Date: Wed, 3 Jul 2013 13:45:54 +0700 From: Olivier Nicole <olivier.nicole@cs.ait.ac.th> To: Leslie Jensen <leslie@eskk.nu> Cc: freebsd-ports@freebsd.org Subject: Re: curl fails to upgrade on 9.1-RELEASE-p3 but succeeds on 8.3 Message-ID: <CA%2Bg%2BBvhWpKQ-C9XygpsNHa-4ELQHv3EBdngdQZCA=jaqMNFgtg@mail.gmail.com> In-Reply-To: <51D3BD22.6020506@eskk.nu> References: <51D3BD22.6020506@eskk.nu>
next in thread | previous in thread | raw e-mail | index | archive | help
Leslie, > ===> Cleaning for curl-7.24.0_4 > ===> curl-7.24.0_4 has known vulnerabilities: > curl-7.24.0_4 is vulnerable: > cURL library -- heap corruption in curl_easy_unescape It is nothing to do with 9.1, curl has a bug, period. If you still want to install that bogous version of curl (to my knowledge, the new unbogous one is not yet available), you have to desactivate the security check. I do that by removing /var/db/portaudit/auditfile.db (something like that). Note that doing that, you know and accept that you are installing as application that includes a security issue. best regards, Olivier > WWW: http://portaudit.FreeBSD.org/01cf67b3-dc3b-11e2-a6cd-c48508086173.html > => Please update your ports tree and try again. > *** [check-vulnerable] Error code 1 > > Stop in /usr/ports/ftp/curl. > *** [build] Error code 1 > > Stop in /usr/ports/ftp/curl. > > ===>>> make failed for ftp/curl > ===>>> Aborting update > > ===>>> Update for ftp/curl failed > ===>>> Aborting update > > ===>>> Killing background jobs > > > I've done this upgrade on a 8.3 system without problems, but it stops on my > 9.1 laptop. Ports tree is updated. > > /Leslie > _______________________________________________ > freebsd-ports@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ports > To unsubscribe, send any mail to "freebsd-ports-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2Bg%2BBvhWpKQ-C9XygpsNHa-4ELQHv3EBdngdQZCA=jaqMNFgtg>