make gnome2 fails because evince has vulnerability
John Murphy
freebsd001 at freeode.co.uk
Mon Sep 10 16:28:32 PDT 2007
On Mon, 10 Sep 2007 17:09:40 -0500
"Jeremy Messenger" <mezz7 at cox.net> wrote:
> On Mon, 10 Sep 2007 14:52:31 -0500, John Murphy <freebsd001 at freeode.co.uk>
> >
> > Any suggestions from the port maintainers (or clues from anyone)
> > would be much appreciated.
>
> It has been fixed, someone has added evince as vulnerability by mistake.
> The evince doesn't has any of pdf source code in its tarball. It depends
> on poppler and poppler has been marked as safe (patched) a while ago.
>
> Cheers,
> Mezz
Ah, thanks Mezz. I ran 'portaudit -F' and the build is continuing.
(Note to self: Run 'portaudit -F' before installing/upgrading ports.)
> <snip>
> > ===> gnome2-2.18.3 depends on executable: evince - not found
> > ===> Verifying install for evince in /usr/ports/graphics/evince
> > ===> evince-0.8.3_1 has known vulnerabilities:
> > => xpdf -- stack based buffer overflow.
> > Reference:
> > <http://www.FreeBSD.org/ports/portaudit/0e43a14d-3f3f-11dc-a79a-0016179b2dd5.html>
> > => Please update your ports tree and try again.
> > *** Error code 1
> >
> > Stop in /usr/ports/graphics/evince.
> > *** Error code 1
> >
> > Stop in /usr/ports/x11/gnome2.
> > *** Error code 1
> >
> > Stop in /usr/ports/x11/gnome2.
>
>
--
Thanks, John.
More information about the freebsd-gnome
mailing list