Date: Tue, 11 Sep 2007 00:28:30 +0100 From: John Murphy <freebsd001@freeode.co.uk> To: Gnome list <freebsd-gnome@freebsd.org> Subject: Re: make gnome2 fails because evince has vulnerability Message-ID: <20070911002830.09ebedd8@turion.freeode.co.uk> In-Reply-To: <op.tygk6ejx9aq2h7@mezz.mezzweb.com> References: <20070910205231.167f48f7@turion.freeode.co.uk> <op.tygk6ejx9aq2h7@mezz.mezzweb.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 10 Sep 2007 17:09:40 -0500 "Jeremy Messenger" <mezz7@cox.net> wrote: > On Mon, 10 Sep 2007 14:52:31 -0500, John Murphy <freebsd001@freeode.co.uk> > > > > Any suggestions from the port maintainers (or clues from anyone) > > would be much appreciated. > > It has been fixed, someone has added evince as vulnerability by mistake. > The evince doesn't has any of pdf source code in its tarball. It depends > on poppler and poppler has been marked as safe (patched) a while ago. > > Cheers, > Mezz Ah, thanks Mezz. I ran 'portaudit -F' and the build is continuing. (Note to self: Run 'portaudit -F' before installing/upgrading ports.) > <snip> > > ===> gnome2-2.18.3 depends on executable: evince - not found > > ===> Verifying install for evince in /usr/ports/graphics/evince > > ===> evince-0.8.3_1 has known vulnerabilities: > > => xpdf -- stack based buffer overflow. > > Reference: > > <http://www.FreeBSD.org/ports/portaudit/0e43a14d-3f3f-11dc-a79a-0016179b2dd5.html>; > > => Please update your ports tree and try again. > > *** Error code 1 > > > > Stop in /usr/ports/graphics/evince. > > *** Error code 1 > > > > Stop in /usr/ports/x11/gnome2. > > *** Error code 1 > > > > Stop in /usr/ports/x11/gnome2. > > -- Thanks, John.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070911002830.09ebedd8>