Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 6 Jan 2009 13:06:23 +0000
From:      RW <rwmaillists@googlemail.com>
To:        freebsd-ports@freebsd.org
Subject:   Re: xterm vuln
Message-ID:  <20090106130623.4757f350@gumby.homeunix.com>
In-Reply-To: <20090106055503.GC99596@bsdcrew.de>
References:  <4962E351.7060205@psg.com> <20090106055503.GC99596@bsdcrew.de>

next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 6 Jan 2009 06:55:04 +0100
Martin Wilke <miwi@FreeBSD.org> wrote:

> On Tue, Jan 06, 2009 at 01:51:29PM +0900, Randy Bush wrote:
> > so portaudit reported an xterm vuln.  i cvsupped which did change
> > things in xterm.
> > ...
> > ===>  Cleaning for xterm-238
> > ===>  xterm-238 has known vulnerabilities:
> > => xterm -- DECRQSS remote command execution vulnerability.
> >     Reference: 
> > <http://www.FreeBSD.org/ports/portaudit/d5e1aac8-db0b-11dd-ae30-001cc0377035.html>;
> > => Please update your ports tree and try again.
> > *** Error code 1


> Was fixed few hours ago :).

But it's not just a case of updating the ports tree, you also need
to do a portaudit -F. 



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090106130623.4757f350>