Date: Mon, 3 May 2004 20:47:13 +0200 From: Frankye - ML <listsucker@ipv5.net> To: freebsd-security@freebsd.org Subject: Re: Bad VuXML check on PNG port ? Message-ID: <20040503204713.3abb28e0@godzilla> In-Reply-To: <40968883.3070103@pydo.org> References: <40965500.4040205@pydo.org> <20040503144335.GA15293@madman.celabo.org> <40968883.3070103@pydo.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 03 May 2004 19:59:31 +0200 Artur Pydo <artur@pydo.org> wrote: [cut] | I know that there is a workaround | modifying 'auditfile' by hand as it is a ascii file. | | I suggest that in future one avoid setting vulnerable versions as > 0 | because the update fails as long as the reference file has not been | updated with the correct vulnerable port later. | | In this case it would be much more efficient to set 'png<1.2.5_3' | from the beginning. imvho the drawbacks of this solution outweight its usefulness. If a commit does not solve the problem but makes the port to look not vulnerable, and I'm a very sloppy or very overworked sysadmin, I might not notice. Would you prefer me sweating around the upgrade of something I know is patched, but portaudit prevents me from portupgrading, or my cracked zombie machine pounding at your network while I'm slacking off? :) Just my 2 cents Frankye
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040503204713.3abb28e0>