Re: PHP4 v. php4-4.4.7_2 refuse to up grade …

Thu, 04 Oct 2007 13:45:21 -0700 

Beech Rintoul wrote:

On Wednesday 03 October 2007, bsd said:

Hello,


I am using

FreeBSD xxx.fr 5.5-RELEASE-p9 FreeBSD 5.5-RELEASE-p9 #1: Thu Dec 14
11:39:18 CET 2006     [EMAIL PROTECTED]:/usr/obj/usr/src/sys/
GENERIC  i386


When trying to upgrade from php php4-4.4.7_1 to php4-4.4.7_2 there
is this strange error…


Updating the pkgdb <format:bdb_btree> in /var/db/pkg ... - 209
packages found (-3 +1) (...). done]
--->  Upgrading 'php4-4.4.7_1' to 'php4-4.4.7_2' (lang/php4)
--->  Building '/usr/ports/lang/php4'
===>  Cleaning for autoconf-2.61_2
===>  Cleaning for php4-4.4.7_2
===>  php4-4.4.7_2 has known vulnerabilities:
=> php -- multiple vulnerabilities.
    Reference: <http://www.FreeBSD.org/ports/portaudit/
71d903fc-602d-11dc-898c-001921ab2fa4.html>
=> Please update your ports tree and try again.
*** Error code 1

Stop in /usr/ports/lang/php4.
*** Error code 1

Stop in /usr/ports/lang/php4.
** Command failed [exit code 1]: /usr/bin/script -qa
/tmp/portupgrade. 24846.54 env UPGRADE_TOOL=portupgrade
UPGRADE_PORT=php4-4.4.7_1 UPGRADE_PORT_VER=4.4.7_1 make
** Fix the problem and try again.


I don't understand because my port tree is up to date !!

Any idea ?
Yes it means that the port you're trying to update to has security issues. If you're feeling lucky you can do: 
portupgrade -m DISABLE_VULNERABILITIES=yes php
But it's not a good idea. If you build it anyway and get hacked, don't say you weren't warned ;-) 

PHP4 is EOL; the fact that 4.4.7-2 has vulnerabilities is only
surprising because it's still listed as the latest "historical"
PHP release on php.net, and they have promised on the front page
to continue to support PHP4 until the end of the year.  One can't
judge without further research, but perhaps the development team
is dragging their feet on purpose for some reason, or they've
maybe handed PHP4 off to a couple of junior guys who are pulling
their hair out on it?  All conjecture.

I'd advise moving to PHP5 now.  It doesn't hurt much.  Main
thing I remember is that short_tags=off and I had
to replace quite a few of those....

Kevin Kinsey
--
English literature's performing flea.
                -- Sean O'Casey on P. G. Wodehouse
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to