Date: Thu, 4 Sep 2008 11:48:26 -0400 From: Thomas Abthorpe <tabthorpe@freebsd.org> To: freebsd-ports@freebsd.org Cc: Morgan =?iso-8859-1?q?Wesstr=F6m?= <freebsd-ports@pp.dyndns.biz>, Miroslav Lachman <000.fbsd@quip.cz> Subject: Re: Stop in /usr/ports/sysutils/php5-posix. Message-ID: <200809041148.36047.tabthorpe@freebsd.org> In-Reply-To: <48C0010C.4010006@quip.cz> References: <48BFDA10.60701@pp.dyndns.biz> <48C0010C.4010006@quip.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday 04 September 2008 11:38:52 Miroslav Lachman wrote: > Morgan Wesström wrote: > > Portaudit has complained for a few days about vulnerabilities in > > sysutils/php5-posix but there seems to be no update yet. When I now try > > to recompile all my ports with portmaster it stops with an error when it > > reaches this port. > > > > ===> php5-posix-5.2.6_1 has known vulnerabilities: > > => php -- input validation error in posix_access function. > > Reference: > > <http://www.FreeBSD.org/ports/portaudit/ee6fa2bd-406a-11dd-936a-0015af872 > >849.html> > > > > => Please update your ports tree and try again. > > *** Error code 1 > > > > > > How do I continue? Is there anyway I can force portmaster to skip this > > port and continue where it left off or do I have to deinstall it and > > recompile everything all over again? > > You can recompile / install vulnerable applications by giving portmaster > option: -m "DISABLE_VULNERABILITIES=yes". > !!You are using it at your own risk!! > > If you don't need php5-posix, it is better to deinstall it and uncheck > from php5-extensions (with `make config` in > /usr/ports/lang/php5-extensions) > > Miroslav Lachman php5-posix was only marked safe within the last couple of hours, you can verify that the build is updated at http://www.vuxml.org and then run portaudit -F to refresh the database. Thomas - -- Thomas Abthorpe | FreeBSD Committer tabthorpe@FreeBSD.org | http://people.freebsd.org/~tabthorpe -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) iEUEARECAAYFAkjAA1QACgkQ5Gm/jNBp8qCOKQCXcNO8G/g+yNXGX4WvKE0t3BE9 BwCdFZzaHYK2zNn6yfBSyZ5MDJHwpYU= =50kg -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200809041148.36047.tabthorpe>