Can't reinstall linux-f10-openldap (SOLVED)
Walter Hurry
walterhurry at gmail.com
Tue May 20 20:25:38 UTC 2014
On Mon, 19 May 2014 16:53:52 -0400, Lowell Gilbert wrote:
> Walter Hurry <walterhurry at gmail.com> writes:
>
>> On Mon, 19 May 2014 13:47:16 -0400, Lowell Gilbert wrote:
>>
>>> Walter Hurry <walterhurry at gmail.com> writes:
>>>
>>>> I'm trying to reinstall net/linux-f10-openldap, but am being
>>>> prevented from doing so.
>>>>
>>>> ------------------------------------------------------------
>>>> ===> linux-f10-openldap-2.4.12_1 has known vulnerabilities:
>>>> linux-f10-openldap-2.4.12_1 is vulnerable:
>>>> OpenLDAP -- incorrect handling of NULL in certificate Common Name
>>>> CVE: CVE-2009-3767 WWW:
>>>> http://portaudit.FreeBSD.org/abad20bf-c1b4-11e3-
>>>> a5ac-001b21614864.html => Please update your ports tree and try
>>>> again. *** [check-vulnerable] Error code 1
>>>>
>>>> Stop in /usr/ports/net/linux-f10-openldap.
>>>> ------------------------------------------------------------
>>>>
>>>> The portaudit web page says that there is indeed a vulnerability in
>>>> this version, but it is the latest version available in the ports
>>>> tree.
>>>>
>>>> Is there any way around this?
>>>
>>> The only options are the obvious ones:
>>>
>>> 1) Override the vulnerability warning and install anyway.
>> <snip>
>>
>> Thanks for the reply. How do I implement option 1? Sorry, but there are
>> huge gaps in my FreeBSD knowledge.
>
> You set an environment variable, DISABLE_VULNERABILITIES. It's listed in
> the manual for ports(7), although I think the reference to the portaudit
> port is no longer applicable.
>
Thanks. That's added to my knowledge; I didn't realise that ports had its
own man page. I had looked at the man page for portupgrade but found
nothing relevant.
More information about the freebsd-questions
mailing list