portupgrade ruby package
Pat Maddox
pergesu at gmail.com
Mon Jul 31 19:45:57 UTC 2006
On 7/31/06, jan gestre <freebsd.ph at gmail.com> wrote:
> hi guys,
>
> portaudit reperoted a vulnerability on the ruby package, so i did the
> following:
>
> # cvsup -L 2 ports-supfile
> # portsdb -Uu
> # portupgrade -rR ruby
>
> but i encountered this error message, i can't upgrade ruby.
>
> ---> Upgrading 'ruby-1.8.4_8,1' to 'ruby-1.8.4_9,1' (lang/ruby18)
> ---> Building '/usr/ports/lang/ruby18'
> ===> Cleaning for ruby-1.8.4_9,1
>
> NOTE:
> You can enable pthread support by defining WITH_PTHREADS variable,
> but not recommended since this might break some ruby apps.
>
> ===> ruby-1.8.4_9,1 has known vulnerabilities:
> => ruby - multiple vulnerabilities.
> Reference: <
> http://www.FreeBSD.org/ports/portaudit/76562594-1f19-11db-b7d4-0008743bf21a.html
> >
> => ruby - multiple vulnerabilities.
> Reference: <
> http://www.FreeBSD.org/ports/portaudit/76562594-1f19-11db-b7d4-0008743bf21a.html
> >
> => Please update your ports tree and try again.
> *** Error code 1
I'm not 100% sure on this, but I think the problem is that even the
new Ruby port has the vulnerabilities in it. You won't be able to
upgrade until those get patched first. This is the first ML message
I've seen about this issue, so I don't have any more info.
Pat
More information about the freebsd-questions
mailing list