apache13-modssl-1.3.33+2.8.22_1 port broken??
Viren Patel
virenp at mail.utexas.edu
Thu Jul 28 16:34:27 GMT 2005
> On Wed, 27 Jul 2005 23:38:52 +0200, Petr Valenta
> <xvalen at atlas.cz>
> wrote:
>
>>>> --On Wednesday, July 27, 2005 16:08:14 -0500 Viren
>>>> Patel
>>>> <virenp at mail.utexas.edu> wrote:
>>>>
>>>>> I am trying to install apache+mod_ssl-1.3.33+2.8.22_1
>>>>> and
>>>>> get the following:
>>>>>
>>>>> # make
>>>>> ===> apache+mod_ssl-1.3.33+2.8.22_1 has known
>>>>> vulnerabilities:
>>>>> => apache -- http request smuggling.
>>>>> Reference:
>>>>> <http://www.FreeBSD.org/ports/portaudit/651996e0-fe07-11d9-8329-000e0c2e4
>>>>> 38a.html> => Please update your ports tree and try
>>>>> again.
>>>>> *** Error code 1
>>>>>
>>>>> Stop in /usr/ports/www/apache13-modssl.
>>>>>
>>>>> I have updated the ports tree and the files directory
>>>>> contains the patch for this vulnerability
>>>>> (patch-secfix-CAN-2005-2088).
>>>>>
>>>>> I need to install this port urgently. What am I doing
>>>>> wrong?? If the vulnerability has not been fixed, how
>>>>> can
>>>>> I
>>>>> force install? TIA.
>>>>>
>>>> make FORCE_PKGREGISTER=yes && make install
>>>>
>>>> Paul Schmehl (pauls at utdallas.edu)
>>>> Adjunct Information Security Officer
>>>> University of Texas at Dallas
>>>> AVIEN Founding Member
>>>> http://www.utdallas.edu/ir/security/
>>
>>>
>>> Thanks for the quick reply but it doesn't work. I
>>> thought
>>> it was FORCE_PKG_REGISTER. Anyway, I tried it both ways
>>> but no luck. Any other ideas?
>
> DISABLE_VULNERABILITIES=yes
>
New info. for me. Thanks.
>>>
>>> --
>>> Viren
>>>
>>
>> Temporary solution: Uninstall portaudit.
>>
>> --
>> Viren
>>
>> _______________________________________________
>> freebsd-ports at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-ports
>> To unsubscribe, send any mail to
>> "freebsd-ports-unsubscribe at freebsd.org"
>>
>>
>>
>
>
>
More information about the freebsd-ports
mailing list