compat3x
Florent Thoumie
flz at FreeBSD.org
Thu Oct 19 09:02:56 UTC 2006
On Thu, 2006-10-19 at 06:04 +1000, Peter Jeremy wrote:
> On Wed, 2006-Oct-18 13:06:10 -0600, Charlie Sorsby wrote:
> >What does this mean and why is it so?
>
> You are trying to use antique software. Your problem is nothing to
> do with the version of FreeBSD that you are running. Rather, you
> are trying to use a binary that was built to run on FreeBSD 3.x.
>
> >Wednesday, 18 Oct, 2006 -- 12:59:41 MDT
> >===> compat3x-i386-4.4.20020925 is forbidden: FreeBSD-SA-03:05.xdr, FreeBSD-SA-03:08.realpath - not fixed / no lib available.
>
> It means that the FreeBSD 3.x libraries contain a number of
> vulnerabilities and the FreeBSD project no longer has the resources to
> maintain them.
>
> >I'm trying to install jre from the ports collection of freeBSD 4.11
> >and get the following:
>
> ports/java/jre is Java 1.1.8, which is quite old.
>
> Java needs Java as a pre-requisite. A native Java 1.1.8 was released
> for FreeBSD 2.x and 3.x so that is used for bootstrapping. The binary
> jre1.1.8 was built for FreeBSD 3.x and so needs 3.x compatability
> libraries. Upgrading Java binaries is a time-consuming and expensive
> undertaking because they must pass Sun's compliance test suite. This
> year, the Project released Java 1.5 binaries - at a not insignificant
> cost (which I've seen but can't find right now).
>
> >While I can understand lack of support for old versions of the OS,
> >I cannot understand nor can I fail to resent y'all's making its use
> >impossible.
>
> The last FreeBSD 3.x release was FreeBSD 3.5, released in June 2000.
> Just how long do you expect the FreeBSD Project to maintain support?
> What exactly do you want to the Project to do? If the software wasn't
> marked as having known vulnerabilities then I'm sure you would scream
> just as loudly and rudely when someone broke into your system via
> one of those vulnerabilities.
>
> In this particular case, you only need the compat3x libraries to
> bootstrap jre so it may be practical for you to:
> 1) comment out the "FORBIDDEN" line in compat3x
> 2) install compat3x and the jre1.1.8 binary
> 3) build jre1.1.8 natively
> 4) uninstall compat3x and the jre1.1.8 binary
> 5) Re-add the "FORBIDDEN" line in compat3x
> 6) install the jre1.1.8 you built in step 3
Yeah, or use DISABLE_VULNERABILITIES=yes (which really doesn't mean
much, I think IGNORE_FORBIDDEN would be a better name).
> >Perhaps if y'all were not so intent upon making free"BSD" less and
> >less BSD and more and more "invented here" such problems would be
> >less common.
All this deserves is *plonk*.
--
Florent Thoumie
flz at FreeBSD.org
FreeBSD Committer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: This is a digitally signed message part
Url : http://lists.freebsd.org/pipermail/freebsd-ports/attachments/20061019/3a32c24d/attachment.pgp
More information about the freebsd-ports
mailing list