Evince fails upgrade

[Kevin Oberman]

On Wed, May 23, 2012 at 7:34 AM, Robert <traveling08 at cox.net> wrote:
>
> Hello Port readers
>
> I am unable to upgrade to latest evince due to following failure.
> Evince now calls for www/yelp which calls for www/libxul which has
> vulnerabilities.
>
> [robert at dell64] /usr/ports/x11/yelp% sudo make install clean
>
>  yelp is using libxul for gecko support, but you can
>  change that by defining WITH_GECKO to the following values:
>
>   libxul
>
> ===>  License check disabled, port has not defined LICENSE
> ===>  Extracting for yelp-2.30.2_2
> => SHA256 Checksum OK for gnome2/yelp-2.30.2.tar.bz2.
> /bin/rm -f /usr/ports/x11/yelp/work/yelp-2.30.2/data/yelp.schemas
> ===>  Patching for yelp-2.30.2_2
> ===>  Applying FreeBSD patches for yelp-2.30.2_2
> ===>   yelp-2.30.2_2 depends on file: /usr/local/lib/libxul/libxul.so -
> not found ===>    Verifying install for /usr/local/lib/libxul/libxul.so
> in /usr/ports/www/libxul ===>  libxul-1.9.2.28 has known
> vulnerabilities: Affected package: libxul-1.9.2.28
> Type of problem: mozilla -- multiple vulnerabilities.
> Reference:
> http://portaudit.FreeBSD.org/380e8c56-8e32-11e1-9580-4061862b8c22.html
> => Please update your ports tree and try again. *** Error code 1
>
> Stop in /usr/ports/www/libxul.
> *** Error code 1
>
> Stop in /usr/ports/www/libxul.
> *** Error code 1
>
> Stop in /usr/ports/x11/yelp.
>
> I have tried to comment out the WITH_GECKO line but that fails also.
> The Makefile already has
>
> WITH_GECKO=  libxul
>
> What do I need to change it to?

There is nothing to change it to, as far as I know. There used to
other options, but libxul is the only one left.

Unfortunately, it has a vulnerability, so won't build. You can either
force it by setting DISABLE_VULNERABILITIES and live with the
vulnerability or wait until libxul is fixed, assuming that it is.
Other ports that use GECKO have the same problem.
-- 
R. Kevin Oberman, Network Engineer
E-mail: kob6558 at gmail.com