XMPP Service Operators

tom 01:15:24.806113
will pkg audit catch this?
tom 01:20:49.302623
https://vuxml.freebsd.org/freebsd/3414ac89-4f9f-11f1-a1c0-0050569f0b83.html
tom 01:21:40.952075
strange, it says less then 1.30 is affected but 1.28 doesn't seem to be
tom 01:21:43.512492
https://vuxml.freebsd.org/freebsd/3414ac89-4f9f-11f1-a1c0-0050569f0b83.html
icebound.dev 09:54:01.894687
tom, if 1.28 is not affected then no
icebound.dev 09:54:07.007188
but afaik 1.28 *IS* affected
icebound.dev 09:54:18.853686
I looked into this on Debian for a project I help out
icebound.dev 09:54:31.925086
1.30.1+ and 1.31.0+ is the patched versions
icebound.dev 09:55:10.677829
~~pkg audit will flag any version below 1.30.1, so yes it will flag 1.28 and I think its rightfully~~ ✎
icebound.dev 09:55:13.226162
pkg audit will flag any version below 1.30.1, so yes it will flag 1.28 and I think its rightfully so ✏
icebound.dev 09:56:57.126064
tom, https://cgit.freebsd.org/ports/commit/?id=901ca63a3839d33d65e53a0417736e48af89e0d7 patch hit the port repo
icebound.dev 09:58:01.918909
its yet to be backported yet, so if you are running quarterly ports *you are vulnerable*