Re: git: 61cd6326134c - main - security/vuxml: Document TightVNC multiplevulnerability

Reply: Koichiro Iwao : "Re: git: 61cd6326134c - main - security/vuxml: Document TightVNC multiplevulnerability"
In reply to: Koichiro Iwao : "git: 61cd6326134c - main - security/vuxml: Document TightVNC multiplevulnerability"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Jan Beich <jbeich_at_FreeBSD.org>
Date: Wed, 08 Feb 2023 03:04:34 UTC

Koichiro Iwao <meta@FreeBSD.org> writes:

> +      <package>
> +	<name>tightvnc</name>
> +	<range><le>1.3.10</le></range>
> +      </package>

This misses PORTREVISION > 0 e.g.,

$ xmllint -noent security/vuxml/vuln.xml > /tmp/vuln-flat.xml
$ pkg audit -f /tmp/vuln-flat.xml $(make -V PKGNAME -C net/tightvnc)
0 problem(s) in 0 installed package(s) found.

diff --git a/security/vuxml/vuln/2023.xml b/security/vuxml/vuln/2023.xml
index 90b6b75e2d17..d3f2cb23fe63 100644
--- a/security/vuxml/vuln/2023.xml
+++ b/security/vuxml/vuln/2023.xml
@@ -3,7 +3,7 @@
     <affects>
       <package>
 	<name>tightvnc</name>
-	<range><le>1.3.10</le></range>
+	<range><le>1.3.10_6</le></range>
       </package>
     </affects>
     <description>