On Fri, May 5, 2017 at 6:37 AM, Jos Chrispijn <bsdpo...@cloudzeeland.nl> wrote:
> > Op 5-5-2017 om 18:05 schreef Adam Weinberger: > >> On 5 May, 2017, at 9:48, mokhi <mokh...@gmail.com> wrote: >>> >>> Well, as I can see here < http://www.freshports.org/devel/icu/ > an >>> older version of this port is vulnerable not current version. >>> Maybe by updating your tree your problem will be solved :-] >>> >> Yes, this is the correct answer. After icu got patched, the VuXML entry >> was lowered to mark 58.2_2,1 as non-vulnerable. Jos, it sounds like your >> ports tree is after the icu update but before the VuXML modification. >> Update your ports tree to bring in the new VuXML file and you should be >> good. >> > Adam, perhaps I am missing the clue here: > > - I had the correct updated version in my ports collection > - Updating the vulnerable installed icu version with that version should > not provide the Vulnerability message as that version is updates with the > correct version in my icu port. > > In my case, Jim's suggestion to use "DISABLE_VULNERABILITIES=yes" was the > only way of getting my faulty icu version updated to the version that is in > my port. > > Kind of confused, > Jos The VuXML DB is not a part of the ports tree. It is usually updated by the nightly periodic script, but you can manually fetch it with "pkg audit -F -q". -- Kevin Oberman, Part time kid herder and retired Network Engineer E-mail: rkober...@gmail.com PGP Fingerprint: D03FB98AFA78E3B78C1694B318AB39EF1B055683 _______________________________________________ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"