Date: Sat, 6 May 2017 10:32:57 +0200 From: Jos Chrispijn <bsdports@cloudzeeland.nl> To: Kevin Oberman <rkoberman@gmail.com> Cc: Adam Weinberger <adamw@adamw.org>, mokhi <mokhi64@gmail.com>, FreeBSD Ports ML <freebsd-ports@freebsd.org> Subject: Re: ICU Portupdate faulty Message-ID: <ccbb5c6d-00fa-bb45-43fd-25f4f31320b0@cloudzeeland.nl> In-Reply-To: <CAN6yY1v-OkQCGMdADXQO_HFTfCS5=n9xZpkSH7xGYa%2ByMEGnuQ@mail.gmail.com> References: <1c87d7b6-54f7-77f0-7476-338bd24aee54@cloudzeeland.nl> <CAByVWPVRp4PnW0Fm26aL_TW4R9BUtOQvn9XEEaQtJFqHMz3xaA@mail.gmail.com> <8d3c7d80-d51e-3743-eb41-d6633c498153@cloudzeeland.nl> <CAByVWPUeeCDcNo8d8OW3EJo2S5VzENukkvAYrYzObjnix6vggA@mail.gmail.com> <06F34A01-9844-48E2-8ED4-FA148BC426C8@adamw.org> <360f4dc3-c97a-592d-c321-5ce591c89193@cloudzeeland.nl> <CAN6yY1v-OkQCGMdADXQO_HFTfCS5=n9xZpkSH7xGYa%2ByMEGnuQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks y'all for your support - this was a real eye opener. Best regards, Jos Op 5-5-2017 om 19:19 schreef Kevin Oberman: > On Fri, May 5, 2017 at 6:37 AM, Jos Chrispijn > <bsdports@cloudzeeland.nl <mailto:bsdports@cloudzeeland.nl>> wrote: > > > Op 5-5-2017 om 18:05 schreef Adam Weinberger: > > On 5 May, 2017, at 9:48, mokhi <mokhi64@gmail.com > <mailto:mokhi64@gmail.com>> wrote: > > Well, as I can see here < > http://www.freshports.org/devel/icu/ > <http://www.freshports.org/devel/icu/>; > an > older version of this port is vulnerable not current version. > Maybe by updating your tree your problem will be solved :-] > > Yes, this is the correct answer. After icu got patched, the > VuXML entry was lowered to mark 58.2_2,1 as non-vulnerable. > Jos, it sounds like your ports tree is after the icu update > but before the VuXML modification. Update your ports tree to > bring in the new VuXML file and you should be good. > > Adam, perhaps I am missing the clue here: > > - I had the correct updated version in my ports collection > - Updating the vulnerable installed icu version with that version > should not provide the Vulnerability message as that version is > updates with the correct version in my icu port. > > In my case, Jim's suggestion to use "DISABLE_VULNERABILITIES=yes" > was the only way of getting my faulty icu version updated to the > version that is in my port. > > Kind of confused, > Jos > > > The VuXML DB is not a part of the ports tree. It is usually updated by > the nightly periodic script, but you can manually fetch it with "pkg > audit -F -q". > -- > Kevin Oberman, Part time kid herder and retired Network Engineer > E-mail: rkoberman@gmail.com <mailto:rkoberman@gmail.com> > PGP Fingerprint: D03FB98AFA78E3B78C1694B318AB39EF1B055683
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ccbb5c6d-00fa-bb45-43fd-25f4f31320b0>