svn commit: r541761 - head/security/vuxml

Mathieu Arnold mat at freebsd.org
Wed Jul 15 14:12:25 UTC 2020 

On Wed, Jul 15, 2020 at 06:23:48AM -0700, Cy Schubert wrote:
> In message <20200715092221.x2su5jddagymb4ce at aching.in.mat.cc>, Mathieu 
> Arnold w
> rites:
> > 
> >
> > --ha75uxcn3b7ueuzq
> > Content-Type: text/plain; charset=us-ascii
> > Content-Disposition: inline
> > Content-Transfer-Encoding: quoted-printable
> >
> > On Thu, Jul 09, 2020 at 05:09:28PM +0000, Cy Schubert wrote:
> > > Modified: head/security/vuxml/vuln.xml
> > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
> > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
> > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
> > =3D=3D=3D=3D
> > > --- head/security/vuxml/vuln.xml	Thu Jul  9 17:00:42 2020	(r54176
> > 0)
> > > +++ head/security/vuxml/vuln.xml	Thu Jul  9 17:09:28 2020	(r54176
> > 1)
> > > @@ -997,8 +997,9 @@ Discovered by Tony Yesudas.</p>
> > >        </package>
> > >        <package>
> > >  	<name>FreeBSD</name>
> > > -	<range><le>12.1_6</le></range>
> > > -	<range><le>11.3_10</le></range>
> > > +	<range><le>12.1_7</le></range>
> > > +	<range><le>11.4_1</le></range>
> > > +	<range><le>11.3_11</le></range>
> > >        </package>
> > >      </affects>
> > >      <description>
> >
> > This is a bit strange, `< 12.1_7`, `< 11.4_1` and `< 11.3_11` are
> > probably equivalent to only `< 12.1_7` are the other two numbers also
> > are.  Are you sure you are not missing <ge> bits in there?
> 
> Why would this be strange?

What you wrote is:

	FreeBSD <= 12.1_7
	FreeBSD <= 11.4_1
	FreeBSD <= 11.3_11

Which is equivalent to

	FreeBSD <= 12.1_7

Because 11.4 < 12.1 and 11.3 < 12.1.

But maybe it was the point, I do not know, it just feels strange a
strange way to express it, and usually, when something is strange,
something is wrong.

-- 
Mathieu Arnold
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/svn-ports-all/attachments/20200715/dd5a3232/attachment.sig>

More information about the svn-ports-all mailing list