pkgsrc-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: all versions of www/links flagged in pkg-vulnerabilities

"Kevin J. Woolley" <> writes:

> From pkg-vulnerabilities:
> links{,-gui}-[0-9]*	remote-spoofing
> The linked advisory is from 2009 and concerns links 2.2. links 2.9 was
> released in late 2014 and I haven't found any advisories for that
> version (though it is hard to Google, admittedly). Is there still a
> reason to have all versions of links blocked?

Probably not.  If you're inclined, it would be helpful to send a patch
to the vulnerabilities file with the right pattern, and a commit message
that explains why the new value is right.

Attachment: pgpQqIJIDDeKy.pgp
Description: PGP signature

Home | Main Index | Thread Index | Old Index