cvsup and portupgrade
Armin Pirkovitsch
a.pirko at inode.at
Sun Oct 8 07:12:08 PDT 2006
Zbigniew Szalbot wrote:
> Hello,
>
> On Sun, 8 Oct 2006, Armin Pirkovitsch wrote:
>
>> Well another cvsup won't solve the problem since php hasn't been patched
>> yet. However if you're really sure you need and want this kind of port
>> installed just set the environment variable DISABLE_VULNERABILITIES.
>> However - you should be aware that you'd install a program with a
>> security hole.
>
> You are right - it did not help. I do not so much want to install php
> with a security hole as much as I want to patch the hole. From the
> portaudit report I understood that I need to update immediately. And
> hence I am trying to do just that. But as a newbie, I guess I am making
> lots of mistakes on the way.
>
> I would prefer to use portupgrade, since I have pkgtools.conf configured
> so that php is kept with certain flags like CLI, etc.
>
> Reference:
> <http://www.FreeBSD.org/ports/portaudit/edabe438-542f-11db-a5ae-00508d6a62df.html>
> Many, many thanks for such prompt replies and helpful advice to you all!
Just have a look at the reference - to be exactly at the Affects: list.
It concerns all versions ( >0 ) which means there is no patch yet.
So best thing to do is to watch that page and update as soon as there is
a patch.
--
Armin Pirkovitsch
a.pirko at inode.at
More information about the freebsd-questions
mailing list