strange error when building cups
Daniel Bye
freebsd-questions at slightlystrange.org
Fri Nov 9 08:12:53 PST 2007
On Fri, Nov 09, 2007 at 03:18:20PM +0000, Adam J Richardson wrote:
> Aryeh M. Friedman wrote:
> >-----BEGIN PGP SIGNED MESSAGE-----
> >Hash: SHA1
> >
> >Can some tell me what this means and how to fix it:
> >
> >===> cups-pstoraster-8.15.4_1 depends on shared library: cups.2 -
> >not found
> >===> Verifying install for cups.2 in /usr/ports/print/cups-base
> >===> cups-base-1.3.3 is forbidden: remote execution of arbitrary code.
> >*** Error code 1
> >
> >Stop in /FreeBSD/FreeBSD-current/ports/print/cups-base.
> >*** Error code 1
> >
> >Stop in /FreeBSD/FreeBSD-current/ports/print/cups-pstoraster.
> >*** Error code 1
> >
> >Stop in /FreeBSD/FreeBSD-current/ports/print/cups.
> >
>
> Hi Aryeh,
>
> I can't tell you about the error, but:
>
> %pkg_info | grep cups
> cups-base-1.3.3 Common UNIX Printing System
> cups-pstoraster-8.15.4_1 Postscript interpreter for CUPS printing to
> non-PS printers
>
> Looks like the same versions. They do build ok. Perhaps a "make clean
> distclean" will shake out the bugs?
>
> 'Remote execution' is interesting. Do you use some sort of load balancer?
This means that there is a security flaw outstanding with the print/cups-base
package. It could potentially be exploited by an attacker to run arbitrary
code on your print server.
The warning is being emitted by the following line in the print/cups-base
Makefile:
FORBIDDEN= remote execution of arbitrary code
The fix would be to find the vulnerability and patch it, or failing that,
contact the maintainer and see what he says. As a workaround, if you don't
care about the vulnerability, you can set NO_IGNORE in the make environment
and try again. ports(7) has more detail.
Dan
--
Daniel Bye
_
ASCII ribbon campaign ( )
- against HTML, vCards and X
- proprietary attachments in e-mail / \
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20071109/c9aba55a/attachment.pgp
More information about the freebsd-questions
mailing list