pkgsrc-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

RE: pkg/48953: pkg audit showing erroneous CVE for nginx-1.5.12nb3 installed via pkgin



Ah, okay. It's just confusing when taken at face value. Thanks for the explanation.

Chris


> From: joerg%britannica.bec.de@localhost
> To: pkg-manager%netbsd.org@localhost; gnats-admin%netbsd.org@localhost; pkgsrc-bugs%netbsd.org@localhost; c.vv%outlook.com@localhost
> Subject: Re: pkg/48953: pkg audit showing erroneous CVE for nginx-1.5.12nb3 installed via pkgin
> CC:
> Date: Thu, 26 Jun 2014 14:05:01 +0000
>
> The following reply was made to PR pkg/48953; it has been noted by GNATS.
>
> From: Joerg Sonnenberger <joerg%britannica.bec.de@localhost>
> To: gnats-bugs%NetBSD.org@localhost
> Cc:
> Subject: Re: pkg/48953: pkg audit showing erroneous CVE for nginx-1.5.12nb3
> installed via pkgin
> Date: Thu, 26 Jun 2014 16:00:29 +0200
>
> On Thu, Jun 26, 2014 at 02:45:00AM +0000, c.vv%outlook.com@localhost wrote:
> > The CVE indicated applies to nginx versions .7.61 - .8.40 only
>
> While the CVE is somewhat silly, options for specifying the certificate
> chain for the reverse proxy only appeared recently in the development
> version.
>
> Joerg
>


Home | Main Index | Thread Index | Old Index