Thanks y'all for your support - this was a real eye opener.
Best regards,
Jos
Op 5-5-2017 om 19:19 schreef Kevin Oberman:
On Fri, May 5, 2017 at 6:37 AM, Jos Chrispijn
<bsdpo...@cloudzeeland.nl <mailto:bsdpo...@cloudzeeland.nl>> wrote:
Op 5-5-2017 om 18:05 schreef Adam Weinberger:
On 5 May, 2017, at 9:48, mokhi <mokh...@gmail.com
<mailto:mokh...@gmail.com>> wrote:
Well, as I can see here <
http://www.freshports.org/devel/icu/
<http://www.freshports.org/devel/icu/> > an
older version of this port is vulnerable not current version.
Maybe by updating your tree your problem will be solved :-]
Yes, this is the correct answer. After icu got patched, the
VuXML entry was lowered to mark 58.2_2,1 as non-vulnerable.
Jos, it sounds like your ports tree is after the icu update
but before the VuXML modification. Update your ports tree to
bring in the new VuXML file and you should be good.
Adam, perhaps I am missing the clue here:
- I had the correct updated version in my ports collection
- Updating the vulnerable installed icu version with that version
should not provide the Vulnerability message as that version is
updates with the correct version in my icu port.
In my case, Jim's suggestion to use "DISABLE_VULNERABILITIES=yes"
was the only way of getting my faulty icu version updated to the
version that is in my port.
Kind of confused,
Jos
The VuXML DB is not a part of the ports tree. It is usually updated by
the nightly periodic script, but you can manually fetch it with "pkg
audit -F -q".
--
Kevin Oberman, Part time kid herder and retired Network Engineer
E-mail: rkober...@gmail.com <mailto:rkober...@gmail.com>
PGP Fingerprint: D03FB98AFA78E3B78C1694B318AB39EF1B055683
_______________________________________________
freebsd-ports@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
