NetBSD Problem Report #54685
From www@netbsd.org Fri Nov 8 21:52:08 2019
Return-Path: <www@netbsd.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
by mollari.NetBSD.org (Postfix) with ESMTPS id E75517A1C1
for <gnats-bugs@gnats.NetBSD.org>; Fri, 8 Nov 2019 21:52:07 +0000 (UTC)
Message-Id: <20191108215207.15DC77A284@mollari.NetBSD.org>
Date: Fri, 8 Nov 2019 21:52:07 +0000 (UTC)
From: jlmuir@imca-cat.org
Reply-To: jlmuir@imca-cat.org
To: gnats-bugs@NetBSD.org
Subject: Website list of security advisories by release not up to date
X-Send-Pr-Version: www-1.0
>Number: 54685
>Category: security
>Synopsis: Website list of security advisories by release not up to date
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: security-officer
>State: closed
>Class: doc-bug
>Submitter-Id: net
>Arrival-Date: Fri Nov 08 21:55:00 +0000 2019
>Closed-Date: Sat Apr 17 07:39:55 +0000 2021
>Last-Modified: Sat Apr 17 07:39:55 +0000 2021
>Originator: J. Lewis Muir
>Release: 8.1
>Organization:
>Environment:
>Description:
At
http://netbsd.org/support/security/
in the "Advisories by NetBSD Releases" section, the pages for the NetBSD 8.1, 8.0, 7.2, and 7.1.2 links say, "None yet," but I don't think that's correct; there *have* been advisories for those.
For example, NetBSD-SA2019-004
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2019-004.txt.asc
says that NetBSD 8.1 is affected.
And NetBSD-SA2019-003
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2019-003.txt.asc
says that NetBSD 8.0, 7.2, and 7.1.2 are affected.
>How-To-Repeat:
>Fix:
Remove the "Advisories by NetBSD Releases" section and linked pages, or update the linked pages to contain the advisories that affect them.
>Release-Note:
>Audit-Trail:
From: "Martin Husemann" <martin@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/54685 CVS commit: htdocs/support/security
Date: Wed, 13 Nov 2019 15:49:52 +0000
Module Name: htdocs
Committed By: martin
Date: Wed Nov 13 15:49:52 UTC 2019
Modified Files:
htdocs/support/security: patches-7.1.2.xml patches-7.2.xml
patches-8.0.xml patches-8.1.xml
Log Message:
PR 54685: fix per-release references to SAs
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 htdocs/support/security/patches-7.1.2.xml \
htdocs/support/security/patches-7.2.xml \
htdocs/support/security/patches-8.0.xml \
htdocs/support/security/patches-8.1.xml
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: open->closed
State-Changed-By: maya@NetBSD.org
State-Changed-When: Sat, 17 Apr 2021 07:39:55 +0000
State-Changed-Why:
This problem appears to be fixed. Let me know if it is wrong.
>Unformatted:
(Contact us)
$NetBSD: gnats-precook-prs,v 1.4 2018/12/21 14:20:20 maya Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2017
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.