Re: portaudit false positive

To: kerochan ii <kerochan2@xxxxxxxxx>
Subject: Re: portaudit false positive
From: des@xxxxxx (Dag-Erling Smørgrav)
Date: Wed, 08 Sep 2004 08:36:40 +0200
Cc: freebsd-audit@xxxxxxxxxxx
Delivered-to: freebsd-audit@xxxxxxxxxxx
In-reply-to: <3b793f1a040907174043f4cad4@xxxxxxxxxxxxxx> (kerochan ii's message of "Tue, 7 Sep 2004 20:40:44 -0400")
List-archive: <http://lists.freebsd.org/pipermail/freebsd-audit>
List-help: <mailto:freebsd-audit-request@freebsd.org?subject=help>
List-id: FreeBSD Security Audit <freebsd-audit.freebsd.org>
List-post: <mailto:freebsd-audit@freebsd.org>
List-subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-audit>, <mailto:freebsd-audit-request@freebsd.org?subject=subscribe>
List-unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-audit>, <mailto:freebsd-audit-request@freebsd.org?subject=unsubscribe>
References: <3b793f1a040907174043f4cad4@xxxxxxxxxxxxxx>
User-agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (berkeley-unix)

kerochan ii <kerochan2@xxxxxxxxx> writes:
> portaudit started warning me about a vulnerability in the cvs server
> in the base system.
> It reports that the affected package is FreeBSD-502010.
> I realised that this is actually a vulnerability fixed months ago, and
> because i'm tracking RELENG_5_2 and thus running 5.2.1-p9, it was
> fixed on my system before portaudit even reported vulnerabilities in
> base.

No.  For various reasons, this vulnerability still hasn't been fixed
in RELENG_5_2 or RELENG_4_10.

DES
-- 
Dag-Erling Smørgrav - des@xxxxxx

Follow-Ups:
- Re: portaudit false positive
  - From: kerochan ii

References:
- portaudit false positive
  - From: kerochan ii

Prev by Date: portaudit false positive
Next by Date: [no subject]
Previous by thread: portaudit false positive
Next by thread: Re: portaudit false positive
Index(es):
- Date
- Thread