On Sun, Aug 09, 2009 at 11:04:52PM +0100, Ben Morrow wrote:
> I was about to say 'I believe the vuxml entry for firefox is incorrect',
> but I see it's been fixed. Neither 3.0.13 nor 3.5.2 are vulnerable, and
> vuxml now correctly reports this.
Today security/vuxml/vuln.xml says:
<affects>
<package>
<name>firefox</name>
<name>linux-firefox</name>
<range><lt>3.*,1</lt></range>
<range><gt>3.*,1</gt><lt>3.0.13,1</lt></range>
<range><gt>3.5.*,1</gt><lt>3.5.2,1</lt></range>
</package>
1. Could someone tell me the meaning of the ``*'' values please ?
I can't see the logic of the range lines.
2. Yesterday I installed firefox quickly with ``pkg_add -r firefox3''
and got firefox-3.0.10,1.
Portaudit declares it vulnerable which seems to correspond
to the second range line.
I guess I have to compile firefox3 to be clean ?
Harald
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
