[Bug 203227] vuln.xml incorrectly flagging ruby20 as insecure
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Wed Sep 23 17:44:23 UTC 2015
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203227
--- Comment #15 from Mark Felder <feld at FreeBSD.org> ---
(In reply to terry from comment #13)
You're right, it would fail because our <ge> entries don't have ,1 for the
PORTEPOCH
<package>
<name>ruby</name>
<name>ruby20</name>
<range><ge>2.0,1</ge><lt>2.0.0.645,1</lt></range>
</package>
<package>
<name>ruby</name>
<range><ge>2.1,1</ge><lt>2.1.6,1</lt></range>
</package>
<package>
<name>ruby</name>
<name>ruby22</name>
<range><ge>2.2,1</ge><lt>2.2.2,1</lt></range>
</package>
Try that. It seems to be working when I pass various ruby versions to pkg
audit.
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the freebsd-ports-bugs
mailing list