security/gnutls update when...
Ryan Steinmetz
zi at FreeBSD.org
Sat Mar 24 17:52:48 UTC 2012
On (03/24/12 13:29), Jason Hellenthal wrote:
>
> Apparently this port has fell two versions behind. Is there anything
> that is going to happen to update it to the current stable version ?
>
>
> These advisories have been out for a week now. And the current version
> is 2.12.18.
>
>
> Database created: Sat Mar 24 13:15:03 EDT 2012
> Affected package: gnutls-2.12.16
> Type of problem: libtasn1 -- ASN.1 length decoding vulnerability.
> Reference:
> http://portaudit.FreeBSD.org/2e7e9072-73a0-11e1-a883-001cc0a36e12.html
>
> Affected package: gnutls-2.12.16
> Type of problem: gnutls -- possible overflow/Denial of service
> vulnerabilities.
> Reference:
> http://portaudit.FreeBSD.org/aecee357-739e-11e1-a883-001cc0a36e12.html
>
> 2 problem(s) in your installed packages found.
>
>
>
> --
> ;s =;
Jason,
There is an update in progress (ports/166307). There is a shared
library version bump that is part of the gnutls update and this requires
a little extra scrutiny. This, combined with the upcoming 8.3 RELEASE
is what is contributing to the delay.
Hope this helps,
-r
--
Ryan Steinmetz
PGP: EF36 D45A 5CA9 28B1 A550 18CD A43C D111 7AD7 FAF2
More information about the freebsd-ports
mailing list