Re: cvs commit: ports/security/vuxml vuln.xml

On 30 April 2012 19:15, Xin Li <delphij@delphij.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On 04/30/12 11:08, Chris Rees wrote:
>> On 30 April 2012 17:51, Xin LI <delphij@freebsd.org> wrote:
>>> delphij =A0 =A0 2012-04-30 17:51:46 UTC
>>>
>>> FreeBSD ports repository
>>>
>>> Modified files: security/vuxml =A0 =A0 =A0 vuln.xml Log: Document samba
>>> incorrect permission checks vulnerability.
>>
>> + =A0 =A0 <range><gt>3.4.*</gt><lt>3.4.17</lt></range> + =A0 =A0 =A0</pa=
ckage> +
>> <package> + =A0 <name>samba35</name> +
>> <range><gt>3.5.*</gt><lt>3.5.15</lt></range> + =A0 =A0 =A0</package> +
>> <package> + =A0 <name>samba36</name> +
>> <range><gt>3.6.*</gt><lt>3.6.5</lt></range>
>>
>> Don't you want to use <ge /> for the minimum versions in each
>> range?
>
> That's a good question, frankly I'm not sure...
>
> I used gt here because * means -NaN to me (and there is no >=3D -NaN but
> only > -NaN), plus, older entries do this, too. =A0It would probably a
> good idea to use <ge>3.6.0<ge> instead, though.
>

Good point.  We're better off sticking with the former though--
<ge>3.6.0</ge> misses out 3.6.a etc of course.

Chris
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"