Date: Sat, 25 Jun 2005 14:35:03 +0200 From: =?ISO-8859-1?Q?K=F6vesd=E1n_G=E1bor?= <gabor.kovesdan@t-hosting.hu> To: Fracesco Cecconi <brand@securityitaly.org> Cc: freebsd-bugs@freebsd.org Subject: Re: ERROR Report!! Message-ID: <42BD4F77.1080601@t-hosting.hu> In-Reply-To: <200506251406.48677.brand@securityitaly.org> References: <200506251406.48677.brand@securityitaly.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Fracesco Cecconi wrote: >HI, > >Error reinstall ruby! > >lang/ruby18/make reinstall > >===> ruby-1.8.2_3 has known vulnerabilities: >=> ruby -- arbitrary command execution on XMLRPC server. > Reference: ><http://www.FreeBSD.org/ports/portaudit/594eb447-e398-11d9-a8bd-000cf18bbe54.html> >=> Please update your ports tree and try again. >*** Error code 1 > >Stop in /usr/ports/lang/ruby18. >*** Error code 1 > >Stop in /usr/ports/lang/ruby18. > > >The ports tree is update!!! > >Francesco Cecconi >_______________________________________________ >freebsd-bugs@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-bugs >To unsubscribe, send any mail to "freebsd-bugs-unsubscribe@freebsd.org" > > Hi, there is a utility, called portaudit, which notifies You about the packages, that have security issues. You can see here that ruby has an arbitrary command execution error, and its use is unsafe, that's why You couldn't installed it. If You want to install it anyway You should remove portaudit, or edit your portaudit.conf file to ignore that vulnerability. Anyway, You should have read the message first and asked via freebsd-questions@ or via freebsd-stable@ instead of sebding a false error report. Cheers, Gábor Kövesdán
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42BD4F77.1080601>