Daemon News Ezine BSD News BSD Mall BSD Support Forum BSD Advocacy BSD Updates

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: portaudit false positive

kerochan ii <kerochan2@xxxxxxxxx> writes:
> portaudit started warning me about a vulnerability in the cvs server
> in the base system.
> It reports that the affected package is FreeBSD-502010.
> I realised that this is actually a vulnerability fixed months ago, and
> because i'm tracking RELENG_5_2 and thus running 5.2.1-p9, it was
> fixed on my system before portaudit even reported vulnerabilities in
> base.

No.  For various reasons, this vulnerability still hasn't been fixed
in RELENG_5_2 or RELENG_4_10.

Dag-Erling Smørgrav - des@xxxxxx