portaudit report vs. portupgrade report

Jim Angstadt jimajima9 at yahoo.com
Thu May 18 11:27:39 PDT 2006 

Hi All,

I'm new to FreeBSD.

The daily security report lists 9 problems with
installed packages.  

In an earlier message I was advised to use the ports
system to avoid dealing with package dependencies. 
Thanks to all for that advice.

So I have done the cvsup, buildworld, buildkernel,
..., process and completed without errors.  (Thanks to
all who have posted helpful messages on this subject.)

Running "portaudit -Fa" advised me that the same 9
packages were still a problem.

Running "portupgrade -n firefox" advised me:

  ** No need to upgrade 'firefox-1.0.7_1,1' (>=
firefox-1.0.7_1,1).

Same thing with mozilla:

  ** No need to upgrade 'mozilla-1.7.12,2' (>=
mozilla-1.7.12,2).

I did not check the other 7 packages in question.

On the surface, to me, it seems as if these two tools
are giving me opposite information.

So, ... what is going on here?  What should I do to
get right.

Please see below for the actual console traffic,
slightly snipped.


# ----------- actual console traffic -----------

tiny# uname -a
FreeBSD tiny.brc.localnet 6.0-RELEASE-p7 FreeBSD
6.0-RELEASE-p7 #0: Wed May 17 16:26:53 PDT 2006    
root at tiny.brc.localnet:/usr/obj/usr/src/sys/GENERIC 
i386


tiny# portaudit -Fa
auditfile.tbz                                 100% of 
 35 kB  154 kBps
New database installed.
Affected package: firefox-1.0.7_1,1
Type of problem: mozilla -- multiple vulnerabilities.
Reference:
<http://www.FreeBSD.org/ports/portaudit/84630f4a-cd8c-11da-b7b9-0
00c6ec775d9.html>

Affected package: mozilla-1.7.12,2
Type of problem: mozilla -- multiple vulnerabilities.
Reference:
<http://www.FreeBSD.org/ports/portaudit/84630f4a-cd8c-11da-b7b9-0
00c6ec775d9.html>

[ 7 other packages snipped ]

9 problem(s) in your installed packages found.

You are advised to update or deinstall the affected
package(s) immediately.


tiny# portupgrade -n firefox
--->  Session started at: Wed, 17 May 2006 18:55:20
-0700
[Rebuilding the pkgdb <format:bdb1_btree> in
/var/db/pkg ... - 241 packages found (-0 +241)
.................................................................................................................................................................................................................................................
done]
[Updating the portsdb <format:bdb1_btree> in
/usr/ports ... - 13306 port entries found
.........1000.........2000.........3000.........4000.........5000.........6000.........7000.........8000.........9000.........10000.........11000.........12000.........13000...
..... done]
** No need to upgrade 'firefox-1.0.7_1,1' (>=
firefox-1.0.7_1,1). (specify -f to force)
--->  Listing the results (+:done / -:ignored /
*:skipped / !:failed)
        - www/firefox (firefox-1.0.7_1,1)
--->  Packages processed: 0 done, 1 ignored, 0 skipped
and 0 failed
--->  Session ended at: Wed, 17 May 2006 18:57:17
-0700 (consumed 00:01:57)


tiny# portupgrade -n mozilla
--->  Session started at: Wed, 17 May 2006 18:58:49
-0700
** No need to upgrade 'mozilla-1.7.12,2' (>=
mozilla-1.7.12,2). (specify -f to force)
--->  Listing the results (+:done / -:ignored /
*:skipped / !:failed)
        - www/mozilla (mozilla-1.7.12,2)
--->  Packages processed: 0 done, 1 ignored, 0 skipped
and 0 failed
--->  Session ended at: Wed, 17 May 2006 18:58:53
-0700 (consumed 00:00:03)


# ------------- end of console traffic ---------


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

More information about the freebsd-questions mailing list