racerx at makeworld.com
Wed Sep 8 11:09:04 PDT 2004
Matthew Seaman wrote:
> On Wed, Sep 08, 2004 at 10:01:23AM -0500, Chris wrote:
>>While running portaudit, I get the complaint;
>>Affected package: FreeBSD-502010
>>Type of problem: multiple vulnerabilities in the cvs server code.
>>Note: To disable this check add the uuid to `portaudit_fixed' in
>>Am I to assume this is only if you run a cvs server? OR -
>>does this relate to the SA's put out earlier this year about the src.
> Did you read the referenced portaudit page or any of the links
> supplied by it? There are several vulnerabilities, most of which
> affect the CVS server, but one fairly minor that affects the CVS
> The FreeBSD advisory SA-O4:07.cvs refers to a different problem:
> As you can see, the VuXML entry you're getting warnings about is dated
> a month after the security advisory:
> However, the update given in the security advisory is to a version of
> CVS unaffected by either vulnerability. Update your system to the
> latest patchlevel and the problem will be fixed.
This has been done, 5.2.1-RELEASE-p9
Working capital doesn't.
More information about the freebsd-questions