Date: Wed, 1 Feb 2006 09:47:24 -0600 From: Mark Lubratt <mark.lubratt@indeq.com> To: freebsd-questions@freebsd.org Subject: Openfoam/Paraview - linux-tiff security vulnerabilities Message-ID: <35EE547A-1BDB-4623-8B1A-9941B1F80770@indeq.com>
next in thread | raw e-mail | index | archive | help
Hello!
I'm trying to install the OpenFoam port on 6.0 Stable with he current
ports tree. During the install, I get the following errors from the
paraview dependency:
Verifying install for /usr/local/lib/paraview-2.4/
ParaViewConfig.cmake i
n /usr/ports/science/paraview
===> paraview-2.4.2 has known vulnerabilities:
=> tiff -- buffer overflow vulnerability.
Reference: <http://www.FreeBSD.org/ports/portaudit/
68222076-010b-11da-bc08-00
01020eed82.html>
=> tiff -- divide-by-zero denial-of-service.
Reference: <http://www.FreeBSD.org/ports/portaudit/
b58ff497-6977-11d9-ae49-00
0c41e2cdad.html>
=> tiff -- directory entry count integer overflow vulnerability.
Reference: <http://www.FreeBSD.org/ports/portaudit/
fc7e6a42-6012-11d9-a9e7-00
01020eed82.html>
=> tiff -- multiple integer overflows.
Reference: <http://www.FreeBSD.org/ports/portaudit/
3897a2f8-1d57-11d9-bc4a-00
0c41e2cdad.html>
=> tiff -- RLE decoder heap overflows.
Reference: <http://www.FreeBSD.org/ports/portaudit/
f6680c03-0bd8-11d9-8a8a-00
0c41e2cdad.html>
=> Please update your ports tree and try again.
I've updated the ports tree multiple times. I've perused the
archives and found that all of these vulnerabilities should already
be fixed (to the best of my understanding). Portaudit doesn't report
the current linux-tiff-3.6.1_5 has having these vulnerabilities.
I've tried deinstalling and reinstalling linux-tiff. Portversion
reports that linux-tiff is up to date.
I'm not sure what to do next, or how to get around this error. Any
help would be appreciated!
Thanks!
Mark
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?35EE547A-1BDB-4623-8B1A-9941B1F80770>