[Bug 203227] vuln.xml incorrectly flagging ruby20 as insecure
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Wed Sep 23 18:34:41 UTC 2015
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203227
--- Comment #16 from terry at tmk.com ---
(In reply to Mark Felder from comment #15)
Yes, that seems to fix it. I also tested changing the affected version from
2.0.0.645,1 to 2.0.0.648,1 and that correctly flagged my 2.0.0.647,1 install as
vulnerable.
So, it seem good to go here. My only comment would be to perhaps change:
<package>
<name>ruby</name>
<range><ge>2.1,1</ge><lt>2.1.6,1</lt></range>
</package>
to:
<package>
<name>ruby</name>
<name>ruby21</name>
<range><ge>2.1,1</ge><lt>2.1.6,1</lt></range>
</package>
so that this doesn't pop up again if the default Ruby version is changed to 2.2
at some future time.
Thanks!
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the freebsd-ports-bugs
mailing list