Lynx -vulnerabilities- is this permanent?
Foxfair Hu
foxfair at drago.fomokka.net
Wed Apr 25 08:16:05 UTC 2007
Simon L. Nielsen wrote:
> On 2007.04.19 19:01:39 +0800, Foxfair Hu wrote:
>> vuxml -> security-team's baby.
>> Cc added.
>
> The problem is caused by interesting version numbering in the
> www/lynx-current port which now conflicts with www/lynx:
>
> [simon at zaphod:lynx-current] make -V PKGNAME
> lynx-2.8.7d4
>
> Basically the problem was fixed in lynx-current (I assume, I haven't
> checked) 2.8.6d14 which really should have been 2.8.6.d14 to avoid
> problems like this.
>
> [simon at zaphod:~] pkg_version -t 2.8.6d14 2.8.6_4
> [simon at zaphod:~] pkg_version -t 2.8.6.d14 2.8.6_4
> <
>
> I will try to have a look at how to work around this tonight, but I
> don't know if I will get to it today.
>
[Cut off individuals Cc]
Can we remove 2nd and 4th entry? Look at the version info on lynx
site, I don't think current statement is a correct one:
lynx >2.8.6* <2.8.6d14
ja-lynx >2.8.6* <2.8.6d14
Diff as below:
-----------------------------
cvs diff: Diffing .
Index: vuln.xml
===================================================================
RCS file: /home/pcvs/ports/security/vuxml/vuln.xml,v
retrieving revision 1.1317
diff -u -d -b -w -r1.1317 vuln.xml
--- vuln.xml 23 Apr 2007 14:12:10 -0000 1.1317
+++ vuln.xml 25 Apr 2007 04:01:21 -0000
@@ -11487,7 +11487,6 @@
<name>lynx</name>
<name>ja-lynx</name>
<range><lt>2.8.5_1</lt></range>
- <range><gt>2.8.6*</gt><lt>2.8.6d14</lt></range>
</package>
<package>
<name>lynx-ssl</name>
@@ -11515,7 +11514,7 @@
</references> <dates>
<discovery>2005-10-17</discovery>
<entry>2005-10-30</entry>
- <modified>2006-10-05</modified>
+ <modified>2007-04-25</modified>
</dates>
</vuln>
More information about the freebsd-ports
mailing list