apache13-modssl-1.3.33+2.8.22_1 port broken??
Viren Patel
virenp at mail.utexas.edu
Wed Jul 27 21:38:53 GMT 2005
>> --On Wednesday, July 27, 2005 16:08:14 -0500 Viren Patel
>> <virenp at mail.utexas.edu> wrote:
>>
>>> I am trying to install apache+mod_ssl-1.3.33+2.8.22_1
>>> and
>>> get the following:
>>>
>>># make
>>> ===> apache+mod_ssl-1.3.33+2.8.22_1 has known
>>> vulnerabilities:
>>> => apache -- http request smuggling.
>>> Reference:
>>> <http://www.FreeBSD.org/ports/portaudit/651996e0-fe07-11d9-8329-000e0c2e4
>>> 38a.html> => Please update your ports tree and try
>>> again.
>>> *** Error code 1
>>>
>>> Stop in /usr/ports/www/apache13-modssl.
>>>
>>> I have updated the ports tree and the files directory
>>> contains the patch for this vulnerability
>>> (patch-secfix-CAN-2005-2088).
>>>
>>> I need to install this port urgently. What am I doing
>>> wrong?? If the vulnerability has not been fixed, how
>>> can
>>> I
>>> force install? TIA.
>>>
>> make FORCE_PKGREGISTER=yes && make install
>>
>> Paul Schmehl (pauls at utdallas.edu)
>> Adjunct Information Security Officer
>> University of Texas at Dallas
>> AVIEN Founding Member
>> http://www.utdallas.edu/ir/security/
>
> Thanks for the quick reply but it doesn't work. I thought
> it was FORCE_PKG_REGISTER. Anyway, I tried it both ways
> but no luck. Any other ideas?
>
> --
> Viren
>
Temporary solution: Uninstall portaudit.
--
Viren
More information about the freebsd-ports
mailing list