[irc/bitlbee] security and new version 1.2.3
Spil Oss
spil.oss at googlemail.com
Thu Sep 25 11:24:45 UTC 2008
Hi all,
Changelog of bitlbee 1.2.2 to 1.2.3
Version 1.2.3 (released 2008-09-07) hilights:
* Fixed a security issue similar to the previous account
overwrite/hijack bug.
My guess is that the port hasn't been updated due to the ports-freeze.
Should it be because there's a security fix?
The security issue isn't exploitable on my machine but I upgraded the
port anyway.
cd /usr/ports/distfiles
fetch http://get.bitlbee.org/src/bitlbee-1.2.3.tar.gz
cd /usr/ports/irc/bitlbee
sed -i .bak -e 's/1.2.2/1.2.3/' Makefile
make makesum
make && make deinstall && make reinstall
/usr/local/etc/rc.d/bitlbee restart
Since then running without any issues.
Kind regards,
Spil.
More information about the freebsd-ports
mailing list