Date: Fri, 17 Oct 2008 09:08:56 +0100 From: Glyn Millington <glyn@millingtons.org> To: Colin Brace <cb@lim.nl> Cc: freebsd-questions@freebsd.org Subject: Re: updating a port with problems (libxml2) Message-ID: <86od1jprs7.fsf@nowhere.org> In-Reply-To: <20028504.post@talk.nabble.com> (Colin Brace's message of "Fri\, 17 Oct 2008 01\:01\:09 -0700 \(PDT\)") References: <20028504.post@talk.nabble.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Colin Brace <cb@lim.nl> writes: > Hi all, > > I use portsnap to keep the port tree of my FreeBSD 7 box up to date. > According to portaudit, which I run nightly, there is a problem with the > current version of libxml2. So, as usual, I run "sudo portsnap fetch && > sudo portsnap update", and then: > > $ cd /usr/ports/textproc/libxml2 > $ sudo make deinstall > $ sudo make reinstall clean > > But this last command results in an error: > > ===> libxml2-2.6.32 has known vulnerabilities: > => libxml2 -- two vulnerabilities. > Reference: > <http://www.FreeBSD.org/ports/portaudit/d71da236-9a94-11dd-8f42-001c2514716c.html>; > => Please update your ports tree and try again. > > It would appear that the port has not yet been updated. Is this some > temporary glitch? Otherwise, the approach I use is not very robust, since I > have now managed to deinstall a library upon which a dozen or so programs > depend. However, this is the first time this has happened. > > Comments, suggestions most welcome. Hi Colin, I hit a similar difficulty with cups-base a few days ago. Matthew Seaman suggested this as a way of getting the dodgy port to install, which I used because I *really* needed to print something:- portupgrade -m "DISABLE_VULNERABILITIES=yes" cups-base Lo and behold, within 6 hours of my re-installing the vulnerable port, the port was fixed and I upgraded to that hth Glyn
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86od1jprs7.fsf>