graphics/evince depends on vulnerable libxul19
freebsd-ports-local at be-well.ilk.org
Wed Oct 3 14:29:30 UTC 2012
Anton Shterenlikht <mexas at bristol.ac.uk> writes:
> ===> Installing for evince-2.32.0_9
> ===> evince-2.32.0_9 depends on file: /usr/local/share/icons/gnome/index.theme - found
> ===> evince-2.32.0_9 depends on executable: yelp - not found
> ===> Verifying install for yelp in /usr/ports/x11/yelp
> ===> yelp-2.30.2_4 depends on file: /usr/local/lib/libxul/libxul.so - not found
> ===> Verifying install for /usr/local/lib/libxul/libxul.so in /usr/ports/www/libxul19
> ===> libxul-184.108.40.206_1 has known vulnerabilities:
> libxul-220.127.116.11_1 is vulnerable:
> mozilla -- multiple vulnerabilities
> Shouldn't evince be forcing www/libxul install instead?
It's yelp which is looking for libxul19, not evince directly. And yelp
won't work with www/libxul last I heard.
Personally, I'm just living without yelp right now. I think others are
too. The quick-and-dirty hack someone just mentioned on another thread
is to let yelp install with libxul19, then delete libxul19. Yelp won't
work, but it will be installed and other programs that want it will go
ahead and install happily. That sounds like it should work; what I did
(before I heard that advice) was to change other ports to not try to use
yelp at all.
More information about the freebsd-ports