Stop in /usr/ports/sysutils/php5-posix.
Randy Pratt
bsd-unix at embarqmail.com
Thu Sep 4 16:18:42 UTC 2008
On Thu, 04 Sep 2008 17:38:52 +0200
Miroslav Lachman <000.fbsd at quip.cz> wrote:
> Morgan Wesström wrote:
> > Portaudit has complained for a few days about vulnerabilities in
> > sysutils/php5-posix but there seems to be no update yet. When I now try
> > to recompile all my ports with portmaster it stops with an error when it
> > reaches this port.
> >
> > ===> php5-posix-5.2.6_1 has known vulnerabilities:
> > => php -- input validation error in posix_access function.
> > Reference:
> > <http://www.FreeBSD.org/ports/portaudit/ee6fa2bd-406a-11dd-936a-0015af872849.html>
> >
> > => Please update your ports tree and try again.
> > *** Error code 1
> >
> >
> > How do I continue? Is there anyway I can force portmaster to skip this
> > port and continue where it left off or do I have to deinstall it and
> > recompile everything all over again?
>
> You can recompile / install vulnerable applications by giving portmaster
> option: -m "DISABLE_VULNERABILITIES=yes".
> !!You are using it at your own risk!!
I also use this option for all of my port updating. I figure that
updating to a newer version "probably" won't make the security
any worse if I've already got a vulnerable application.
> If you don't need php5-posix, it is better to deinstall it and uncheck
> from php5-extensions (with `make config` in /usr/ports/lang/php5-extensions)
Actually, I think a fix was just committed:
http://docs.freebsd.org/cgi/mid.cgi?200809041355.m84DtBLn072467
So give it a little time for propagation, then re-csup and try it
again.
HTH,
Randy
--
More information about the freebsd-ports
mailing list