From owner-freebsd-ports@FreeBSD.ORG Tue Jan 6 13:06:28 2009 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C3BEF106566C for ; Tue, 6 Jan 2009 13:06:28 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-ew0-f21.google.com (mail-ew0-f21.google.com [209.85.219.21]) by mx1.freebsd.org (Postfix) with ESMTP id 560DD8FC1F for ; Tue, 6 Jan 2009 13:06:28 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: by ewy14 with SMTP id 14so9410766ewy.19 for ; Tue, 06 Jan 2009 05:06:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:subject :message-id:in-reply-to:references:x-mailer:mime-version :content-type:content-transfer-encoding; bh=/+qcbIr8JUoF+j+DjcSMthKNDSlFv7vCHoKDqzJBROE=; b=U0G+LJgIBq3z4jitZt/XocOYalRQGKVVQiwTJvhIVWZcJYQLd3f4c92WzKXXbtepDA 29gWf5+GKOGLv0Mn4HAKqiYUwogxvPRC3HKLeqUuKj7fKVgIvnJDZwbkncUVF76SNUhE UwtDEAuPjXjmpAm+V4k/+Puy2hCbTv5tq6FZI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type:content-transfer-encoding; b=i22WqADNFA2Bz6o7cKQa1WHpU+a00Z5LIzUpQ2xCjUm69k5cmkdFr2KGrXPvd6DcPI YOyuvCG1UHqre78HkstEs6cnJE68pgv3RN4gnm5KtcDZwVUCn55JekklClWAhkPhxcP4 bakHKtnwocizDvS5zlYCPNOScG7eX9s0w4Is0= Received: by 10.210.16.10 with SMTP id 10mr35159ebp.195.1231247187011; Tue, 06 Jan 2009 05:06:27 -0800 (PST) Received: from gumby.homeunix.com (bb-87-81-140-128.ukonline.co.uk [87.81.140.128]) by mx.google.com with ESMTPS id c24sm54967716ika.6.2009.01.06.05.06.25 (version=SSLv3 cipher=RC4-MD5); Tue, 06 Jan 2009 05:06:26 -0800 (PST) Date: Tue, 6 Jan 2009 13:06:23 +0000 From: RW To: freebsd-ports@freebsd.org Message-ID: <20090106130623.4757f350@gumby.homeunix.com> In-Reply-To: <20090106055503.GC99596@bsdcrew.de> References: <4962E351.7060205@psg.com> <20090106055503.GC99596@bsdcrew.de> X-Mailer: Claws Mail 3.5.0 (GTK+ 2.12.11; i386-portbld-freebsd7.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: xterm vuln X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Jan 2009 13:06:29 -0000 On Tue, 6 Jan 2009 06:55:04 +0100 Martin Wilke wrote: > On Tue, Jan 06, 2009 at 01:51:29PM +0900, Randy Bush wrote: > > so portaudit reported an xterm vuln. i cvsupped which did change > > things in xterm. > > ... > > ===> Cleaning for xterm-238 > > ===> xterm-238 has known vulnerabilities: > > => xterm -- DECRQSS remote command execution vulnerability. > > Reference: > > > > => Please update your ports tree and try again. > > *** Error code 1 > Was fixed few hours ago :). But it's not just a case of updating the ports tree, you also need to do a portaudit -F.