Can't reinstall linux-f10-openldap
Lowell Gilbert
freebsd-questions-local at be-well.ilk.org
Mon May 19 20:54:00 UTC 2014
Walter Hurry <walterhurry at gmail.com> writes:
> On Mon, 19 May 2014 13:47:16 -0400, Lowell Gilbert wrote:
>
>> Walter Hurry <walterhurry at gmail.com> writes:
>>
>>> I'm trying to reinstall net/linux-f10-openldap, but am being prevented
>>> from doing so.
>>>
>>> ------------------------------------------------------------
>>> ===> linux-f10-openldap-2.4.12_1 has known vulnerabilities:
>>> linux-f10-openldap-2.4.12_1 is vulnerable:
>>> OpenLDAP -- incorrect handling of NULL in certificate Common Name CVE:
>>> CVE-2009-3767 WWW: http://portaudit.FreeBSD.org/abad20bf-c1b4-11e3-
>>> a5ac-001b21614864.html => Please update your ports tree and try again.
>>> *** [check-vulnerable] Error code 1
>>>
>>> Stop in /usr/ports/net/linux-f10-openldap.
>>> ------------------------------------------------------------
>>>
>>> The portaudit web page says that there is indeed a vulnerability in
>>> this version, but it is the latest version available in the ports tree.
>>>
>>> Is there any way around this?
>>
>> The only options are the obvious ones:
>>
>> 1) Override the vulnerability warning and install anyway.
> <snip>
>
> Thanks for the reply. How do I implement option 1? Sorry, but there are
> huge gaps in my FreeBSD knowledge.
You set an environment variable, DISABLE_VULNERABILITIES. It's listed in
the manual for ports(7), although I think the reference to the portaudit
port is no longer applicable.
> This is FreeBSD 9.2 (amd64), and I was using 'portupgrade -f'.
portupgrade may have its own settings for that; I don't have it
installed at the moment, so I can't easily check.
Good luck.
More information about the freebsd-questions
mailing list