FreeBSD Port: png-1.2.22

Tobias Roth freebsd.lists at
Sun Oct 14 07:29:06 PDT 2007

L. Derksen wrote:
> Hello,
> I did get a message from portaudit that my 'png-1.2.18'-package was a
> security risk. So I updated my portstree with 'portsnap fetch update',
> deleted the png-package (make deinstall) and then tried to install the
> current png-package (1.2.22). Now the tree gives me the message:
> ===>  png-1.2.18 has known vulnerabilities:
> => png -- multiple vulnerabilities.
>   Reference:
> <>
> => Please update your ports tree and try again.
> *** Error code 1
> Question:
> Why is my ports tree not up to date with png-1.2.22? When i do a
> 'portsnap fetch update' it gives me that my tree is up to date.

The portsnap server hardware is experiencing problems at the moment,
this is being worked on.

I figured since the png vulnerability is only DoS, and not code
execution, I'll just wait until the hardware is fixed. If you don't want
to wait, I suggest you get the update manually via cvs:

CVSROOT="anoncvs at" cvs co png


More information about the freebsd-ports mailing list