portaudit report vs. portupgrade report
Jim Angstadt
jimajima9 at yahoo.com
Thu May 18 11:27:39 PDT 2006
Hi All,
I'm new to FreeBSD.
The daily security report lists 9 problems with
installed packages.
In an earlier message I was advised to use the ports
system to avoid dealing with package dependencies.
Thanks to all for that advice.
So I have done the cvsup, buildworld, buildkernel,
..., process and completed without errors. (Thanks to
all who have posted helpful messages on this subject.)
Running "portaudit -Fa" advised me that the same 9
packages were still a problem.
Running "portupgrade -n firefox" advised me:
** No need to upgrade 'firefox-1.0.7_1,1' (>=
firefox-1.0.7_1,1).
Same thing with mozilla:
** No need to upgrade 'mozilla-1.7.12,2' (>=
mozilla-1.7.12,2).
I did not check the other 7 packages in question.
On the surface, to me, it seems as if these two tools
are giving me opposite information.
So, ... what is going on here? What should I do to
get right.
Please see below for the actual console traffic,
slightly snipped.
# ----------- actual console traffic -----------
tiny# uname -a
FreeBSD tiny.brc.localnet 6.0-RELEASE-p7 FreeBSD
6.0-RELEASE-p7 #0: Wed May 17 16:26:53 PDT 2006
root at tiny.brc.localnet:/usr/obj/usr/src/sys/GENERIC
i386
tiny# portaudit -Fa
auditfile.tbz 100% of
35 kB 154 kBps
New database installed.
Affected package: firefox-1.0.7_1,1
Type of problem: mozilla -- multiple vulnerabilities.
Reference:
<http://www.FreeBSD.org/ports/portaudit/84630f4a-cd8c-11da-b7b9-0
00c6ec775d9.html>
Affected package: mozilla-1.7.12,2
Type of problem: mozilla -- multiple vulnerabilities.
Reference:
<http://www.FreeBSD.org/ports/portaudit/84630f4a-cd8c-11da-b7b9-0
00c6ec775d9.html>
[ 7 other packages snipped ]
9 problem(s) in your installed packages found.
You are advised to update or deinstall the affected
package(s) immediately.
tiny# portupgrade -n firefox
---> Session started at: Wed, 17 May 2006 18:55:20
-0700
[Rebuilding the pkgdb <format:bdb1_btree> in
/var/db/pkg ... - 241 packages found (-0 +241)
.................................................................................................................................................................................................................................................
done]
[Updating the portsdb <format:bdb1_btree> in
/usr/ports ... - 13306 port entries found
.........1000.........2000.........3000.........4000.........5000.........6000.........7000.........8000.........9000.........10000.........11000.........12000.........13000...
..... done]
** No need to upgrade 'firefox-1.0.7_1,1' (>=
firefox-1.0.7_1,1). (specify -f to force)
---> Listing the results (+:done / -:ignored /
*:skipped / !:failed)
- www/firefox (firefox-1.0.7_1,1)
---> Packages processed: 0 done, 1 ignored, 0 skipped
and 0 failed
---> Session ended at: Wed, 17 May 2006 18:57:17
-0700 (consumed 00:01:57)
tiny# portupgrade -n mozilla
---> Session started at: Wed, 17 May 2006 18:58:49
-0700
** No need to upgrade 'mozilla-1.7.12,2' (>=
mozilla-1.7.12,2). (specify -f to force)
---> Listing the results (+:done / -:ignored /
*:skipped / !:failed)
- www/mozilla (mozilla-1.7.12,2)
---> Packages processed: 0 done, 1 ignored, 0 skipped
and 0 failed
---> Session ended at: Wed, 17 May 2006 18:58:53
-0700 (consumed 00:00:03)
# ------------- end of console traffic ---------
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the freebsd-questions
mailing list