Date: Sat, 24 Mar 2012 13:52:45 -0400 From: Ryan Steinmetz <zi@FreeBSD.org> To: Jason Hellenthal <jhellenthal@dataix.net> Cc: ports@FreeBSD.org, pav@FreeBSD.org, delphij@FreeBSD.org, novel@FreeBSD.org Subject: Re: security/gnutls update when... Message-ID: <20120324175245.GA78438@fast.rit.edu> In-Reply-To: <20120324172937.GA43822@DataIX.net> References: <20120324172937.GA43822@DataIX.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On (03/24/12 13:29), Jason Hellenthal wrote: > > Apparently this port has fell two versions behind. Is there anything > that is going to happen to update it to the current stable version ? > > > These advisories have been out for a week now. And the current version > is 2.12.18. > > > Database created: Sat Mar 24 13:15:03 EDT 2012 > Affected package: gnutls-2.12.16 > Type of problem: libtasn1 -- ASN.1 length decoding vulnerability. > Reference: > http://portaudit.FreeBSD.org/2e7e9072-73a0-11e1-a883-001cc0a36e12.html > > Affected package: gnutls-2.12.16 > Type of problem: gnutls -- possible overflow/Denial of service > vulnerabilities. > Reference: > http://portaudit.FreeBSD.org/aecee357-739e-11e1-a883-001cc0a36e12.html > > 2 problem(s) in your installed packages found. > > > > -- > ;s =; Jason, There is an update in progress (ports/166307). There is a shared library version bump that is part of the gnutls update and this requires a little extra scrutiny. This, combined with the upcoming 8.3 RELEASE is what is contributing to the delay. Hope this helps, -r -- Ryan Steinmetz PGP: EF36 D45A 5CA9 28B1 A550 18CD A43C D111 7AD7 FAF2
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120324175245.GA78438>