From owner-freebsd-questions@FreeBSD.ORG  Sat Nov 10 10:27:49 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 87CEF16A417
	for <freebsd-questions@freebsd.org>;
	Sat, 10 Nov 2007 10:27:49 +0000 (UTC)
	(envelope-from reko.turja@liukuma.net)
Received: from www.liukuma.net (www.liukuma.net [62.220.235.15])
	by mx1.freebsd.org (Postfix) with ESMTP id 3E89313C494
	for <freebsd-questions@freebsd.org>;
	Sat, 10 Nov 2007 10:27:48 +0000 (UTC)
	(envelope-from reko.turja@liukuma.net)
Received: from localhost (unknown [127.0.0.1])
	by www.liukuma.net (Postfix) with ESMTP id B80DD1CC75;
	Sat, 10 Nov 2007 11:50:59 +0200 (EET)
Received: from www.liukuma.net ([127.0.0.1])
	by localhost (www.liukuma.net [127.0.0.1]) (amavisd-new, port 10026)
	with ESMTP id qiu9ipL0uMqw; Sat, 10 Nov 2007 11:50:58 +0200 (EET)
Received: from rivendell (c-980471d5.019-61-68617010.cust.bredbandsbolaget.se
	[213.113.4.152]) (using TLSv1 with cipher RC4-MD5 (128/128 bits))
	(No client certificate requested)
	(Authenticated sender: ignatz@www.liukuma.net)
	by www.liukuma.net (Postfix) with ESMTP id B7D7F1CC73;
	Sat, 10 Nov 2007 11:50:57 +0200 (EET)
Message-ID: <014b01c8237f$3951a590$0a0aa8c0@rivendell>
From: "Reko Turja" <reko.turja@liukuma.net>
To: "zbigniew szalbot" <zbigniew@szalbot.homedns.org>,
	<freebsd-questions@freebsd.org>
References: <473570FC.7070002@szalbot.homedns.org>
Date: Sat, 10 Nov 2007 11:51:10 +0200
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-2";
	reply-type=response
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.3138
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
Cc: 
Subject: Re: cups-base problem
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 10 Nov 2007 10:27:49 -0000


> Dear all,
>
> Today I saw a security notice:

..snip...

> cat distinfo
> MD5 (cups-1.3.3-source.tar.bz2) = d4911e68b6979d16bc7a55f68d16cc53
> SHA256 (cups-1.3.3-source.tar.bz2) = 
> 5e9e5670777055293e309cb0cbb2758df9c1275bf648df70478b7389c2d804de
> SIZE (cups-1.3.3-source.tar.bz2) = 4077262

Update your ports and INDEX file as it seems that you are installing a 
vulnerable version of cups-base. The VuXML report says:

Affects:
cups-base <1.3.4

so the cups-1.3.3 still has the vulnerability mentioned in the report.

-Rek