From owner-freebsd-questions@FreeBSD.ORG Fri Nov 9 16:19:22 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5AA9116A417 for ; Fri, 9 Nov 2007 16:19:22 +0000 (UTC) (envelope-from bsd-unix@embarqmail.com) Received: from mailrelay.embarq.synacor.com (mailrelay.embarq.synacor.com [208.47.184.3]) by mx1.freebsd.org (Postfix) with ESMTP id E5D3B13C481 for ; Fri, 9 Nov 2007 16:19:21 +0000 (UTC) (envelope-from bsd-unix@embarqmail.com) X_CMAE_Category: 0,0 Undefined,Undefined X-CNFS-Analysis: v=1.0 c=1 a=6I5d2MoRAAAA:8 a=BrFvUlzZkpf1d0bpVbIA:9 a=3AXPE8HWpAjwSP-Wlo0A:7 a=XVg_jyU7otlnNqrF5-63ckF2i-kA:4 a=LY0hPdMaydYA:10 X-CM-Score: 0 X-Scanned-by: Cloudmark Authority Engine Authentication-Results: smtp09.embarq.synacor.com smtp.mail=bsd-unix@embarqmail.com; spf=neutral Authentication-Results: smtp09.embarq.synacor.com smtp.user=rpratt1950@embarqmail.com; auth=pass (LOGIN) Received-SPF: neutral (smtp09.embarq.synacor.com: 76.6.194.183 is neither permitted nor denied by domain of embarqmail.com) Received: from [76.6.194.183] ([76.6.194.183:62826] helo=kt.weeeble.com) by mailrelay.embarq.synacor.com (envelope-from ) (ecelerity 2.2.1.21 r(19176)) with ESMTPA id 62/CD-26503-08884374; Fri, 09 Nov 2007 11:19:13 -0500 Date: Fri, 9 Nov 2007 11:19:11 -0500 From: Randy Pratt To: fatman@crackmonkey.us Message-Id: <20071109111911.60800c03.bsd-unix@embarqmail.com> In-Reply-To: <47347A3C.1030702@crackmonkey.us> References: <47347202.8060103@gmail.com> <47347A3C.1030702@crackmonkey.us> X-Mailer: Sylpheed 2.4.7 (GTK+ 2.12.1; i386-portbld-freebsd6.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: "Aryeh M. Friedman" , FreeBSD Questions Subject: Re: strange error when building cups X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Nov 2007 16:19:22 -0000 On Fri, 09 Nov 2007 15:18:20 +0000 Adam J Richardson wrote: > Aryeh M. Friedman wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > Can some tell me what this means and how to fix it: > > > > ===> cups-pstoraster-8.15.4_1 depends on shared library: cups.2 - > > not found > > ===> Verifying install for cups.2 in /usr/ports/print/cups-base > > ===> cups-base-1.3.3 is forbidden: remote execution of arbitrary code. > > *** Error code 1 > > > > Stop in /FreeBSD/FreeBSD-current/ports/print/cups-base. > > *** Error code 1 > > > > Stop in /FreeBSD/FreeBSD-current/ports/print/cups-pstoraster. > > *** Error code 1 > > > > Stop in /FreeBSD/FreeBSD-current/ports/print/cups. > > > > Hi Aryeh, > > I can't tell you about the error, but: > > %pkg_info | grep cups > cups-base-1.3.3 Common UNIX Printing System > cups-pstoraster-8.15.4_1 Postscript interpreter for CUPS printing to > non-PS printers > > Looks like the same versions. They do build ok. Perhaps a "make clean > distclean" will shake out the bugs? > > 'Remote execution' is interesting. Do you use some sort of load balancer? The print/cups-base was marked FORBIDDEN due remote execution of arbitrary code on 2007-11-08, see: http://docs.freebsd.org/cgi/mid.cgi?200711081832.lA8IWv3T075088 You can read more about the vulnerability at: http://www.freebsd.org/ports/portaudit/8dd9722c-8e97-11dc-b8f6-001c2514716c.html If you decide that your risk is acceptable you still wish to install/update at this time, you can comment ( # ) the particular line in the ports/print/cups-base/Makefile: #FORBIDDEN= remote execution of arbitrary code I would presume that cups-base-1.3.4 is going to be committed shortly since there are quite a few ports that depend on it. HTH, Randy --