On Fri, Nov 09, 2007 at 03:18:20PM +0000, Adam J Richardson wrote: > Aryeh M. Friedman wrote: > >-----BEGIN PGP SIGNED MESSAGE----- > >Hash: SHA1 > > > >Can some tell me what this means and how to fix it: > > > >===> cups-pstoraster-8.15.4_1 depends on shared library: cups.2 - > >not found > >===> Verifying install for cups.2 in /usr/ports/print/cups-base > >===> cups-base-1.3.3 is forbidden: remote execution of arbitrary code. > >*** Error code 1 > > > >Stop in /FreeBSD/FreeBSD-current/ports/print/cups-base. > >*** Error code 1 > > > >Stop in /FreeBSD/FreeBSD-current/ports/print/cups-pstoraster. > >*** Error code 1 > > > >Stop in /FreeBSD/FreeBSD-current/ports/print/cups. > > > > Hi Aryeh, > > I can't tell you about the error, but: > > %pkg_info | grep cups > cups-base-1.3.3 Common UNIX Printing System > cups-pstoraster-8.15.4_1 Postscript interpreter for CUPS printing to > non-PS printers > > Looks like the same versions. They do build ok. Perhaps a "make clean > distclean" will shake out the bugs? > > 'Remote execution' is interesting. Do you use some sort of load balancer?
This means that there is a security flaw outstanding with the print/cups-base package. It could potentially be exploited by an attacker to run arbitrary code on your print server. The warning is being emitted by the following line in the print/cups-base Makefile: FORBIDDEN= remote execution of arbitrary code The fix would be to find the vulnerability and patch it, or failing that, contact the maintainer and see what he says. As a workaround, if you don't care about the vulnerability, you can set NO_IGNORE in the make environment and try again. ports(7) has more detail. Dan -- Daniel Bye _ ASCII ribbon campaign ( ) - against HTML, vCards and X - proprietary attachments in e-mail / \
pgpi7uPpLhiOQ.pgp
Description: PGP signature