FreeBSD Port: ruby20-,1 - reported as vulnerable while it isn't ?

Ing. Břetislav Kubesa bretislav.kubesa at
Sun Jun 21 06:43:38 UTC 2015


already for longer time while updating to,1 version, I'm 
getting message that it's vulnerable, but I think it's not the case as 
vulnerable are ruby20 <,1 (but it's not ruby20 <=,1).
However I'm not sure where to report it for checking, so I hope it's the 
right place here.

Thank you.

--->  Upgrading 'ruby-,1' to 'ruby-,1' (lang/ruby20)
--->  Building '/usr/ports/lang/ruby20'
===>  Cleaning for ruby-,1
===>  ruby-,1 has known vulnerabilities:
ruby-,1 is vulnerable:
Ruby -- OpenSSL Hostname Verification Vulnerability
CVE: CVE-2015-1855

Best regards,
Bretislav Kubesa

More information about the freebsd-ports mailing list