Date: Mon, 31 Jul 2006 13:44:47 -0600 From: "Pat Maddox" <pergesu@gmail.com> To: "jan gestre" <freebsd.ph@gmail.com> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: portupgrade ruby package Message-ID: <810a540e0607311244pace7691y1c426d28386df0f6@mail.gmail.com> In-Reply-To: <a25afc300607310807w1e94c0d6g9b5ad00b3a0ba339@mail.gmail.com> References: <a25afc300607310807w1e94c0d6g9b5ad00b3a0ba339@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 7/31/06, jan gestre <freebsd.ph@gmail.com> wrote: > hi guys, > > portaudit reperoted a vulnerability on the ruby package, so i did the > following: > > # cvsup -L 2 ports-supfile > # portsdb -Uu > # portupgrade -rR ruby > > but i encountered this error message, i can't upgrade ruby. > > ---> Upgrading 'ruby-1.8.4_8,1' to 'ruby-1.8.4_9,1' (lang/ruby18) > ---> Building '/usr/ports/lang/ruby18' > ===> Cleaning for ruby-1.8.4_9,1 > > NOTE: > You can enable pthread support by defining WITH_PTHREADS variable, > but not recommended since this might break some ruby apps. > > ===> ruby-1.8.4_9,1 has known vulnerabilities: > => ruby - multiple vulnerabilities. > Reference: < > http://www.FreeBSD.org/ports/portaudit/76562594-1f19-11db-b7d4-0008743bf21a.html > > > => ruby - multiple vulnerabilities. > Reference: < > http://www.FreeBSD.org/ports/portaudit/76562594-1f19-11db-b7d4-0008743bf21a.html > > > => Please update your ports tree and try again. > *** Error code 1 I'm not 100% sure on this, but I think the problem is that even the new Ruby port has the vulnerabilities in it. You won't be able to upgrade until those get patched first. This is the first ML message I've seen about this issue, so I don't have any more info. Pat
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?810a540e0607311244pace7691y1c426d28386df0f6>