portupgrade refusin to upgrade a port .. when it shouldn't imho
Vince
jhary at unsane.co.uk
Thu Dec 7 05:46:30 PST 2006
mato wrote:
> On Wed, 6 Dec 2006 16:46:24 -0800, Josh Carroll wrote
>>>>> ** Port marked as IGNORE: multimedia/win32-codecs:
>>>>> is forbidden: Remote code execution:
>>>>> http://vuxml.FreeBSD.org/24f6b1eb-43d5-11db-81e1-000e0c2e438a.html
>>>>>
>>>>> Isn't this behaviour flawed ?? Or am I missing something ?
>> You need to make config in /usr/ports/multimedia/win32-codecs, and
>> unselect quicktime. Then the port should install. This is assuming,
>> of course, that you can live without the QT codec(s).
>>
>> Josh
>
>
> OK, I will try it.. Thank you all.
>
> But the question remains -- if new port version is not vulnerable why i cannot
> upgrade to it ??
>
Its only not vulnerable if you unselect the quicktime codec. the
vulnerability is in the quicktime codec.
The port will by default use the stored config in
/var/db/ports/win32-codecs/options and if this says to use the quicktime
codec then it will not upgrade. This seems pretty sensible to me.
Vince
> Cheers,
>
> Martin
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-ports
mailing list