pkgsrc-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
RE: pkg/48953: pkg audit showing erroneous CVE for nginx-1.5.12nb3 installed via pkgin
The following reply was made to PR pkg/48953; it has been noted by GNATS.
From: Chris Van Vorous <c.vv%outlook.com@localhost>
To: "gnats-bugs%NetBSD.org@localhost" <gnats-bugs%netbsd.org@localhost>,
"pkg-manager%netbsd.org@localhost"
<pkg-manager%netbsd.org@localhost>, "gnats-admin%netbsd.org@localhost"
<gnats-admin%netbsd.org@localhost>,
"pkgsrc-bugs%netbsd.org@localhost" <pkgsrc-bugs%netbsd.org@localhost>
Cc:
Subject: RE: pkg/48953: pkg audit showing erroneous CVE for nginx-1.5.12nb3
installed via pkgin
Date: Thu, 26 Jun 2014 12:31:39 -0600
--_60c92642-7d6a-4f51-bafa-96cf75dc6a9d_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Ah=2C okay. It's just confusing when taken at face value. Thanks for the ex=
planation.
Chris
> From: joerg%britannica.bec.de@localhost
> To: pkg-manager%netbsd.org@localhost=3B gnats-admin%netbsd.org@localhost=3B
> pkgsrc-bugs@netbs=
d.org=3B c.vv%outlook.com@localhost
> Subject: Re: pkg/48953: pkg audit showing erroneous CVE for nginx-1.5.12n=
b3 installed via pkgin
> CC:=20
> Date: Thu=2C 26 Jun 2014 14:05:01 +0000
>=20
> The following reply was made to PR pkg/48953=3B it has been noted by GNAT=
S.
>=20
> From: Joerg Sonnenberger <joerg%britannica.bec.de@localhost>
> To: gnats-bugs%NetBSD.org@localhost
> Cc:=20
> Subject: Re: pkg/48953: pkg audit showing erroneous CVE for nginx-1.5.12n=
b3
> installed via pkgin
> Date: Thu=2C 26 Jun 2014 16:00:29 +0200
>=20
> On Thu=2C Jun 26=2C 2014 at 02:45:00AM +0000=2C c.vv%outlook.com@localhost
> wrote:
> > The CVE indicated applies to nginx versions .7.61 - .8.40 only
> =20
> While the CVE is somewhat silly=2C options for specifying the certificat=
e
> chain for the reverse proxy only appeared recently in the development
> version.
> =20
> Joerg
> =20
=
--_60c92642-7d6a-4f51-bafa-96cf75dc6a9d_
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<html>
<head>
<style><!--
.hmmessage P
{
margin:0px=3B
padding:0px
}
body.hmmessage
{
font-size: 12pt=3B
font-family:Calibri
}
--></style></head>
<body class=3D'hmmessage'><div dir=3D'ltr'><font style=3D"" face=3D"Calibri=
">Ah=2C okay. It's just confusing when taken at face value. Thanks for the =
explanation.<br><br>Chris<br id=3D"FontBreak"></font><br><br><div>>=3B Fr=
om: joerg%britannica.bec.de@localhost<br>>=3B To:
pkg-manager%netbsd.org@localhost=3B gnats-a=
dmin%netbsd.org@localhost=3B pkgsrc-bugs%netbsd.org@localhost=3B
c.vv%outlook.com@localhost<br>>=3B Sub=
ject: Re: pkg/48953: pkg audit showing erroneous CVE for nginx-1.5.12nb3 in=
stalled via pkgin<br>>=3B CC: <br>>=3B Date: Thu=2C 26 Jun 2014 14:05:0=
1 +0000<br>>=3B <br>>=3B The following reply was made to PR pkg/48953=
=3B it has been noted by GNATS.<br>>=3B <br>>=3B From: Joerg Sonnenberg=
er <=3Bjoerg%britannica.bec.de@localhost>=3B<br>>=3B To:
gnats-bugs%NetBSD.org@localhost<=
br>>=3B Cc: <br>>=3B Subject: Re: pkg/48953: pkg audit showing erroneou=
s CVE for nginx-1.5.12nb3<br>>=3B installed via pkgin<br>>=3B Date: Th=
u=2C 26 Jun 2014 16:00:29 +0200<br>>=3B <br>>=3B On Thu=2C Jun 26=2C 2=
014 at 02:45:00AM +0000=2C c.vv%outlook.com@localhost wrote:<br>>=3B >=3B
The CV=
E indicated applies to nginx versions .7.61 - .8.40 only<br>>=3B <br>>=
=3B While the CVE is somewhat silly=2C options for specifying the certific=
ate<br>>=3B chain for the reverse proxy only appeared recently in the de=
velopment<br>>=3B version.<br>>=3B <br>>=3B Joerg<br>>=3B <br><=
/div> </div></body>
</html>=
--_60c92642-7d6a-4f51-bafa-96cf75dc6a9d_--
Home |
Main Index |
Thread Index |
Old Index