From owner-freebsd-questions@FreeBSD.ORG Sun Dec 17 04:55:26 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 55BDB16A403 for ; Sun, 17 Dec 2006 04:55:26 +0000 (UTC) (envelope-from ccowart@hal.rescomp.berkeley.edu) Received: from rescomp.berkeley.edu (keyserver.Rescomp.Berkeley.EDU [169.229.70.167]) by mx1.FreeBSD.org (Postfix) with ESMTP id 16FA043CA0 for ; Sun, 17 Dec 2006 04:55:26 +0000 (GMT) (envelope-from ccowart@hal.rescomp.berkeley.edu) Received: by rescomp.berkeley.edu (Postfix, from userid 1225) id F228C5B78D; Sat, 16 Dec 2006 20:55:25 -0800 (PST) Date: Sat, 16 Dec 2006 20:55:25 -0800 From: Christopher Cowart To: freebsd-questions@freebsd.org Message-ID: <20061217045525.GF15871@rescomp.berkeley.edu> Mail-Followup-To: freebsd-questions@freebsd.org References: <20061217034739.GF16906@tigger.digitaltorque.ca> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="B8ONY/mu/bqBak9m" Content-Disposition: inline In-Reply-To: <20061217034739.GF16906@tigger.digitaltorque.ca> User-Agent: Mutt/1.5.9i Subject: Re: openssh security issues X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Dec 2006 04:55:26 -0000 --B8ONY/mu/bqBak9m Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Dec 16, 2006 at 10:47:39PM -0500, Michael P. Soulier wrote: > So, portaudit keeps complaining about openssh, but when I try to upgrade.= =2E. >=20 > [msoulier@kanga ~]$ sudo portupgrade -R openssh > [Updating the pkgdb in /var/db/pkg ... - 207 packages > found (-1 +1) (...). done] > ---> Upgrading 'openssh-3.6.1_5' to 'openssh-3.6.1_6' (security/openssh) > ---> Building '/usr/ports/security/openssh' > =3D=3D=3D> Cleaning for openssh-3.6.1_6 > =3D=3D=3D> openssh-3.6.1_6 has known vulnerabilities: > =3D> openssh -- multiple vulnerabilities. > Reference: > This says it only affects SSH Protocol version 1. If you only use version 2 or you're not too concerned, you could do:=20 $ sudo portupgrade -m DISABLE_VULNERABILITIES=3Dyes -R openssh > =3D> Please update your ports tree and try again. > *** Error code 1 >=20 > Stop in /usr/ports/security/openssh. > ** Command failed [exit code 1]: /usr/bin/script -qa /tmp/portupgrade.206= 85.0 > env UPGRADE_TOOL=3Dportupgrade UPGRADE_PORT=3Dopenssh-3.6.1_5 > UPGRADE_PORT_VER=3D3.6.1_5 make > ** Fix the problem and try again. > ** Listing the failed packages (*:skipped / !:failed) > ! security/openssh (openssh-3.6.1_5) (unknown build error) > ---> Packages processed: 0 done, 0 ignored, 0 skipped and 1 failed >=20 > So, before bothering the port maintainer, is there a standard place to lo= ok > for a status update on this kind of thing? >=20 > Thanks, > Mike > --=20 > Michael P. Soulier > "Any intelligent fool can make things bigger and more complex... It > takes a touch of genius - and a lot of courage to move in the opposite > direction." --Albert Einstein --=20 Chris Cowart Network and Infrastructure Systems Administrator RSSP-IT, UC Berkeley "May all your pushes be popped" --B8ONY/mu/bqBak9m Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFFhM29V3SOqjnqPh0RAp9VAKCv28lVFoEWvtaFjEkP8yv7cebWiwCeMFl0 s+voFFBHwk2c+Qj1LWbD3k4= =PdO7 -----END PGP SIGNATURE----- --B8ONY/mu/bqBak9m--