apr vulnerability

Andrea Venturoli ml at netfence.it
Thu Oct 28 07:44:28 UTC 2010

On one of the servers I manage, portaudit claims:
Affected package: apr-
Type of problem: apr -- multiple vulnerabilities.

Following the above links, I find that apr< is involved.

I see on Freshports that apr was updated on 2010/10/20 to address a 
security risk: the link is:

There, however, it says apr0< is involved.

So, I'm confused: is apr- (which is the one I have) 
vulnerable or not?

  bye & Thanks

More information about the freebsd-ports mailing list