Stop in /usr/ports/sysutils/php5-posix.

Thomas Abthorpe tabthorpe at freebsd.org
Thu Sep 4 16:03:49 UTC 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thursday 04 September 2008 11:38:52 Miroslav Lachman wrote:
> Morgan Wesström wrote:
> > Portaudit has complained for a few days about vulnerabilities in
> > sysutils/php5-posix but there seems to be no update yet. When I now try
> > to recompile all my ports with portmaster it stops with an error when it
> > reaches this port.
> >
> > ===>  php5-posix-5.2.6_1 has known vulnerabilities:
> > => php -- input validation error in posix_access function.
> >    Reference:
> > <http://www.FreeBSD.org/ports/portaudit/ee6fa2bd-406a-11dd-936a-0015af872
> >849.html>
> >
> > => Please update your ports tree and try again.
> > *** Error code 1
> >
> >
> > How do I continue? Is there anyway I can force portmaster to skip this
> > port and continue where it left off or do I have to deinstall it and
> > recompile everything all over again?
>
> You can recompile / install vulnerable applications by giving portmaster
>    option: -m "DISABLE_VULNERABILITIES=yes".
> !!You are using it at your own risk!!
>
> If you don't need php5-posix, it is better to deinstall it and uncheck
> from php5-extensions (with `make config` in
> /usr/ports/lang/php5-extensions)
>
> Miroslav Lachman


php5-posix was only marked safe within the last couple of hours, you can 
verify that the build is updated at http://www.vuxml.org and then run 
portaudit -F to refresh the database.


Thomas

- -- 
Thomas Abthorpe		| FreeBSD Committer
tabthorpe at FreeBSD.org	| http://people.freebsd.org/~tabthorpe
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (FreeBSD)

iEUEARECAAYFAkjAA1QACgkQ5Gm/jNBp8qCOKQCXcNO8G/g+yNXGX4WvKE0t3BE9
BwCdFZzaHYK2zNn6yfBSyZ5MDJHwpYU=
=50kg
-----END PGP SIGNATURE-----


More information about the freebsd-ports mailing list