From owner-freebsd-ports@FreeBSD.ORG  Wed Apr 30 06:17:06 2008
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: freebsd-ports@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 25366106567B
	for <freebsd-ports@freebsd.org>; Wed, 30 Apr 2008 06:17:06 +0000 (UTC)
	(envelope-from david@wood2.org.uk)
Received: from v-smtp-auth-relay-1.gradwell.net
	(v-smtp-auth-relay-1.gradwell.net [79.135.125.40])
	by mx1.freebsd.org (Postfix) with ESMTP id 98A5F8FC0C
	for <freebsd-ports@freebsd.org>; Wed, 30 Apr 2008 06:17:05 +0000 (UTC)
	(envelope-from david@wood2.org.uk)
Received: from argon.wood2.org.uk ([82.71.104.124] country=GB
	ident=postmaster$pop3#wood2#org*uk)
	by v-smtp-auth-relay-1.gradwell.net with esmtpa (Gradwell gwh-smtpd
	1.290) id 48180edb.7b20.e34; Wed, 30 Apr 2008 07:16:59 +0100
	(envelope-sender <david@wood2.org.uk>)
Message-ID: <cs9X3APy5AGIFA6Y@wood2.org.uk>
Date: Wed, 30 Apr 2008 07:15:14 +0100
To: Frank <frank_s@bellsouth.net>
From: David Wood <david@wood2.org.uk>
References: <20080429205639.F1229@Ace.nina.org>
	<44fxt4azyy.fsf@Lowell-Desk.lan> <20080429214050.L1229@Ace.nina.org>
In-Reply-To: <20080429214050.L1229@Ace.nina.org>
MIME-Version: 1.0
Content-Type: text/plain;charset=us-ascii;format=flowed
User-Agent: Turnpike/6.06-M (<+nhRuLNS5oZIqwOH7WWZxwfp$O>)
Cc: Lowell Gilbert <freebsd-ports-local@be-well.ilk.org>,
	freebsd-ports@freebsd.org
Subject: Re: Failed upgrade of png
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Apr 2008 06:17:06 -0000

Hi Frank and all,

In message <20080429214050.L1229@Ace.nina.org>, Frank 
<frank_s@bellsouth.net> writes
>On Tue, 29 Apr 2008, Lowell Gilbert wrote:
>
>> Frank <frank_s@bellsouth.net> writes:
>>
>>> The advisory affects png < 1.2.7 so why do I get this?
>>
>> Because the problem is multimedia/avifile,
>> not graphics/png?
>
>Not according to the error message.
>
>===>  png-1.2.27 has known vulnerabilities:
>=> png -- unknown chunk processing uninitialized memory access.
>   Reference: 
><http://www.FreeBSD.org/ports/portaudit/57c705d6-12ae-11dd-bab7-0016179b
>2dd5.html>

Your vulnerability database hasn't been updated. vuxml was updated after 
the fix was committed to show that 1.2.27 has this issue resolved.

portaudit -F will do the necessary.


Best wishes,




David
-- 
David Wood
david@wood2.org.uk