Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 31 Dec 2008 06:47:28 +0100 (CET)
From:      linimon@FreeBSD.org
To:        ports@FreeBSD.org
Subject:   FreeBSD ports which are currently marked forbidden
Message-ID:  <20081231054728.4F1451CC82@mail.droso.net>

next in thread | raw e-mail | index | archive | help
As part of an ongoing effort to reduce the number of problems in the
FreeBSD ports system, we periodically notify users about
ports that are marked as "forbidden" in their Makefiles.  Often,
these ports are so marked due to security concerns, such as known
exploits.

An overview of each port, including errors seen on the build farm,
is included below.

portname:           chinese/wordpress
forbidden because: 
                    http://www.vuxml.org/freebsd/622bc638-be27-11dd-a578-0030843d3802.html
build errors:       none.
overview:           http://portsmon.FreeBSD.org/portoverview.py?category=chinese&portname=wordpress


portname:           databases/gnats
forbidden because:  Security issues
build errors:       none.
overview:           http://portsmon.FreeBSD.org/portoverview.py?category=databases&portname=gnats


portname:           dns/bind9-dlz
forbidden because:  vulnerable to cache poisioning if recursive lookup
                    enabled
build errors:       none.
overview:           http://portsmon.FreeBSD.org/portoverview.py?category=dns&portname=bind9-dlz


portname:           misc/compat3x
forbidden because:  FreeBSD-SA-03:05.xdr, FreeBSD-SA-03:08.realpath  - not
                    fixed / no lib available
build errors:       none.
overview:           http://portsmon.FreeBSD.org/portoverview.py?category=misc&portname=compat3x


portname:           net-p2p/peercast
forbidden because:  arbitrary code execution,
                    http://www.vuxml.org/freebsd/402ae710-26a2-11dd-ae05-825f4c35000a.html
build errors:       none.
overview:           http://portsmon.FreeBSD.org/portoverview.py?category=net-p2p&portname=peercast


portname:           www/linux-firefox-devel
forbidden because:  Security issus
                    http://www.vuxml.org/freebsd/f29fea8f-b19f-11dd-a55e-00163e000016.html
build errors:       none.
overview:           http://portsmon.FreeBSD.org/portoverview.py?category=www&portname=linux-firefox-devel


portname:           www/tdiary-devel
forbidden because:  contains a vulnerability:
                    http://www.tdiary.org/20071215.html written in
                    Japanese
build errors:       none.
overview:           http://portsmon.FreeBSD.org/portoverview.py?category=www&portname=tdiary-devel


portname:           www/zope
forbidden because:  contains cross-site scripting vulnerability
                    http://VuXML.FreeBSD.org/34414a1e-e377-11db-b8ab-000c76189c4c.html
build errors:       none.
overview:           http://portsmon.FreeBSD.org/portoverview.py?category=www&portname=zope



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081231054728.4F1451CC82>