port php5 - what I am supposed to do here?
wolf at k18.ch
Thu Oct 5 20:40:19 PDT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Portuadit telles my about the "open_basedir Race Condition
By reading the advisory on
http://www.hardened-php.net/advisory_082006.132.html I can safely say
this does not apply to our environment, we don't use open_basedir or
safe_mode and Suhosin is planned anyway (after test).
With a "portsnap fetch update" I get a new version php5-5.1.6_1 in my
But "portmanager -u" or even manually with "make install clean"
everything fails with the following message:
===> php5-5.1.6_1 has known vulnerabilities:
=> php -- open_basedir Race Condition Vulnerability.
=> Please update your ports tree and try again.
*** Error code 1
So what to do now?
There are quite a lot if dependencies which i can't update too now.
Also installing/enabling Suhosin seems not possible anymore now.
Any suggestions are welcome.
Greetings fomr Switzerland
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the freebsd-questions