libsoup-2.52.2_1 still listed as vulnerable
Rob Belics
robbelics at gmail.com
Mon Aug 21 22:02:37 UTC 2017
I don't see in bugzilla where this port is vulnerable yet, when I update
ports and build it, it complains thus:
===> Cleaning for libsoup-2.52.2_1
===> libsoup-2.52.2_1 has known vulnerabilities:
libsoup-2.52.2_1 is vulnerable:
libsoup -- stack based buffer overflow
CVE: CVE-2017-2885
WWW:
https://vuxml.FreeBSD.org/freebsd/8e7bbddd-8338-11e7-867f-b499baebfeaf.html
1 problem(s) in the installed packages found.
=> Please update your ports tree and try again.
=> Note: Vulnerable ports are marked as such even if there is no update
available.
=> If you wish to ignore this vulnerability rebuild with 'make
DISABLE_VULNERABILITIES=yes'
*** Error code 1
Stop.
make: stopped in /usr/ports/devel/libsoup
===>>> make build failed for devel/libsoup
===>>> Aborting update
===>>> Update for libsoup-2.52.2 failed
===>>> Aborting update
I wasn't sure if I should post this as a bug or email you. Or am I looking
t this wrong?
Thanks,
Rob
More information about the freebsd-gnome
mailing list