Date: Thu, 11 Aug 2016 13:58:51 -0500 From: "Dean E. Weimer" <dweimer@dweimer.net> To: JosC <bsdports@cloudzeeland.nl> Cc: "freebsd-questions@FreeBSD.org" <freebsd-questions@freebsd.org>, owner-freebsd-questions@freebsd.org Subject: Re: Upgrade Perl5.2.20 (vulnerable) Message-ID: <98acd0e6bcc55fb1140210c315c2e1e5@dweimer.net> In-Reply-To: <c8fb23fa-97f6-2e17-1d92-8b9e04ba1c72@cloudzeeland.nl> References: <c8fb23fa-97f6-2e17-1d92-8b9e04ba1c72@cloudzeeland.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2016-08-11 1:43 pm, JosC wrote: > Can someone tell me how to best upgrade from Perl5.20.x to the latest > stable version? > > Tried to upgrade to Perl5.22 but got (also) the same issue while doing > so: > > > ===> Cleaning for perl5-5.20.3_14 > ===> perl5-5.20.3_14 has known vulnerabilities: > perl5-5.20.3_14 is vulnerable: > p5-XSLoader -- local arbitrary code execution > CVE: CVE-2016-6185 > WWW: > https://vuxml.FreeBSD.org/freebsd/3e08047f-5a6c-11e6-a6c3-14dae9d210b8.html > > perl5-5.20.3_14 is vulnerable: > perl -- local arbitrary code execution > CVE: CVE-2016-1238 > WWW: > https://vuxml.FreeBSD.org/freebsd/72bfbb09-5a6a-11e6-a6c3-14dae9d210b8.html > > 1 problem(s) in the installed packages found. > => Please update your ports tree and try again. > => Note: Vulnerable ports are marked as such even if there is no > update available. > => If you wish to ignore this vulnerability rebuild with 'make > DISABLE_VULNERABILITIES=yes' > *** Error code 1 > > Stop. > make[1]: stopped in /usr/ports/lang/perl5.20 > *** Error code 1 > > Stop. > make: stopped in /usr/ports/lang/perl5.20 > > --- cut --- > > > Thanks, > Jos Chrispijn Looks like they just updated all the perl ports to a release candidate version to fix this, as in 20 to 30 minutes ago. -- Thanks, Dean E. Weimer http://www.dweimer.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?98acd0e6bcc55fb1140210c315c2e1e5>