From owner-freebsd-questions@FreeBSD.ORG  Wed Feb  1 15:47:28 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7F9F416A420
	for <freebsd-questions@freebsd.org>;
	Wed,  1 Feb 2006 15:47:28 +0000 (GMT)
	(envelope-from mark.lubratt@indeq.com)
Received: from smtpout01-04.mesa1.secureserver.net
	(smtpout01-04.mesa1.secureserver.net [64.202.165.79])
	by mx1.FreeBSD.org (Postfix) with SMTP id 01F6543D48
	for <freebsd-questions@freebsd.org>;
	Wed,  1 Feb 2006 15:47:27 +0000 (GMT)
	(envelope-from mark.lubratt@indeq.com)
Received: (qmail 13222 invoked from network); 1 Feb 2006 15:47:25 -0000
Received: from unknown (209.98.250.135)
	by smtpout01-04.mesa1.secureserver.net (64.202.165.79) with ESMTP;
	01 Feb 2006 15:47:25 -0000
Mime-Version: 1.0 (Apple Message framework v746.2)
Content-Transfer-Encoding: 7bit
Message-Id: <35EE547A-1BDB-4623-8B1A-9941B1F80770@indeq.com>
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
To: freebsd-questions@freebsd.org
From: Mark Lubratt <mark.lubratt@indeq.com>
Date: Wed, 1 Feb 2006 09:47:24 -0600
X-Mailer: Apple Mail (2.746.2)
Subject: Openfoam/Paraview - linux-tiff security vulnerabilities
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Feb 2006 15:47:28 -0000

Hello!

I'm trying to install the OpenFoam port on 6.0 Stable with he current  
ports tree.  During the install, I get the following errors from the  
paraview dependency:

    Verifying install for /usr/local/lib/paraview-2.4/ 
ParaViewConfig.cmake i
n /usr/ports/science/paraview
===>  paraview-2.4.2 has known vulnerabilities:
=> tiff -- buffer overflow vulnerability.
    Reference: <http://www.FreeBSD.org/ports/portaudit/ 
68222076-010b-11da-bc08-00
01020eed82.html>
=> tiff -- divide-by-zero denial-of-service.
    Reference: <http://www.FreeBSD.org/ports/portaudit/ 
b58ff497-6977-11d9-ae49-00
0c41e2cdad.html>
=> tiff -- directory entry count integer overflow vulnerability.
    Reference: <http://www.FreeBSD.org/ports/portaudit/ 
fc7e6a42-6012-11d9-a9e7-00
01020eed82.html>
=> tiff -- multiple integer overflows.
    Reference: <http://www.FreeBSD.org/ports/portaudit/ 
3897a2f8-1d57-11d9-bc4a-00
0c41e2cdad.html>
=> tiff -- RLE decoder heap overflows.
    Reference: <http://www.FreeBSD.org/ports/portaudit/ 
f6680c03-0bd8-11d9-8a8a-00
0c41e2cdad.html>
=> Please update your ports tree and try again.


I've updated the ports tree multiple times.  I've perused the  
archives and found that all of these vulnerabilities should already  
be fixed (to the best of my understanding).  Portaudit doesn't report  
the current linux-tiff-3.6.1_5 has having these vulnerabilities.   
I've tried deinstalling and reinstalling linux-tiff.  Portversion  
reports that linux-tiff is up to date.

I'm not sure what to do next, or how to get around this error.  Any  
help would be appreciated!

Thanks!
Mark