Bad VuXML check on PNG port ?
Frankye - ML
listsucker at ipv5.net
Mon May 3 11:47:31 PDT 2004
On Mon, 03 May 2004 19:59:31 +0200
Artur Pydo <artur at pydo.org> wrote:
[cut]
| I know that there is a workaround
| modifying 'auditfile' by hand as it is a ascii file.
|
| I suggest that in future one avoid setting vulnerable versions as > 0
| because the update fails as long as the reference file has not been
| updated with the correct vulnerable port later.
|
| In this case it would be much more efficient to set 'png<1.2.5_3'
| from the beginning.
imvho the drawbacks of this solution outweight its usefulness.
If a commit does not solve the problem but makes the port to look not
vulnerable, and I'm a very sloppy or very overworked sysadmin, I might not
notice.
Would you prefer me sweating around the upgrade of something I know is
patched, but portaudit prevents me from portupgrading, or my cracked
zombie machine pounding at your network while I'm slacking off? :)
Just my 2 cents
Frankye
More information about the freebsd-security
mailing list