Re: freebsd package update / upgrade

Bernt Hansson Tue, 21 Feb 2012 21:52:56 -0800

2012-02-22 04:56, alexus skrev:

all I want is to update these


f9# portaudit -a
Affected package: python27-2.7.2_3
Type of problem: Python -- DoS via malformed XML-RPC / HTTP POST request.
Reference: 
http://portaudit.FreeBSD.org/b4f8be9e-56b2-11e1-9fb7-003067b2972c.html


portupgrade -iR (use p also if you want to build a package) python27

Affected package: sudo-1.8.3_1
Type of problem: sudo -- format string vulnerability.
Reference: 
http://portaudit.FreeBSD.org/7c920bb7-4b5f-11e1-9f47-00e0815b8da8.html


portupgrade -iR(p) sudo

Affected package: ruby-1.8.7.352_2,1
Type of problem: Multiple implementations -- DoS via hash algorithm collision.
Reference: 
http://portaudit.FreeBSD.org/91be81e7-3fea-11e1-afc7-2c4138874f7d.html


portupgrade -iR(p) ruby

3 problem(s) in your installed packages found.

You are advised to update or deinstall the affected package(s) immediately.
f9#

P.S. why is it pkg_add installing vulnerable versions at the first
place? i just installed ruby and already is a problem??


Because pakages are built for *-RELEASE
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: freebsd package update / upgrade

Reply via email to