Date: Wed, 18 Oct 2006 00:30:59 +1000 From: Norberto Meijome <freebsd@meijome.net> To: Filippo Moretti <gunnut@2ainfo.it> Cc: questions@FreeBSD.org Subject: Re: Problem updating mplayer Message-ID: <20061018003059.11deef50@localhost> In-Reply-To: <4534DB69.1000802@2ainfo.it> References: <4534DB69.1000802@2ainfo.it>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 17 Oct 2006 15:32:25 +0200 Filippo Moretti <gunnut@2ainfo.it> wrote: > ===> Verifying reinstall for > /usr/local/lib/win32/win32-codecs-3.1.0.p8_1,1 in > /usr/ports/multimedia/win32-codecs > ===> win32-codecs-3.1.0.p8_1,1 is forbidden: Remote code execution: > http://vuxml.FreeBSD.org/24f6b1eb-43d5-11db-81e1-000e0c2e438a.html. > *** Error code 1 > What can be done to solve this problem > sincerely Hi Filippo, a) you can work with the win32-codecs team to solve the remote code execution vulnerability b) you can be brave, reckless and probably 0wn3d soon by disabling the vulnerability checks and upgrading anyway (dont know how to do this, sorry) c) you can keep the slightly older port .... but it seems it is still vulnerable: $ sudo portaudit [...] Affected package: win32-codecs-3.1.0.p8,1 Type of problem: win32-codecs -- multiple vulnerabilities. Reference: <http://www.FreeBSD.org/ports/portaudit/24f6b1eb-43d5-11db-81e1-000e0c2e438a.html>; d) you can uninstall win32-codecs :) other options may be available, but i can't think of them atm :) B _________________________ {Beto|Norberto|Numard} Meijome RTFM and STFW before anything bad happens. I speak for myself, not my employer. Contents may be hot. Slippery when wet. Reading disclaimers makes you go blind. Writing them is worse. You have been Warned.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061018003059.11deef50>