From owner-freebsd-questions@FreeBSD.ORG Wed Nov 14 23:02:54 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E7BE116A417 for ; Wed, 14 Nov 2007 23:02:53 +0000 (UTC) (envelope-from kurt.buff@gmail.com) Received: from el-out-1112.google.com (el-out-1112.google.com [209.85.162.182]) by mx1.freebsd.org (Postfix) with ESMTP id A024D13C461 for ; Wed, 14 Nov 2007 23:02:53 +0000 (UTC) (envelope-from kurt.buff@gmail.com) Received: by el-out-1112.google.com with SMTP id r27so196160ele for ; Wed, 14 Nov 2007 15:02:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=y+9iQkIaWkBG1YuvUVVBYb9spFv3ahksMarF88ZmBj4=; b=LYVnIUiE2AOTBOVlPChH8KYgVzw1kve3PheoWam08Y+HEmJtrNzv0kV4lxpfMb7SGqjY0Og2NW216mbQME3wEVNa+Ust5Go5+ExkHvg9wBRcIFrJdwJ4DWzgI7RmIpV34mYRTEpmX0cMi0fSHEuph1hy6hEAbeYBl+YeVFPcJSY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=Zpm979cziQnDGApKxl0wMdJ1Poyx2G1WGy4XWHsO3d4xewXFBiC70Tu8ucz2BYm9NNUss3r6IkN4UNqlmNhKpTjJacNaSppcLHiG4Mk0cqVKVZJQzET+j45u8yOzzXSJj+eYvNEX633cS8Xn9/eNu2B35j/GT3Y4iKAQ+LN+9Zo= Received: by 10.142.106.18 with SMTP id e18mr2146018wfc.1195081372024; Wed, 14 Nov 2007 15:02:52 -0800 (PST) Received: by 10.142.72.20 with HTTP; Wed, 14 Nov 2007 15:02:51 -0800 (PST) Message-ID: Date: Wed, 14 Nov 2007 15:02:51 -0800 From: "Kurt Buff" To: "Jonathan Horne" In-Reply-To: <200711141653.15028.freebsd@dfwlp.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <200711141539.47515.freebsd@dfwlp.com> <200711141619.42714.freebsd@dfwlp.com> <200711141653.15028.freebsd@dfwlp.com> Cc: freebsd-questions@freebsd.org Subject: Re: cups builds on one, but rejected by another? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Nov 2007 23:02:54 -0000 On 11/14/07, Jonathan Horne wrote: > On Wednesday 14 November 2007 04:32:12 pm Kurt Buff wrote: > > On 11/14/07, Jonathan Horne wrote: > > > On Wednesday 14 November 2007 03:57:26 pm Kris Kennaway wrote: > > > > Jonathan Horne wrote: > > > > > On Wednesday 14 November 2007 03:39:47 pm Jonathan Horne wrote: > > > > >> my jails server (6.2-p8) just ran portupgrade fine, and cups was one > > > > >> of its items it updated: > > > > >> > > > > >> [root@canopus ~]# pkg_info | grep cups- > > > > >> cups-base-1.3.3_2 Common UNIX Printing System > > > > >> > > > > >> but my 7.0-b2 desktop, refuses to build the same package: > > > > >> > > > > >> ===> cups-base-1.3.3_2 has known vulnerabilities: > > > > >> => cups -- off-by-one buffer overflow. > > > > >> Reference: > > > > >> > > > >>2514 716 c.html> => Please update your ports tree and try again. > > > > >> *** Error code 1 > > > > >> > > > > >> what would be the differences between the 2 systems that one would > > > > >> build it, and the other reject the same port? ive not tweaked any > > > > >> port security settings on either one, so this is some curious > > > > >> behavior to me. > > > > >> > > > > >> thanks, > > > > > > > > > > another interesting thing, when you read the portaudit page for this, > > > > > it says: > > > > > > > > > > Affects: > > > > > cups-base <1.3.3_1 > > > > > > > > > > but yet 1.3.3_2 still is rejected. > > > > > > > > One or the other has either a stale portaudit database or ports tree. > > > > > > > > Kris > > > > > > what is the method for updating the portaudit database? both have had > > > their ports trees updated today, the 7.0 box multiple times. > > > > > > thanks, > > > -- > > > Jonathan Horne > > > http://dfwlpiki.dfwlp.org > > > freebsd@dfwlp.com > > > > I ran into a similar issue with cups - what does 'portaudit -aF' give > > on each machine? > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > > "freebsd-questions-unsubscribe@freebsd.org" > > interesting, portaudit seems to be part of the 7.0 base system now. on my > BETA2 box: > > [root@athena /usr/ports]# portaudit -aF > auditfile.tbz 100% of 45 kB 100 kBps > New database installed. > Affected package: cups-base-1.3.3 > Type of problem: xpdf -- multiple remote Stream.CC vulnerabilities. > Reference: > > > Affected package: cups-base-1.3.3 > Type of problem: cups -- off-by-one buffer overflow. > Reference: > > > 2 problem(s) in your installed packages found. > > You are advised to update or deinstall the affected package(s) immediately. > > portaudit is not installed on my 6.2 server, so i have no data to print for > that one. > > thanks, > -- > Jonathan Horne > http://dfwlpiki.dfwlp.org > freebsd@dfwlp.com That lack of portaudit on your 6.2 system is probably why it doesn't care. I'll bet that if you had installed portaudit on your 6.2 system before trying to update, it wouldn't build either, until the port was updated, which happened a day or so ago. Further, I'll guess that the ports tree on your 7.0 system doesn't contain the updated port for cups - I don't have a 7.0 system on which to test, and don't have a sophisticated understanding of how all that works, but it's possible that the ports tree for 7.0 doesn't have the updates. Kurt