confused by ranges
Dan Langille
dan at langille.org
Sat Sep 18 14:21:38 PDT 2004
I'm having a quick look through vuln.xml:
<range><ge>2.0</ge><lt>2.0.50_3</lt></range>
Intuitively, that means you are vulnerable if you have versions >=
2.0 or < 2.0.50_3.
Is that correct? Is that how to apply the rules. I found the DTD
confused me more than the examples did.
This is an interesting example:
<range><lt>1.1.2_1</lt></range>
<range><ge>2.0</ge></range>
Two range statements in the same package... instead of one range with
two operators. Why?
--
Dan Langille : http://www.langille.org/
BSDCan - The Technical BSD Conference - http://www.bsdcan.org/
More information about the freebsd-vuxml
mailing list