Re: all versions of www/links flagged in pkg-vulnerabilities

To: "Kevin J. Woolley" <kjw%doglet.ca@localhost>
Subject: Re: all versions of www/links flagged in pkg-vulnerabilities
From: Greg Troxel <gdt%ir.bbn.com@localhost>
Date: Mon, 09 Mar 2015 11:24:03 -0400

"Kevin J. Woolley" <kjw%doglet.ca@localhost> writes:

> From pkg-vulnerabilities:
>
> links{,-gui}-[0-9]*	remote-spoofing		http://secunia.com/advisories/33391/
>
> The linked advisory is from 2009 and concerns links 2.2. links 2.9 was
> released in late 2014 and I haven't found any advisories for that
> version (though it is hard to Google, admittedly). Is there still a
> reason to have all versions of links blocked?

Probably not.  If you're inclined, it would be helpful to send a patch
to the vulnerabilities file with the right pattern, and a commit message
that explains why the new value is right.

Attachment: pgpQqIJIDDeKy.pgp
Description: PGP signature

References:
- all versions of www/links flagged in pkg-vulnerabilities
  - From: Kevin J. Woolley

Prev by Date: Re: ap mod_secure
Next by Date: Re: games/wesnoth
Previous by Thread: all versions of www/links flagged in pkg-vulnerabilities
Next by Thread: python setup utils problems
Indexes:

Home | Main Index | Thread Index | Old Index