Bad VuXML check on PNG port ?
Jacques A. Vidrine
nectar at FreeBSD.org
Mon May 3 07:43:36 PDT 2004
On Mon, May 03, 2004 at 04:19:44PM +0200, Artur Pydo wrote:
> Hello,
>
> The current png-1.2.5_4 port has no more vulnerability.
> It has been corrected by ache at FreeBSD.org yesterday.
> But when i try to install the updated port to remplace
> the vulnerable one this is what i am told :
>
> # make install
> ===> png-1.2.5_4 has known vulnerabilities:
> >> libpng denial-of-service.
> Reference:
> <http://people.freebsd.org/~eik/portaudit/3a408f6f-9c52-11d8-9366-0020ed76ef5a.html>
> >> Please update your ports tree and try again.
> *** Error code 1
>
> The 4-STABLE ports tree is up-to-date.
>
> Isn't it a problem to be unable to update a vulnerable port ?
The VuXML document needed to be updated after ache@ made the fix.
I've done so now.
Cheers,
--
Jacques Vidrine / nectar at celabo.org / jvidrine at verio.net / nectar at freebsd.org
More information about the freebsd-security
mailing list