From owner-freebsd-security Wed Feb 27 15: 4:30 2002 Delivered-To: freebsd-security@freebsd.org Received: from peitho.fxp.org (peitho.fxp.org [209.26.95.40]) by hub.freebsd.org (Postfix) with ESMTP id 87D4237B432 for ; Wed, 27 Feb 2002 15:03:33 -0800 (PST) Received: by peitho.fxp.org (Postfix, from userid 1501) id 2222C1366A; Wed, 27 Feb 2002 18:03:33 -0500 (EST) Date: Wed, 27 Feb 2002 18:03:33 -0500 From: Chris Faulhaber To: Michael Sharp Cc: security@FreeBSD.ORG Subject: Re: cvsup Message-ID: <20020227230332.GA42263@peitho.fxp.org> References: <200202272251.g1RMpor35924@probsd.ws> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="qMm9M+Fa2AknHoGS" Content-Disposition: inline In-Reply-To: <200202272251.g1RMpor35924@probsd.ws> User-Agent: Mutt/1.3.24i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --qMm9M+Fa2AknHoGS Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable This is actually more of a -ports question... On Wed, Feb 27, 2002 at 05:51:50PM -0500, Michael Sharp wrote: > I ran cvsup on ports 20 minutes ago and noticed that new Makefiles were= =20 > pulled down for mod_php3 and mod_php4. I then ran portsdb -U to update th= e=20 > INDEX file, but portversion shows that the new Makefiles didnt change the= =20 > version number. >=20 > So my question is this... was this the fix for the PHP issue, and all I n= eed=20 > to do new is cd to the mod_php4 directory and run 'make deinstall distcle= an',=20 > then do a 'make install' in mod_php4 to rebuild with the new changes? >=20 I committed an update earlier marking the ports as FORBIDDEN due to the security issue until the maintainer update the ports. The maintainer updated the ports to the non-vulnerable versions about 1/2 hour ago. Chances are you only received the FORBIDDEN update and may have to way up to another 1/2 hour until the newer changes have propagated. To check, see if the ports are marked with a FORBIDDEN line. You may also use cvsweb: http://www.freebsd.org/cgi/cvsweb.cgi/ports/www/mod_php3/ http://www.freebsd.org/cgi/cvsweb.cgi/ports/www/mod_php4/ to see if the Makefile in your ports tree matches the newest version in the repository. --=20 Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org --qMm9M+Fa2AknHoGS Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: FreeBSD: The Power To Serve iEYEARECAAYFAjx9ZcQACgkQObaG4P6BelDN4QCfXr0WuiGsL1TPmXS19X0Y7QJV Le8An1I/Gg3+GjM5NvOnZd/mblpWGrkg =z6rI -----END PGP SIGNATURE----- --qMm9M+Fa2AknHoGS-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message