From owner-freebsd-questions@FreeBSD.ORG Thu Dec 7 13:46:30 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 949EE16A47B; Thu, 7 Dec 2006 13:46:30 +0000 (UTC) (envelope-from jhary@unsane.co.uk) Received: from unsane.co.uk (www.unsane.co.uk [85.233.185.162]) by mx1.FreeBSD.org (Postfix) with ESMTP id C1E1343C9D; Thu, 7 Dec 2006 13:45:37 +0000 (GMT) (envelope-from jhary@unsane.co.uk) Received: from [192.168.10.217] (150.117-84-212.staticip.namesco.net [212.84.117.150]) (authenticated bits=0) by unsane.co.uk (8.13.7/8.13.3) with ESMTP id kB7Dkfco006940 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 7 Dec 2006 13:46:43 GMT (envelope-from jhary@unsane.co.uk) Message-ID: <45781B2A.4000300@unsane.co.uk> Date: Thu, 07 Dec 2006 13:46:18 +0000 From: Vince User-Agent: Thunderbird 1.5.0.8 (X11/20061204) MIME-Version: 1.0 To: mato References: <20061206233232.GA72778@xor.obsecurity.org> <45775FA0.7020206@users.sf.net> <8cb6106e0612061646m1a9b9f94nc33bdb36ad25594d@mail.gmail.com> <20061207131208.M28770@users.sf.net> In-Reply-To: <20061207131208.M28770@users.sf.net> X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-2 Content-Transfer-Encoding: 7bit Cc: josh.carroll@psualum.com, freebsd-ports@freebsd.org, freebsd-questions@freebsd.org Subject: Re: portupgrade refusin to upgrade a port .. when it shouldn't imho X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Dec 2006 13:46:30 -0000 mato wrote: > On Wed, 6 Dec 2006 16:46:24 -0800, Josh Carroll wrote >>>>> ** Port marked as IGNORE: multimedia/win32-codecs: >>>>> is forbidden: Remote code execution: >>>>> http://vuxml.FreeBSD.org/24f6b1eb-43d5-11db-81e1-000e0c2e438a.html >>>>> >>>>> Isn't this behaviour flawed ?? Or am I missing something ? >> You need to make config in /usr/ports/multimedia/win32-codecs, and >> unselect quicktime. Then the port should install. This is assuming, >> of course, that you can live without the QT codec(s). >> >> Josh > > > OK, I will try it.. Thank you all. > > But the question remains -- if new port version is not vulnerable why i cannot > upgrade to it ?? > Its only not vulnerable if you unselect the quicktime codec. the vulnerability is in the quicktime codec. The port will by default use the stored config in /var/db/ports/win32-codecs/options and if this says to use the quicktime codec then it will not upgrade. This seems pretty sensible to me. Vince > Cheers, > > Martin > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"