Date: Sat, 10 Nov 2007 04:20:41 -0500 From: "Aryeh M. Friedman" <aryeh.friedman@gmail.com> To: zbigniew szalbot <zbigniew@szalbot.homedns.org> Cc: freebsd-questions@freebsd.org Subject: Re: cups-base problem Message-ID: <473577E9.7030802@gmail.com> In-Reply-To: <4735775B.2020105@szalbot.homedns.org> References: <473570FC.7070002@szalbot.homedns.org> <4735766A.2020806@gmail.com> <4735775B.2020105@szalbot.homedns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 zbigniew szalbot wrote: > Hello, > > Aryeh M. Friedman pisze: >>> I am not sure I understand the message about remote execution >>> of arbitrary code. >> That is just saying that if the security issue is a problem for >> you don't upgrade (i.e. go ahead if you don't care). >> > Thanks but I think I now understand even less :) If a security > issue is a problem, don't upgrade??? My understanding of the issue is under some situations cups-base may allow an attacker to execute arbitary commands (not sure with what privs) > > Not sure also how one could go ahead? There is no option to > continue. The message appears and that's all. I am not given any > option. Remove the "FORBIDDEN=" line in the makefile - -- Aryeh M. Friedman Developer, not business, friendly http://www.flosoft-systems.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHNXfoJ9+1V27SttsRAteSAKCeeXqAfsk+OgoLP9l/wZvvvMFhAwCeK1l1 Vv+r9ICUlVxTpvN+A8jv4xw= =3fNE -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?473577E9.7030802>