portaudit: xfce vulnerabilities

It seems that there is a mistake on this page:
http://www.freebsd.org/ports/por
taudit/024edd06-c933-11dc-810c-0016179b2dd5.html

All reference URLs say that the vulnerability existed before
version
4.4.2 and it is fixed in version 4.4.2.
But affected version are described as:
xfce4-panel >4.4.1_1
libxfce4gui >4.4.1_1

Shouldn't there be "equal or less" instead of
"greater"?

-- 
Andriy Gapon
_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-secu
rity
To unsubscribe, send any mail to
"freebsd-security-unsubscribefreebsd.org"

On Wed, February 13, 2008 2:42 pm, Andriy Gapon wrote:
>
> It seems that there is a mistake on this page:
> http://www.freebsd.org/ports/por
taudit/024edd06-c933-11dc-810c-0016179b2dd5.html
>
> All reference URLs say that the vulnerability existed
before version
> 4.4.2 and it is fixed in version 4.4.2.
> But affected version are described as:
> xfce4-panel >4.4.1_1
> libxfce4gui >4.4.1_1
>
> Shouldn't there be "equal or less" instead of
"greater"?
>
> --
> Andriy Gapon
> _______________________________________________

Hey Andriy,

Thanks for the report, from what I know miwi was going to
look at this to
match <lt>4.4.2</lt> so that nothing else is
affected..

Cheers
remko

-- 
/"   Best regards,                      | remkoFreeBSD.org
 /   Remko Lodder                       | remkoEFnet
 X    http://www.evilcoder.org/          |
/    ASCII Ribbon Campaign              | Against HTML Mail
and News


_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-secu
rity
To unsubscribe, send any mail to
"freebsd-security-unsubscribefreebsd.org"

on 14/02/2008 08:49 Remko Lodder said the following:
> On Wed, February 13, 2008 2:42 pm, Andriy Gapon wrote:
>> It seems that there is a mistake on this page:
>> http://www.freebsd.org/ports/por
taudit/024edd06-c933-11dc-810c-0016179b2dd5.html
>>
>> All reference URLs say that the vulnerability
existed before version
>> 4.4.2 and it is fixed in version 4.4.2.
>> But affected version are described as:
>> xfce4-panel >4.4.1_1
>> libxfce4gui >4.4.1_1
>>
>> Shouldn't there be "equal or less"
instead of "greater"?
>>
>> --
>> Andriy Gapon
>> _______________________________________________
> 
> Hey Andriy,
> 
> Thanks for the report, from what I know miwi was going
to look at this to
> match <lt>4.4.2</lt> so that nothing else
is affected..

Remko, thanks, this makes more sense.
Though, could this process be sped up a tiny bit?
I am sure this is confusing users trying to upgrade from the
vulnerable
version.

-- 
Andriy Gapon
_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-secu
rity
To unsubscribe, send any mail to
"freebsd-security-unsubscribefreebsd.org"