svn commit: r333686 - head/security/vuxml
Remko Lodder
remko at FreeBSD.org
Wed Nov 13 14:07:04 UTC 2013
Author: remko (src,doc committer)
Date: Wed Nov 13 14:07:04 2013
New Revision: 333686
URL: http://svnweb.freebsd.org/changeset/ports/333686
Log:
Fix the OpenSSH entry, a version entry should be marked
on a per rule basis, and not on it's own lines, because
that would bogusly match other versions then intended.
When in doubt, please let me review your changes!!
hat: secteam
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Wed Nov 13 13:50:11 2013 (r333685)
+++ head/security/vuxml/vuln.xml Wed Nov 13 14:07:04 2013 (r333686)
@@ -147,18 +147,16 @@ Note: Please add new entries to the beg
<affects>
<package>
<name>openssh-portable</name>
- <range><lt>6.4.p1,1</lt></range>
- <range><ge>6.2.p2,1</ge></range>
+ <range><ge>6.2.p2,1</ge><lt>6.4.p1,1</lt></range>
</package>
<package>
<name>openssh-portable-base</name>
- <range><lt>6.4.p1,1</lt></range>
- <range><ge>6.2.p2,1</ge></range>
+ <range><ge>6.2.p2,1</ge><lt>6.4.p1,1</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
- <p>OpenSSH development team reports:</p>
+ <p>The OpenSSH development team reports:</p>
<blockquote cite="http://www.openssh.com/txt/gcmrekey.adv">
<p>A memory corruption vulnerability exists in the post-
authentication sshd process when an AES-GCM cipher
@@ -184,7 +182,7 @@ Note: Please add new entries to the beg
<dates>
<discovery>2013-11-07</discovery>
<entry>2013-11-08</entry>
- <modified>2013-11-11</modified>
+ <modified>2013-11-13</modified>
</dates>
</vuln>
More information about the svn-ports-all
mailing list