On Tue, May 08, 2007 at 02:51:46PM +0200, Stevan Tiefert wrote: > Am Dienstag, den 08.05.2007, 08:35 -0400 schrieb Lowell Gilbert: > > Stevan Tiefert <[EMAIL PROTECTED]> writes: > > > > > Am Dienstag, den 08.05.2007, 21:43 +1000 schrieb Peter Jeremy: > > >> On 2007-May-08 12:22:03 +0200, Stevan Tiefert <[EMAIL PROTECTED]> wrote: > > >> > The port wouldn't be necessary when the > > >> >compat3x-port didn't stopped. > > >> > > >> The last FreeBSD 3.x release was 3.5.1 in July 2000. 3.x support has > > >> long since ceased and it is no longer possible to correct security > > >> holes in the compat3x port. Since a variety of security holes are > > >> known to exist, the port has been FORBIDDEN. > > >> > > >> Your options appear to be: > > >> 1) Contact [EMAIL PROTECTED] and get them to update the FreeBSD > > >> binaries to support 6.x > > >> 2) Override the 'FORBIDDEN' tag and install compat3x anyway. > > >> 3) Run the Linux version. > > >> > > > > > > 4) I build a port with this only needed lib in it. Already done: > > > http://www.freebsd.org/cgi/query-pr.cgi?pr=112499 > > > > But that still installs the standard C library with the vulnerability > > in it. In what way is that better (or even significantly different) > > than option 2? > > _______________________________________________ > > [email protected] mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-ports > > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > > I want to provide a new port for german text-to-speech-system. And as a > dependency I need the NATIVE running audio/mbrola. > > It is NOT desireable that if somebody want to install my port he got the > error message: compat3x-20020925.tar.gz is forbidden to install! Should > I tell EVERY guy on my help-mailinglist (and I promise you it will be > almost 90% of the e-mails) you have to hack the Makefile-entry manually > to install my port? > > It is easier to install my convinient "misc/mbrola_compat-1.0" without > the forbidden tag. And I don't want to be blamed that I write a patch > which is changing foreign Makefiles of other maintainer!
Unless I'm missing something you're looking at providing the compat3x libraries (or a sub-set thereof) in your port? You do what you feel is necessary to get it to work, however; Is it your intention to submit this port for inclusion in the tree? I am concerned that if you submit this new port for inclusion in the tree that you will be introducing the exact vulnerabilities which are documented in the compat3x port. -- WXS _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "[EMAIL PROTECTED]"
