Date: Tue, 16 Aug 2016 13:08:27 +0200 From: JosC <bsdports@cloudzeeland.nl> To: koobs@FreeBSD.org, FreeBSD Ports ML <freebsd-ports@freebsd.org> Subject: Re: Perl upgrade - 5.20.x vulnerable Message-ID: <84206cd3-10fb-2125-c7e9-921d74432c92@cloudzeeland.nl> In-Reply-To: <280f6f77-ad33-6ebb-d54a-a97129f793b3@FreeBSD.org> References: <3f8f41ff-3262-1021-2e28-2aaae89849b6@cloudzeeland.nl> <2915322d-0b1a-d36e-0725-c10bd0d32b7c@cloudzeeland.nl> <280f6f77-ad33-6ebb-d54a-a97129f793b3@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In een bericht van 16-8-2016 11:07: > Try running pkg audit -F to force updating/refreshing the latest VuXML > changes. > > In this case the lang/perl5.20 (port) version string that the fix was > made in [1], was only added to an existing entry in security/vuxml as an > 'update' yesterday [2] > > [1] http://svnweb.freebsd.org/changeset/ports/420220 > [2] http://svnweb.freebsd.org/changeset/ports/420219 > > In the absence of running 'pkg audit -F', only > the"LOCALBASE/periodic/security/410.pkg-audit script updates the vuxml > file and audit results. Until that happens, or pkg audit -F is run, pkg > will still see an older version. > > Let us know how it goes Yep, that did the trick, thanks. Thinking with you I now ask myself: - Would it be a good idea to make this vuxml file update part of the Makefile? Then these occurrences won't happen anymore - I read in this fine mailing list that users may have various versions of Perl running due to incompatibillity with other port(version)s the run. Does the vuxml file update you suggested not interfere with these other Perl versions that are also running or do these versions have their own vuxml file? Best, Jos Chrispijn
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?84206cd3-10fb-2125-c7e9-921d74432c92>