From owner-freebsd-python@FreeBSD.ORG Wed Feb 15 16:16:45 2012 Return-Path: Delivered-To: python@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1CF9D1065670 for ; Wed, 15 Feb 2012 16:16:45 +0000 (UTC) (envelope-from krisp@engr.uky.edu) Received: from spitfire.ecc.engr.uky.edu (spitfire.ecc.engr.uky.edu [128.163.144.21]) by mx1.freebsd.org (Postfix) with ESMTP id DF0238FC12 for ; Wed, 15 Feb 2012 16:16:44 +0000 (UTC) Received: from webmailserver.smtp ([192.168.0.17] helo=wms.ecc.engr.uky.edu) by spitfire.ecc.engr.uky.edu with esmtp (Exim 4.76) (envelope-from ) id 1RxhID-000Pl8-0f for python@freebsd.org; Wed, 15 Feb 2012 11:01:17 -0500 Received: from www by wms.ecc.engr.uky.edu with local (Exim 4.76) (envelope-from ) id 1RxhIC-000NPD-Tx for python@freebsd.org; Wed, 15 Feb 2012 11:01:16 -0500 Received: from bort.ecc.engr.uky.edu (bort.ecc.engr.uky.edu [128.163.144.93]) by mail.engr.uky.edu (Horde Framework) with HTTP; Wed, 15 Feb 2012 11:01:16 -0500 Message-ID: <20120215110116.52686o6p14j3sb7w@mail.engr.uky.edu> Date: Wed, 15 Feb 2012 11:01:16 -0500 From: Krishna Prabhala To: python@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; DelSp="Yes"; format="flowed" Content-Disposition: inline Content-Transfer-Encoding: 7bit User-Agent: Internet Messaging Program (IMP) 4.3.3 / FreeBSD-7.1 X-Scan-Signature: d939a08bae74c65076f44a7144fbd18a Cc: Subject: Python port update X-BeenThere: freebsd-python@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: FreeBSD-specific Python issues List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Feb 2012 16:16:45 -0000 Hi, 'portaudit' software has marked the python ports as having a vulnerability and marked them as broken. This is the output I get when I run portaudit -Fda: # portaudit -Fda auditfile.tbz 100% of 73 kB 117 kBps New database installed. Database created: Wed Feb 15 15:20:00 UTC 2012 Affected package: python27-2.7.2_3 Type of problem: Python -- DoS via malformed XML-RPC / HTTP POST request. Reference: http://portaudit.FreeBSD.org/b4f8be9e-56b2-11e1-9fb7-003067b2972c.html 1 problem(s) in your installed packages found. You are advised to update or deinstall the affected package(s) immediately. ---- So, when I cd to /usr/ports/lang/python27, do a 'make deinstall' and then do a 'make reinstall', it would not install again. I get a message that I have to update the ports to re-install. I've tried 'portsnap fetch update' but there is no update for the python port. As I mentioned above, the only way to force a re-install of the SAME port is to remove 'portaudit' and then comment the 'BROKEN' line in the Makefile (in the /usr/ports/lang/python27 directory). Thanks, Krishna. ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.