From owner-freebsd-ports@FreeBSD.ORG Thu Sep 4 16:18:42 2008 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C5F0F1065674 for ; Thu, 4 Sep 2008 16:18:42 +0000 (UTC) (envelope-from bsd-unix@embarqmail.com) Received: from mailrelay.embarq.synacor.com (mailrelay.embarq.synacor.com [208.47.184.3]) by mx1.freebsd.org (Postfix) with ESMTP id 6E1D68FC13 for ; Thu, 4 Sep 2008 16:18:42 +0000 (UTC) (envelope-from bsd-unix@embarqmail.com) DKIM-Signature: v=1; a=rsa-sha1; d=embarqmail.com; s=s012408; c=relaxed/simple; q=dns/txt; i=@embarqmail.com; t=1220543921; h=From:Subject:Date:To:Mime-Version:Content-Type; bh=SbMiKXZ6PngoAkpNnhqCC7R+tok=; b=Y1Cn3azaBWYkuggHelx5i8kFNlt3Q63TnDIb2j0Qh1GlghPitz6TqIwFhH76ZcSL g2Cvogl+vZWwHTeETFt3xwEJ9Voe/OlTYmh0f3MyR/+UJ4peNMzEaX2FrKJHDC42; X_CMAE_Category: 0,0 Undefined,Undefined X-CNFS-Analysis: v=1.0 c=1 a=hKhEExfFk-cA:10 a=w6-VwMTXhFwA:10 a=6I5d2MoRAAAA:8 a=DgoALF1zFMdx1bG2uPUA:9 a=WSC3RXdpAEGifxJarH0A:7 a=z85ygx80aWcqZG1ibWTNaWVoYG4A:4 a=LY0hPdMaydYA:10 X-CM-Score: 0 X-Scanned-by: Cloudmark Authority Engine Authentication-Results: smtp09.embarq.synacor.com smtp.user=rpratt1950@embarqmail.com; auth=pass (LOGIN) Received: from [74.4.78.58] ([74.4.78.58:49832] helo=kt.weeeble.com) by mailrelay.embarq.synacor.com (envelope-from ) (ecelerity 2.2.2.33 r(25932/25934)) with ESMTPA id C1/DF-31968-0B500C84; Thu, 04 Sep 2008 11:58:41 -0400 Date: Thu, 4 Sep 2008 11:58:39 -0400 From: Randy Pratt To: Miroslav Lachman <000.fbsd@quip.cz> Message-Id: <20080904115839.77f49553.bsd-unix@embarqmail.com> In-Reply-To: <48C0010C.4010006@quip.cz> References: <48BFDA10.60701@pp.dyndns.biz> <48C0010C.4010006@quip.cz> X-Mailer: Sylpheed 2.5.0 (GTK+ 2.12.11; i386-portbld-freebsd6.3) Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: Morgan =?ISO-8859-1?Q?Wesstr=F6m?= , freebsd-ports@freebsd.org Subject: Re: Stop in /usr/ports/sysutils/php5-posix. X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Sep 2008 16:18:42 -0000 On Thu, 04 Sep 2008 17:38:52 +0200 Miroslav Lachman <000.fbsd@quip.cz> wrote: > Morgan Wesstr=F6m wrote: > > Portaudit has complained for a few days about vulnerabilities in=20 > > sysutils/php5-posix but there seems to be no update yet. When I now try= =20 > > to recompile all my ports with portmaster it stops with an error when i= t=20 > > reaches this port. > >=20 > > =3D=3D=3D> php5-posix-5.2.6_1 has known vulnerabilities: > > =3D> php -- input validation error in posix_access function. > > Reference:=20 > > =20 > >=20 > > =3D> Please update your ports tree and try again. > > *** Error code 1 > >=20 > >=20 > > How do I continue? Is there anyway I can force portmaster to skip this= =20 > > port and continue where it left off or do I have to deinstall it and=20 > > recompile everything all over again? > > You can recompile / install vulnerable applications by giving portmaster= =20 > option: -m "DISABLE_VULNERABILITIES=3Dyes". > !!You are using it at your own risk!! I also use this option for all of my port updating. I figure that updating to a newer version "probably" won't make the security any worse if I've already got a vulnerable application. > If you don't need php5-posix, it is better to deinstall it and uncheck=20 > from php5-extensions (with `make config` in /usr/ports/lang/php5-extensio= ns) Actually, I think a fix was just committed: http://docs.freebsd.org/cgi/mid.cgi?200809041355.m84DtBLn072467 So give it a little time for propagation, then re-csup and try it again. =20 HTH, Randy --=20