NetBSD Problem Report #54685

From www@netbsd.org  Fri Nov  8 21:52:08 2019
Return-Path: <www@netbsd.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id E75517A1C1
	for <gnats-bugs@gnats.NetBSD.org>; Fri,  8 Nov 2019 21:52:07 +0000 (UTC)
Message-Id: <20191108215207.15DC77A284@mollari.NetBSD.org>
Date: Fri,  8 Nov 2019 21:52:07 +0000 (UTC)
From: jlmuir@imca-cat.org
Reply-To: jlmuir@imca-cat.org
To: gnats-bugs@NetBSD.org
Subject: Website list of security advisories by release not up to date
X-Send-Pr-Version: www-1.0

>Number:         54685
>Category:       security
>Synopsis:       Website list of security advisories by release not up to date
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    security-officer
>State:          closed
>Class:          doc-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Nov 08 21:55:00 +0000 2019
>Closed-Date:    Sat Apr 17 07:39:55 +0000 2021
>Last-Modified:  Sat Apr 17 07:39:55 +0000 2021
>Originator:     J. Lewis Muir
>Release:        8.1
>Organization:
>Environment:
>Description:
At

  http://netbsd.org/support/security/

in the "Advisories by NetBSD Releases" section, the pages for the NetBSD 8.1, 8.0, 7.2, and 7.1.2 links say, "None yet," but I don't think that's correct; there *have* been advisories for those.

For example, NetBSD-SA2019-004

  http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2019-004.txt.asc

says that NetBSD 8.1 is affected.

And NetBSD-SA2019-003

  http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2019-003.txt.asc

says that NetBSD 8.0, 7.2, and 7.1.2 are affected.
>How-To-Repeat:

>Fix:
Remove the "Advisories by NetBSD Releases" section and linked pages, or update the linked pages to contain the advisories that affect them.

>Release-Note:

>Audit-Trail:
From: "Martin Husemann" <martin@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/54685 CVS commit: htdocs/support/security
Date: Wed, 13 Nov 2019 15:49:52 +0000

 Module Name:	htdocs
 Committed By:	martin
 Date:		Wed Nov 13 15:49:52 UTC 2019

 Modified Files:
 	htdocs/support/security: patches-7.1.2.xml patches-7.2.xml
 	    patches-8.0.xml patches-8.1.xml

 Log Message:
 PR 54685: fix per-release references to SAs


 To generate a diff of this commit:
 cvs rdiff -u -r1.1 -r1.2 htdocs/support/security/patches-7.1.2.xml \
     htdocs/support/security/patches-7.2.xml \
     htdocs/support/security/patches-8.0.xml \
     htdocs/support/security/patches-8.1.xml

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

State-Changed-From-To: open->closed
State-Changed-By: maya@NetBSD.org
State-Changed-When: Sat, 17 Apr 2021 07:39:55 +0000
State-Changed-Why:
This problem appears to be fixed. Let me know if it is wrong.


>Unformatted:

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: gnats-precook-prs,v 1.4 2018/12/21 14:20:20 maya Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2017 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.