[kde-freebsd] false CVE positive for kdewebdev ?
Rene Ladan
r.c.ladan at gmail.com
Tue Jul 22 08:30:34 CEST 2008
Hi,
it seems the vulnerability database has a false positive for kdewebdev :
from my daily security check:
> Affected package: kdewebdev-4.0.98
> Type of problem: kdewebdev -- kommander untrusted code execution vulnerability.
> Reference: <http://www.FreeBSD.org/ports/portaudit/91f1adc7-b3e9-11d9-a788-0001020eed82.html>
But according to the website:
> References:
> * CVE name CVE-2005-0754
> * URL: <http://www.kde.org/info/security/advisory-20050420-1.txt>
> Affects:
> * kdewebdev <3.4.0_1,2
i.e.this should not afffect version 4.0.98
Maybe this is because kde4 is not in the main ports tree?
Regards,
Rene
--
http://www.rene-ladan.nl/
GPG fingerprint = E738 5471 D185 7013 0EE0 4FC8 3C1D 6F83 12E1 84F6 (subkeys.pgp.net)
More information about the kde-freebsd
mailing list