From owner-freebsd-questions@FreeBSD.ORG  Sun Oct  8 14:00:37 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id C1B6D16A415
	for <freebsd-questions@freebsd.org>;
	Sun,  8 Oct 2006 14:00:37 +0000 (UTC)
	(envelope-from zbyszek@szalbot.homedns.org)
Received: from lists.lc-words.com (lists.lc-words.com [83.19.156.210])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 30CCD43D46
	for <freebsd-questions@freebsd.org>;
	Sun,  8 Oct 2006 14:00:37 +0000 (GMT)
	(envelope-from zbyszek@szalbot.homedns.org)
Received: from [127.0.0.1] (helo=localhost)
	by lists.lc-words.com with esmtp (Exim 4.63 (FreeBSD))
	(envelope-from <zbyszek@szalbot.homedns.org>)
	id 1GWZD0-0004lP-Sw; Sun, 08 Oct 2006 16:00:50 +0200
Date: Sun, 8 Oct 2006 16:00:50 +0200 (CEST)
From: Zbigniew Szalbot <zbyszek@szalbot.homedns.org>
X-X-Sender: zbyszek@192.168.11.51
To: Armin Pirkovitsch <a.pirko@inode.at>
In-Reply-To: <452902EF.3080701@inode.at>
Message-ID: <20061008155535.M17026@192.168.11.51>
References: <20061008130817.G95896@192.168.11.51>
	<4528EB74.3060401@locolomo.org>
	<20061008142037.S97136@192.168.11.51> <4528F097.7010300@inode.at>
	<20061008154335.K98037@192.168.11.51> <452902EF.3080701@inode.at>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: freebsd-questions@freebsd.org
Subject: Re: cvsup and portupgrade
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 08 Oct 2006 14:00:37 -0000

Hello,

On Sun, 8 Oct 2006, Armin Pirkovitsch wrote:

> Well another cvsup won't solve the problem since php hasn't been patched
> yet. However if you're really sure you need and want this kind of port
> installed just set the environment variable DISABLE_VULNERABILITIES.
> However - you should be aware that you'd install a program with a
> security hole.

You are right - it did not help. I do not so much want to install php with 
a security hole as much as I want to patch the hole. From the portaudit 
report I understood that I need to update immediately. And hence I am 
trying to do just that. But as a newbie, I guess I am making lots of 
mistakes on the way.

I would prefer to use portupgrade, since I have pkgtools.conf configured 
so that php is kept with certain flags like CLI, etc.

Here's the log:

$ sudo portupgrade
[Updating the portsdb <format:bdb1_hash> in /usr/ports ... - 15863 port 
entries found 
.........1000.........2000.........3000.........4000.........5000.........6000.........7000.........8000.........9000.........10000.........11000.........12000.........13000.........14000.........15000........ 
..... done]
--->  Upgrading 'php5-5.1.6' to 'php5-5.1.6_1' (lang/php5)
--->  Building '/usr/ports/lang/php5' with make flags: WITH_CLI=1 
WITH_CGI=1 WITH_APACHE=1 WITH_MULTIBYTE=1 WITH_IPV6=1 WITH_REDIRECT=1 
WITH_DISCARD=1 WITH_FASTCGI=1 WITH_PATHINFO=1 WITH_OPENSSL=1 
WITH_GETTEXT=1
===>  Cleaning for apache-2.0.59
===>  Cleaning for autoconf-2.59_2
===>  Cleaning for pkg-config-0.21
===>  Cleaning for libxml2-2.6.26
===>  Cleaning for perl-5.8.8
===>  Cleaning for libtool-1.5.22_2
===>  Cleaning for expat-2.0.0_1
===>  Cleaning for libiconv-1.9.2_2
===>  Cleaning for m4-1.4.4
===>  Cleaning for help2man-1.36.4_1
===>  Cleaning for gmake-3.81_1
===>  Cleaning for p5-gettext-1.05_1
===>  Cleaning for gettext-0.14.5_2
===>  Cleaning for php5-5.1.6_1
===>  php5-5.1.6_1 has known vulnerabilities:
=> php -- open_basedir Race Condition Vulnerability.
    Reference: 
<http://www.FreeBSD.org/ports/portaudit/edabe438-542f-11db-a5ae-00508d6a62df.html>
=> Please update your ports tree and try again.
*** Error code 1

Stop in /usr/ports/lang/php5.
** Command failed [exit code 1]: /usr/bin/script -qa 
/tmp/portupgrade.16956.0 env PORT_UPGRADE=yes make WITH_CLI=1 WITH_CGI=1 
WITH_APACHE=1 WITH_MULTIBYTE=1 WITH_IPV6=1 WITH_REDIRECT=1 WITH_DISCARD=1 
WITH_FASTCGI=1 WITH_PATHINFO=1 WITH_OPENSSL=1 WITH_GETTEXT=1
** Fix the problem and try again.
** Listing the failed packages (*:skipped / !:failed)
         ! lang/php5 (php5-5.1.6)        (unknown build error)
--->  Packages processed: 0 done, 0 ignored, 0 skipped and 1 failed

Someone else asked what my cvsup file looked like. Well, the most 
important settings are these:

*default host=cvsup9.FreeBSD.org
*default base=/var/db
*default prefix=/usr
*default release=cvs tag=.
*default delete use-rel-suffix
ports-all

Many, many thanks for such prompt replies and helpful advice to you all!

--
Zbigniew Szalbot