Date: Tue, 02 Jul 2013 09:58:39 -0500 From: Ryan Frederick <ryanrfrederick@gmail.com> To: freebsd-questions@freebsd.org Subject: Re: Curl -7.24.0_4 heap corruption Message-ID: <51D2EA9F.5030002@gmail.com> In-Reply-To: <7752F38E19D749DD851286B177ABE56C@S0030153310> References: <7752F38E19D749DD851286B177ABE56C@S0030153310>
next in thread | previous in thread | raw e-mail | index | archive | help
Update your ports vulnerability database before attempting to compile curl. `portaudit -Fda` should do the trick. Ryan On 07/02/2013 08:49 AM, Reggie Euser wrote: > We're running FreeBSD 8.3-RELEASE-p3 and portaudit says: > > Affected package: curl-7.24.0_2 > Type of problem: cURL library -- heap corruption in curl_easy_unescape. > Reference: > http://portaudit.FreeBSD.org/01cf67b3-dc3b-11e2-a6cd-c48508086173.html > > 1 problem(s) in your installed packages found. > > You are advised to update or deinstall the affected package(s) immediately. > > Have updated ports tree, checked UPDATING (nothing on curl since 2010). > For last several days, portmaster curl has attempted to install > curl-7.24.0_3 - same heap corruption issue. > > Today, portmaster curl attempted to install curl-7.24.0_4. I thought, > great, the port has been updated! > > Except that the heap corruption issue persists and the update fails. > > Anyone have any insights into this issue? > > Thanks! > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?51D2EA9F.5030002>