From owner-freebsd-ports@FreeBSD.ORG Tue Jan 6 04:51:32 2009 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C1141106564A for ; Tue, 6 Jan 2009 04:51:32 +0000 (UTC) (envelope-from randy@psg.com) Received: from ran.psg.com (ran.psg.com [IPv6:2001:418:1::36]) by mx1.freebsd.org (Postfix) with ESMTP id A656E8FC14 for ; Tue, 6 Jan 2009 04:51:32 +0000 (UTC) (envelope-from randy@psg.com) Received: from 50.216.138.210.bn.2iij.net ([210.138.216.50] helo=rmac.psg.com) by ran.psg.com with esmtpsa (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LK3ud-0002ls-E7 for freebsd-ports@freebsd.org; Tue, 06 Jan 2009 04:51:31 +0000 Message-ID: <4962E351.7060205@psg.com> Date: Tue, 06 Jan 2009 13:51:29 +0900 From: Randy Bush User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1b3pre) Gecko/20081204 Thunderbird/3.0b1 MIME-Version: 1.0 To: freebsd ports Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: xterm vuln X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Jan 2009 04:51:33 -0000 so portaudit reported an xterm vuln. i cvsupped which did change things in xterm. # grep xterm cvsup.log Edit ports/x11/xterm/Makefile Edit ports/x11/xterm/distinfo but when i run portupgrade ---> Upgrade of x11/xterm started at: Tue, 06 Jan 2009 04:48:44 +0000 ---> Upgrading 'xterm-237_1' to 'xterm-238' (x11/xterm) ---> Build of x11/xterm started at: Tue, 06 Jan 2009 04:48:44 +0000 ---> Building '/usr/ports/x11/xterm' ===> Cleaning for xterm-238 ===> xterm-238 has known vulnerabilities: => xterm -- DECRQSS remote command execution vulnerability. Reference: => Please update your ports tree and try again. *** Error code 1 whack me with the clue bat, please. randy