Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Could you create a version fix 3.3.1 & 6.3.1? - Backtrack vulnerable version update #328

Closed
Gjomesquita opened this issue Sep 17, 2024 · 1 comment
Closed

Could you create a version fix 3.3.1 & 6.3.1? - Backtrack vulnerable version update #328

Gjomesquita opened this issue Sep 17, 2024 · 1 comment

Comments

@Gjomesquita
Copy link

Gjomesquita commented Sep 17, 2024
edited
Loading

Hey there people! I have a situation here...
Since the vulnerable fix version was created with the same version number as it were before the vulnerability fix, some vulnerability checkers (nvd.nist.gov) are still considering as a broken version.
Would be a problem to generate a fix version with different number? 3.3.1 & 6.3.1
https://nvd.nist.gov/vuln/detail/CVE-2024-45296
@blakeembrey
Copy link
Member

blakeembrey commented Sep 17, 2024
edited
Loading

No, the fixes were already released. This would need to be fixed in the vulnerability checker since I don't see how releasing another version would fix this now.

Since the vulnerable fix version was created with the same version number as it were before the vulnerability fix

This isn't possible if I'm reading this correctly. You can't release the same version with different code multiple times. The fixes were released a minor versions.

@mtrefzer mtrefzer mentioned this issue Sep 21, 2024
Closed
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@blakeembrey @Gjomesquita