Upgrade Perl5.2.20 (vulnerable)

JosC bsdports at cloudzeeland.nl
Thu Aug 11 18:43:44 UTC 2016


Can someone tell me how to best upgrade from Perl5.20.x to the latest 
stable version?

Tried to upgrade to Perl5.22 but got (also) the same issue while doing so:


===>  Cleaning for perl5-5.20.3_14
===>  perl5-5.20.3_14 has known vulnerabilities:
perl5-5.20.3_14 is vulnerable:
p5-XSLoader -- local arbitrary code execution
CVE: CVE-2016-6185
WWW: 
https://vuxml.FreeBSD.org/freebsd/3e08047f-5a6c-11e6-a6c3-14dae9d210b8.html

perl5-5.20.3_14 is vulnerable:
perl -- local arbitrary code execution
CVE: CVE-2016-1238
WWW: 
https://vuxml.FreeBSD.org/freebsd/72bfbb09-5a6a-11e6-a6c3-14dae9d210b8.html

1 problem(s) in the installed packages found.
=> Please update your ports tree and try again.
=> Note: Vulnerable ports are marked as such even if there is no update 
available.
=> If you wish to ignore this vulnerability rebuild with 'make 
DISABLE_VULNERABILITIES=yes'
*** Error code 1

Stop.
make[1]: stopped in /usr/ports/lang/perl5.20
*** Error code 1

Stop.
make: stopped in /usr/ports/lang/perl5.20

--- cut ---


Thanks,
Jos Chrispijn



More information about the freebsd-questions mailing list