Date: Thu, 25 Sep 2008 12:53:38 +0200 From: "Spil Oss" <spil.oss@googlemail.com> To: freebsd-ports@freebsd.org, brix@freebsd.org Subject: [irc/bitlbee] security and new version 1.2.3 Message-ID: <5fbf03c20809250353w6ec8e896tda71653f5f633de6@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi all,
Changelog of bitlbee 1.2.2 to 1.2.3
Version 1.2.3 (released 2008-09-07) hilights:
* Fixed a security issue similar to the previous account
overwrite/hijack bug.
My guess is that the port hasn't been updated due to the ports-freeze.
Should it be because there's a security fix?
The security issue isn't exploitable on my machine but I upgraded the
port anyway.
cd /usr/ports/distfiles
fetch http://get.bitlbee.org/src/bitlbee-1.2.3.tar.gz
cd /usr/ports/irc/bitlbee
sed -i .bak -e 's/1.2.2/1.2.3/' Makefile
make makesum
make && make deinstall && make reinstall
/usr/local/etc/rc.d/bitlbee restart
Since then running without any issues.
Kind regards,
Spil.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5fbf03c20809250353w6ec8e896tda71653f5f633de6>