Date: Thu, 19 Oct 2006 10:02:42 +0100 From: Florent Thoumie <flz@FreeBSD.org> To: Peter Jeremy <peterjeremy@optushome.com.au> Cc: ports@freebsd.org, crs@swcp.com Subject: Re: compat3x Message-ID: <1161248562.71755.2.camel@localhost> In-Reply-To: <20061018200455.GB945@turion.vk2pj.dyndns.org> References: <200610181906.k9IJ6Ai4091879@sorsby.org> <20061018200455.GB945@turion.vk2pj.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--=-gMHYjGMO//Ogo9h8rkFY Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Thu, 2006-10-19 at 06:04 +1000, Peter Jeremy wrote: > On Wed, 2006-Oct-18 13:06:10 -0600, Charlie Sorsby wrote: > >What does this mean and why is it so? >=20 > You are trying to use antique software. Your problem is nothing to > do with the version of FreeBSD that you are running. Rather, you > are trying to use a binary that was built to run on FreeBSD 3.x. >=20 > >Wednesday, 18 Oct, 2006 -- 12:59:41 MDT > >=3D=3D=3D> compat3x-i386-4.4.20020925 is forbidden: FreeBSD-SA-03:05.xd= r, FreeBSD-SA-03:08.realpath - not fixed / no lib available. >=20 > It means that the FreeBSD 3.x libraries contain a number of > vulnerabilities and the FreeBSD project no longer has the resources to > maintain them. >=20 > >I'm trying to install jre from the ports collection of freeBSD 4.11 > >and get the following: >=20 > ports/java/jre is Java 1.1.8, which is quite old. >=20 > Java needs Java as a pre-requisite. A native Java 1.1.8 was released > for FreeBSD 2.x and 3.x so that is used for bootstrapping. The binary > jre1.1.8 was built for FreeBSD 3.x and so needs 3.x compatability > libraries. Upgrading Java binaries is a time-consuming and expensive > undertaking because they must pass Sun's compliance test suite. This > year, the Project released Java 1.5 binaries - at a not insignificant > cost (which I've seen but can't find right now). >=20 > >While I can understand lack of support for old versions of the OS, > >I cannot understand nor can I fail to resent y'all's making its use > >impossible. >=20 > The last FreeBSD 3.x release was FreeBSD 3.5, released in June 2000. > Just how long do you expect the FreeBSD Project to maintain support? > What exactly do you want to the Project to do? If the software wasn't > marked as having known vulnerabilities then I'm sure you would scream > just as loudly and rudely when someone broke into your system via > one of those vulnerabilities. >=20 > In this particular case, you only need the compat3x libraries to > bootstrap jre so it may be practical for you to: > 1) comment out the "FORBIDDEN" line in compat3x > 2) install compat3x and the jre1.1.8 binary > 3) build jre1.1.8 natively > 4) uninstall compat3x and the jre1.1.8 binary > 5) Re-add the "FORBIDDEN" line in compat3x > 6) install the jre1.1.8 you built in step 3 Yeah, or use DISABLE_VULNERABILITIES=3Dyes (which really doesn't mean much, I think IGNORE_FORBIDDEN would be a better name). > >Perhaps if y'all were not so intent upon making free"BSD" less and > >less BSD and more and more "invented here" such problems would be > >less common. All this deserves is *plonk*. --=20 Florent Thoumie flz@FreeBSD.org FreeBSD Committer --=-gMHYjGMO//Ogo9h8rkFY Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) iD8DBQBFNz8yMxEkbVFH3PQRAuV4AJ9yJ8WRbStP1ciEhxbDlnnfArRTYgCfeRNZ a2LtmUHzczbFXXXbFZUVhLM= =X9Ft -----END PGP SIGNATURE----- --=-gMHYjGMO//Ogo9h8rkFY--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1161248562.71755.2.camel>