Ruby vulnerabilities

Andrea Venturoli ml at netfence.it
Sat Apr 18 16:47:07 UTC 2015

Previous message (by thread): squeak - Illegal instruction (core dumped) when run on FreeBSD 10.1-RELEASE i386
Next message (by thread): cmake build failure depending on liblzma
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello.

On a lot of systems, "pkg audit" gives:

> ruby-2.0.0.645,1 is vulnerable:
> Ruby -- OpenSSL Hostname Verification Vulnerability
> CVE: CVE-2015-1855
> WWW: http://vuxml.FreeBSD.org/freebsd/d4379f59-3e9b-49eb-933b-61de4d0b0fdb.html

However the links above states "ruby20 *<* 2.0.0.645,1" is affected.

Why?
Who is right?

  bye & Thanks
	av.

Previous message (by thread): squeak - Illegal instruction (core dumped) when run on FreeBSD 10.1-RELEASE i386
Next message (by thread): cmake build failure depending on liblzma
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the freebsd-ports mailing list