Date: Thu, 28 Jul 2005 08:45:33 -0600 (MDT) From: Warren Block <wblock@wonkity.com> To: Viren Patel <virenp@mail.utexas.edu> Cc: freebsd-questions@freebsd.org, freebsd-ports@freebsd.org Subject: Re: apache13-modssl-1.3.33+2.8.22_1 port broken?? Message-ID: <20050728084428.J56124@wonkity.com> In-Reply-To: <37675.146.6.178.5.1122498494.squirrel@mail.cm.utexas.edu> References: <37675.146.6.178.5.1122498494.squirrel@mail.cm.utexas.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 27 Jul 2005, Viren Patel wrote: > I am trying to install apache+mod_ssl-1.3.33+2.8.22_1 and > get the following: > > #make > ===> apache+mod_ssl-1.3.33+2.8.22_1 has known > vulnerabilities: > => apache -- http request smuggling. > Reference: > <http://www.FreeBSD.org/ports/portaudit/651996e0-fe07-11d9-8329-000e0c2e438a.html>; > => Please update your ports tree and try again. > *** Error code 1 > > Stop in /usr/ports/www/apache13-modssl. > > I have updated the ports tree and the files directory > contains the patch for this vulnerability > (patch-secfix-CAN-2005-2088). > > I need to install this port urgently. What am I doing > wrong?? If the vulnerability has not been fixed, how can I > force install? TIA. # make -DDISABLE_VULNERABILITIES will override portaudit. -Warren Block * Rapid City, South Dakota USA
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050728084428.J56124>