From owner-freebsd-questions@FreeBSD.ORG  Wed Nov 14 22:53:19 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 66AA416A46D
	for <freebsd-questions@freebsd.org>;
	Wed, 14 Nov 2007 22:53:19 +0000 (UTC)
	(envelope-from freebsd@dfwlp.com)
Received: from pollux.dfwlp.com (rrcs-64-183-212-244.sw.biz.rr.com
	[64.183.212.244])
	by mx1.freebsd.org (Postfix) with ESMTP id 2573413C465
	for <freebsd-questions@freebsd.org>;
	Wed, 14 Nov 2007 22:53:17 +0000 (UTC)
	(envelope-from freebsd@dfwlp.com)
Received: from athena.dfwlp.com (athena.dfwlp.com [192.168.125.82])
	(authenticated bits=0)
	by pollux.dfwlp.com (8.13.8/8.13.8) with ESMTP id lAEMr5q2057119
	for <freebsd-questions@freebsd.org>;
	Wed, 14 Nov 2007 16:53:05 -0600 (CST)
	(envelope-from freebsd@dfwlp.com)
From: Jonathan Horne <freebsd@dfwlp.com>
To: freebsd-questions@freebsd.org
Date: Wed, 14 Nov 2007 16:53:14 -0600
User-Agent: KMail/1.9.7
References: <200711141539.47515.freebsd@dfwlp.com>
	<200711141619.42714.freebsd@dfwlp.com>
	<a9f4a3860711141432j40c4cf33k82fe94bd16c865db@mail.gmail.com>
In-Reply-To: <a9f4a3860711141432j40c4cf33k82fe94bd16c865db@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200711141653.15028.freebsd@dfwlp.com>
X-Spam-Status: No, score=-4.4 required=3.6 tests=ALL_TRUSTED,BAYES_00
	autolearn=ham version=3.2.3
X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on pollux.dfwlp.com
Subject: Re: cups builds on one, but rejected by another?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Nov 2007 22:53:19 -0000

On Wednesday 14 November 2007 04:32:12 pm Kurt Buff wrote:
> On 11/14/07, Jonathan Horne <freebsd@dfwlp.com> wrote:
> > On Wednesday 14 November 2007 03:57:26 pm Kris Kennaway wrote:
> > > Jonathan Horne wrote:
> > > > On Wednesday 14 November 2007 03:39:47 pm Jonathan Horne wrote:
> > > >> my jails server (6.2-p8) just ran portupgrade fine, and cups was one
> > > >> of its items it updated:
> > > >>
> > > >> [root@canopus ~]# pkg_info | grep cups-
> > > >> cups-base-1.3.3_2   Common UNIX Printing System
> > > >>
> > > >> but my 7.0-b2 desktop, refuses to build the same package:
> > > >>
> > > >> ===>  cups-base-1.3.3_2 has known vulnerabilities:
> > > >> => cups -- off-by-one buffer overflow.
> > > >>    Reference:
> > > >> <http://www.FreeBSD.org/ports/portaudit/8dd9722c-8e97-11dc-b8f6-001c
> > > >>2514 716 c.html> => Please update your ports tree and try again.
> > > >> *** Error code 1
> > > >>
> > > >> what would be the differences between the 2 systems that one would
> > > >> build it, and the other reject the same port?  ive not tweaked any
> > > >> port security settings on either one, so this is some curious
> > > >> behavior to me.
> > > >>
> > > >> thanks,
> > > >
> > > > another interesting thing, when you read the portaudit page for this,
> > > > it says:
> > > >
> > > > Affects:
> > > > cups-base <1.3.3_1
> > > >
> > > > but yet 1.3.3_2 still is rejected.
> > >
> > > One or the other has either a stale portaudit database or ports tree.
> > >
> > > Kris
> >
> > what is the method for updating the portaudit database?  both have had
> > their ports trees updated today, the 7.0 box multiple times.
> >
> > thanks,
> > --
> > Jonathan Horne
> > http://dfwlpiki.dfwlp.org
> > freebsd@dfwlp.com
>
> I ran into a similar issue with cups - what does 'portaudit -aF' give
> on each machine?
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe@freebsd.org"

interesting, portaudit seems to be part of the 7.0 base system now.  on my 
BETA2 box:

[root@athena /usr/ports]# portaudit -aF
auditfile.tbz                                 100% of   45 kB  100 kBps
New database installed.
Affected package: cups-base-1.3.3
Type of problem: xpdf -- multiple remote Stream.CC vulnerabilities.
Reference: 
<http://www.FreeBSD.org/ports/portaudit/2747fc39-915b-11dc-9239-001c2514716c.html>

Affected package: cups-base-1.3.3
Type of problem: cups -- off-by-one buffer overflow.
Reference: 
<http://www.FreeBSD.org/ports/portaudit/8dd9722c-8e97-11dc-b8f6-001c2514716c.html>

2 problem(s) in your installed packages found.

You are advised to update or deinstall the affected package(s) immediately.

portaudit is not installed on my 6.2 server, so i have no data to print for 
that one.

thanks,
-- 
Jonathan Horne
http://dfwlpiki.dfwlp.org
freebsd@dfwlp.com