Forcing a portupgrade?
racerx at makeworld.com
Tue Feb 13 22:48:27 UTC 2007
Paul Schmehl wrote:
> --On Tuesday, February 13, 2007 16:25:23 -0600 Chris
> <racerx at makeworld.com> wrote:
>> Bob wrote:
>>> # portupgrade mozilla
>>> ---> Upgrading 'mozilla-1.7.12_5,2' to
>>> 'mozilla-1.7.13_2,2' (www/mozilla)
>>> ===> mozilla-1.7.13_2,2 has known vulnerabilities:
>>> => mozilla -- multiple vulnerabilities.
>>> 75d9.html> => mozilla -- multiple vulnerabilities. Reference:
>>> 75d9.html> => Please update your ports tree and try again. *** Error
>>> code 1
>>> My ports tree IS up to date, and I have a copy of mozilla-1.7.13_2,2
>>> in /usr/ports/distfiles, but obviously there is no current fix for the
>>> vulnerability(s). I would still like to upgrade Mozilla to 1.7.13_2,2.
>>> Is there a way to force the upgrade despite the port-vulnerability stop?
>> An easy fix - remove the database portaudit uses. Loog somewhere in
>> /var/db ....
>> Then rerun your portupgrade
> Yikes! That's a bit drastic. What's wrong with make
> DISABLE_VULNERABILITIES install?
> Paul Schmehl (pauls at utdallas.edu)
> Senior Information Security Analyst
> The University of Texas at Dallas
As I mentioned in a posting (not made it here yet) that is a drastic
move and the Op may have installed portaudit without understanding what
it means and does.
With that assumtion - I think my pending posting somewhat covers the
reason as to NOT do that.
Nothing is ever accomplished by a reasonable man.
More information about the freebsd-questions