Forcing a portupgrade?
Paul Schmehl
pauls at utdallas.edu
Tue Feb 13 22:41:29 UTC 2007
--On Tuesday, February 13, 2007 16:25:23 -0600 Chris <racerx at makeworld.com>
wrote:
> Bob wrote:
>> # portupgrade mozilla
>> ---> Upgrading 'mozilla-1.7.12_5,2' to
>> 'mozilla-1.7.13_2,2' (www/mozilla)
>>
>> [...]
>>
>> ===> mozilla-1.7.13_2,2 has known vulnerabilities:
>> => mozilla -- multiple vulnerabilities.
>> Reference:
>> <http://www.FreeBSD.org/ports/portaudit/e6296105-449b-11db-ba89-000c6ec7
>> 75d9.html> => mozilla -- multiple vulnerabilities. Reference:
>> <http://www.FreeBSD.org/ports/portaudit/e2a92664-1d60-11db-88cf-000c6ec7
>> 75d9.html> => Please update your ports tree and try again. *** Error
>> code 1
>>
>> My ports tree IS up to date, and I have a copy of mozilla-1.7.13_2,2
>> in /usr/ports/distfiles, but obviously there is no current fix for the
>> vulnerability(s). I would still like to upgrade Mozilla to 1.7.13_2,2.
>> Is there a way to force the upgrade despite the port-vulnerability stop?
>>
>> Bob
>>
>
> An easy fix - remove the database portaudit uses. Loog somewhere in
> /var/db ....
>
> Then rerun your portupgrade
Yikes! That's a bit drastic. What's wrong with make
DISABLE_VULNERABILITIES install?
Paul Schmehl (pauls at utdallas.edu)
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
More information about the freebsd-questions
mailing list