Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 4 Sep 2008 11:58:39 -0400
From:      Randy Pratt <bsd-unix@embarqmail.com>
To:        Miroslav Lachman <000.fbsd@quip.cz>
Cc:        Morgan =?ISO-8859-1?Q?Wesstr=F6m?= <freebsd-ports@pp.dyndns.biz>, freebsd-ports@freebsd.org
Subject:   Re: Stop in /usr/ports/sysutils/php5-posix.
Message-ID:  <20080904115839.77f49553.bsd-unix@embarqmail.com>
In-Reply-To: <48C0010C.4010006@quip.cz>
References:  <48BFDA10.60701@pp.dyndns.biz> <48C0010C.4010006@quip.cz>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Thu, 04 Sep 2008 17:38:52 +0200
Miroslav Lachman <000.fbsd@quip.cz> wrote:

> Morgan Wesstr=F6m wrote:
> > Portaudit has complained for a few days about vulnerabilities in=20
> > sysutils/php5-posix but there seems to be no update yet. When I now try=
=20
> > to recompile all my ports with portmaster it stops with an error when i=
t=20
> > reaches this port.
> >=20
> > =3D=3D=3D>  php5-posix-5.2.6_1 has known vulnerabilities:
> > =3D> php -- input validation error in posix_access function.
> >    Reference:=20
> > <http://www.FreeBSD.org/ports/portaudit/ee6fa2bd-406a-11dd-936a-0015af8=
72849.html>=20
> >=20
> > =3D> Please update your ports tree and try again.
> > *** Error code 1
> >=20
> >=20
> > How do I continue? Is there anyway I can force portmaster to skip this=
=20
> > port and continue where it left off or do I have to deinstall it and=20
> > recompile everything all over again?
>
> You can recompile / install vulnerable applications by giving portmaster=
=20
>    option: -m "DISABLE_VULNERABILITIES=3Dyes".
> !!You are using it at your own risk!!

I also use this option for all of my port updating.  I figure that
updating to a newer version "probably" won't make the security
any worse if I've already got a vulnerable application.

> If you don't need php5-posix, it is better to deinstall it and uncheck=20
> from php5-extensions (with `make config` in /usr/ports/lang/php5-extensio=
ns)

Actually, I think a fix was just committed:

  http://docs.freebsd.org/cgi/mid.cgi?200809041355.m84DtBLn072467

So give it a little time for propagation, then re-csup and try it
again. =20

HTH,

Randy
--=20

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080904115839.77f49553.bsd-unix>