From owner-freebsd-bugs@FreeBSD.ORG Sat Jun 25 12:35:09 2005 Return-Path: X-Original-To: freebsd-bugs@freebsd.org Delivered-To: freebsd-bugs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9E43F16A41C for ; Sat, 25 Jun 2005 12:35:09 +0000 (GMT) (envelope-from gabor.kovesdan@t-hosting.hu) Received: from viefep16-int.chello.at (viefep16-int.chello.at [213.46.255.17]) by mx1.FreeBSD.org (Postfix) with ESMTP id C39A643D49 for ; Sat, 25 Jun 2005 12:35:08 +0000 (GMT) (envelope-from gabor.kovesdan@t-hosting.hu) Received: from [80.98.156.20] by viefep16-int.chello.at (InterMail vM.6.01.04.04 201-2131-118-104-20050224) with ESMTP id <20050625123506.JGGQ1756.viefep16-int.chello.at@[80.98.156.20]>; Sat, 25 Jun 2005 14:35:06 +0200 Message-ID: <42BD4F77.1080601@t-hosting.hu> Date: Sat, 25 Jun 2005 14:35:03 +0200 From: =?ISO-8859-1?Q?K=F6vesd=E1n_G=E1bor?= User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Fracesco Cecconi References: <200506251406.48677.brand@securityitaly.org> In-Reply-To: <200506251406.48677.brand@securityitaly.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Cc: freebsd-bugs@freebsd.org Subject: Re: ERROR Report!! X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Jun 2005 12:35:09 -0000 Fracesco Cecconi wrote: >HI, > >Error reinstall ruby! > >lang/ruby18/make reinstall > >===> ruby-1.8.2_3 has known vulnerabilities: >=> ruby -- arbitrary command execution on XMLRPC server. > Reference: > >=> Please update your ports tree and try again. >*** Error code 1 > >Stop in /usr/ports/lang/ruby18. >*** Error code 1 > >Stop in /usr/ports/lang/ruby18. > > >The ports tree is update!!! > >Francesco Cecconi >_______________________________________________ >freebsd-bugs@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-bugs >To unsubscribe, send any mail to "freebsd-bugs-unsubscribe@freebsd.org" > > Hi, there is a utility, called portaudit, which notifies You about the packages, that have security issues. You can see here that ruby has an arbitrary command execution error, and its use is unsafe, that's why You couldn't installed it. If You want to install it anyway You should remove portaudit, or edit your portaudit.conf file to ignore that vulnerability. Anyway, You should have read the message first and asked via freebsd-questions@ or via freebsd-stable@ instead of sebding a false error report. Cheers, Gábor Kövesdán