Date: Mon, 3 May 2004 09:43:35 -0500 From: "Jacques A. Vidrine" <nectar@FreeBSD.org> To: Artur Pydo <artur@pydo.org> Cc: freebsd-security@freebsd.org Subject: Re: Bad VuXML check on PNG port ? Message-ID: <20040503144335.GA15293@madman.celabo.org> In-Reply-To: <40965500.4040205@pydo.org> References: <40965500.4040205@pydo.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, May 03, 2004 at 04:19:44PM +0200, Artur Pydo wrote: > Hello, > > The current png-1.2.5_4 port has no more vulnerability. > It has been corrected by ache@FreeBSD.org yesterday. > But when i try to install the updated port to remplace > the vulnerable one this is what i am told : > > # make install > ===> png-1.2.5_4 has known vulnerabilities: > >> libpng denial-of-service. > Reference: > <http://people.freebsd.org/~eik/portaudit/3a408f6f-9c52-11d8-9366-0020ed76ef5a.html>; > >> Please update your ports tree and try again. > *** Error code 1 > > The 4-STABLE ports tree is up-to-date. > > Isn't it a problem to be unable to update a vulnerable port ? The VuXML document needed to be updated after ache@ made the fix. I've done so now. Cheers, -- Jacques Vidrine / nectar@celabo.org / jvidrine@verio.net / nectar@freebsd.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040503144335.GA15293>