security/openssl: 1.1.1d in 2020Q1 still vulnerable?
Dan McGrath
danmcgrath.ca at gmail.com
Wed Feb 5 16:57:54 UTC 2020
Hi,
Was just noticing that the 2020Q1 port for OpenSSL was still showing up
with 11 different CVE's, yet I noticed that the commit [1] in r511808 says
it fixed 9e0c6f7a-d46d-11e9-a1c7-b499baebfeaf, yet it still shows up in pkg
audit for CVE-2019-1549 and CVE-2019-1547.
Any idea what the story is here?
[1] - https://svnweb.freebsd.org/ports?view=revision&revision=511808
Thanks,
Danny McGrath
More information about the freebsd-ports
mailing list