FreeBSD Port: compat3x-i386-5.0.20020925

Chuck Swiger cswiger at
Sun Jan 16 08:32:35 PST 2005

Daniel S. Haischt wrote:
> jdk1.2 depends on jdk11 which depends on
> compat3x-i386-5.0.20020925. The latter port
> is marked as FORBIDDEN because of ...
>  * FreeBSD-SA-03:05.xdr
>  * FreeBSD-SA-03:08.realpath
> Are those vulnerabilities fixed in 5.3-STABLE,
> or do I still have to patch the system's source
> tree to be able to install the just mentioned ports?

Yes, those vulnerabilities are fixed in FreeBSD 5.3, but the fixes were not 
ported all the way back to FreeBSD 3, and probably never will be.  Program 
binaries which depend on compat3x are still vulnerable, though they would not 
be if they were recompiled for a newer version of FreeBSD.

Thus the port is FORBIDDEN.


More information about the freebsd-ports mailing list