Date: Mon, 03 Sep 2018 01:45:13 +0000 From: bugzilla-noreply@freebsd.org To: multimedia@FreeBSD.org Subject: [Bug 227669] audio/libsndfile: vulnerabilities < 1.0.29 still not fixed Message-ID: <bug-227669-12827-1wak0GSOi3@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-227669-12827@https.bugs.freebsd.org/bugzilla/> References: <bug-227669-12827@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D227669 rkoberman@gmail.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |rkoberman@gmail.com --- Comment #3 from rkoberman@gmail.com --- Ports are not normally removed due to vulnerabilities. I have had ports tha= t I needed that had vulnerabilities for literally years. Since you must literal= ly disable vulnerability checks to install it and see the report in periodic l= ogs nightly, it is up to the person responsible for the system to check on the issue(s) and determine whether they are relevant to the us of the port in t= heir environment. In the case of libsnd, it is used by quite few ports and removing it would break a number of ports. Examples: twolame-0.3.13_4 wavegain-1.2.8 libsamplerate-0.1.9 speech-dispatcher-0.8.6 vamp-plugin-sdk-2.6 jackit-0.125.0_4 pulseaudio-11.1_1 audacity-2.2.2_3 I can't really operate without libsnfile. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-227669-12827-1wak0GSOi3>