correct the tomcat entry (change the ,5 to _5 since we talk about PORTREVISION

instead of PORTEPOCH) [1]

correct the jdk -- jar directory traversal vulnerability entry, the
FreeBSD Foundation uses different package names [2], [3].

For both entries the modification date was bumped.

Reported by:		Gabor Kovesdan (on #bsdports) [1]
			David Robillard <david dot robillard at gmail dot com> [2]
			Tim Zingelman <zingelman at fnal dot gov>

1 files changed, 7 insertions, 3 deletions

diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 5835d961fd56..bfb694333258 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -12541,7 +12541,7 @@ Note:  Please add new entries to the beginning of this file.
     <affects>
       <package>
 	<name>jakarta-tomcat</name>
-	<range><ge>5.0.*</ge><lt>5.0.30,5</lt></range>
+	<range><ge>5.0.*</ge><lt>5.0.30_5</lt></range>
 	<range><ge>5.5.*</ge><lt>5.5.7</lt></range>
       </package>
     </affects>
@@ -12559,7 +12559,7 @@ Note:  Please add new entries to the beginning of this file.
     <dates>
       <discovery>2005-01-03</discovery>
       <entry>2005-06-01</entry>
-      <modified>2006-09-11</modified>
+      <modified>2006-09-12</modified>
     </dates>
   </vuln>
 
@@ -13710,6 +13710,10 @@ Note:  Please add new entries to the beginning of this file.
 	<range><le>1.3.1.0_1</le></range>
       </package>
       <package>
+	<name>diablo-jdk-freebsd6</name>
+	<range><le>i386.1.5.0.07.00</le></range>
+      </package>
+      <package>
 	<name>linux-jdk</name>
 	<range><ge>0</ge></range>
       </package>
@@ -13736,7 +13740,7 @@ Note:  Please add new entries to the beginning of this file.
     <dates>
       <discovery>2005-04-11</discovery>
       <entry>2005-04-16</entry>
-      <modified>2005-05-02</modified>
+      <modified>2006-09-12</modified>
     </dates>
   </vuln>