Date: Sat, 21 May 2005 13:29:11 +0000 From: Robert S <robert.spam.me.senseless@gmail.com> To: freebsd-questions@freebsd.org Subject: portaudit: recommended packages can't be installed Message-ID: <7093dffb05052106296c487773@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
8I've just started playing around with FreeBSD. One of my main priorities of an OS is ease of upgrading. If I run portaudit, I get a list of insecure packages (here is an excerpt from the output): Affected package: firefox-1.0.3,1 Type of problem: mozilla -- code execution via javascript: IconURL vulnerability. Reference: <http://www.FreeBSD.org/ports/portaudit/eca6195a-c233-11d9-804c-= 02061b08fc24.html> Affected package: kdelibs-3.4.0_1 Type of problem: kdelibs -- kimgio input validation errors. Reference: <http://www.FreeBSD.org/ports/portaudit/06404241-b306-11d9-a788-= 0001020eed82.html> 4 problem(s) in your installed packages found. You are advised to update or deinstall the affected package(s) immediately. freebsd # If I try to replace kdelibs with a binary package, or install it through ports (after doing a cvsup), I still get verion 3.4.0_1. Are fixes not necessarily made available when security vulnerabilities are found? Also -- is there a similar utility to portaudit and freebsd-update, that can be used on the base operating system (not through ports)?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7093dffb05052106296c487773>