Perl upgrade - 5.20.x vulnerable
JosC
bsdports at cloudzeeland.nl
Tue Aug 16 11:08:31 UTC 2016
In een bericht van 16-8-2016 11:07:
> Try running pkg audit -F to force updating/refreshing the latest VuXML
> changes.
>
> In this case the lang/perl5.20 (port) version string that the fix was
> made in [1], was only added to an existing entry in security/vuxml as an
> 'update' yesterday [2]
>
> [1] http://svnweb.freebsd.org/changeset/ports/420220
> [2] http://svnweb.freebsd.org/changeset/ports/420219
>
> In the absence of running 'pkg audit -F', only
> the"LOCALBASE/periodic/security/410.pkg-audit script updates the vuxml
> file and audit results. Until that happens, or pkg audit -F is run, pkg
> will still see an older version.
>
> Let us know how it goes
Yep, that did the trick, thanks.
Thinking with you I now ask myself:
- Would it be a good idea to make this vuxml file update part of the
Makefile? Then these occurrences won't happen anymore
- I read in this fine mailing list that users may have various versions
of Perl running due to incompatibillity with other port(version)s the
run. Does the vuxml file update you suggested not interfere with these
other Perl versions that are also running or do these versions have
their own vuxml file?
Best, Jos Chrispijn
More information about the freebsd-ports
mailing list