Date: Wed, 2 Sep 2015 11:31:38 -0500 From: Rob Belics <rob@spartantheatre.org> To: freebsd-ports@freebsd.org Subject: lang/go security problem on one but not the other Message-ID: <CAPu-kW-gjcRbLv7-w-aqraty5npFyQ0vCqeWdmLnQ%2B%2BXwaf69Q@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
The date for vuln.xml, on the server which it won't build on, is September 1 while the date on the other is July 25. Here is the output when I try this: ===>>> The following actions will be taken if you choose to proceed: Install lang/go Install lang/go14 ===>>> Proceed? y/n [y] ===>>> Starting build for lang/go <<<=== ===>>> Starting check for build dependencies ===>>> Gathering dependency list for lang/go from ports ===>>> Launching child to install lang/go14 ===>>> lang/go >> lang/go14 (1/1) ===>>> Port directory: /usr/ports/lang/go14 ===>>> Starting check for build dependencies ===>>> Gathering dependency list for lang/go14 from ports ===>>> Dependency check complete for lang/go14 ===>>> lang/go >> lang/go14 (1/1) ===> Cleaning for go14-1.4.2 ===> go14-1.4.2 has known vulnerabilities: go14-1.4.2 is vulnerable: go -- multiple vulnerabilities CVE: CVE-2015-5741 CVE: CVE-2015-5740 CVE: CVE-2015-5739 WWW: https://vuxml.FreeBSD.org/freebsd/4464212e-4acd-11e5-934b-002590263bf5.html 1 problem(s) in the installed packages found. => Please update your ports tree and try again. => Note: Vulnerable ports are marked as such even if there is no update available. => If you wish to ignore this vulnerability rebuild with 'make DISABLE_VULNERABILITIES=yes' *** Error code 1 Stop. make: stopped in /usr/ports/lang/go14 ===>>> make build failed for lang/go14 ===>>> Aborting update ===>>> Update for lang/go14 failed ===>>> Aborting update ===>>> You can restart from the point of failure with this command line: portmaster <flags> lang/go lang/go14
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPu-kW-gjcRbLv7-w-aqraty5npFyQ0vCqeWdmLnQ%2B%2BXwaf69Q>