ports/127712: bad version specification for firefox3 in VuXML entry 2273879e-8a2f-11dd-a6fe-0030843d3802
Simon L. Nielsen
simon at FreeBSD.org
Mon Sep 29 22:46:46 UTC 2008
On 2008.09.29 16:08:40 +0400, Eygene Ryabinkin wrote:
> Martin, good day.
>
> Mon, Sep 29, 2008 at 11:46:01AM +0000, miwi at FreeBSD.org wrote:
> > State-Changed-Why:
> > Committed. Thanks!
>
> I think that just changing 'firefox3' to 'firefox' is not enough:
> such specification will catch firefox 2.x too:
> -----
> $ pkg_info -E 'firefox<3.0.2,1'
> firefox-2.0.0.17,1
>
> $ sh portaudit -a
> Affected package: firefox-2.0.0.17,1
> Type of problem: mozilla -- multiple vulnerabilities.
> Reference: <http://www.FreeBSD.org/ports/portaudit/2273879e-8a2f-11dd-a6fe-0030843d3802.html>
>
> 1 problem(s) in your installed packages found.
>
> You are advised to update or deinstall the affected package(s) immediately.
> -----
> One should put a lower bound on firefox 3.x too: '>=3.0.0,1<3.0.2,1'.
> Or I am missing something?
No, I did a too quick review of the patch and didn't think about the
firefox 2 part. The latest issue should fix this (at least it works
for me with my vxquery(1) tests).
Thanks the report!
--
Simon L. Nielsen
More information about the freebsd-ports-bugs
mailing list