBSD.org> ---
(In reply to Mark Felder from comment #9)
actually I'm overthinking this. This change would be sufficient:
<package>
<name>ruby</name>
<name>ruby20</name>
<range><ge>2.0</ge><lt>2.0.0.645,1</lt></range>
</package>
<package>
<name>ruby</name>
<range><lt>2.1.6,1</lt></range>
</package>
<package>
<name>ruby</name>
<name>ruby22</name>
<range><ge>2.2</ge><lt>2.2.2,1</lt></range>
</package>
which results in:
Affected packages
2.0 <= ruby < 2.0.0.645,1
2.0 <= ruby20 < 2.0.0.645,1
ruby < 2.1.6,1
2.2 <= ruby < 2.2.2,1
2.2 <= ruby22 < 2.2.2,1
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the freebsd-ports-bugs
mailing list