is there any point in trying to update linux-f10-pango to address this
vulnerability?
Affected package: linux-f10-pango-1.22.3_1
Type of problem: pango -- integer overflow.
Reference:
<http://portaudit.FreeBSD.org/4b172278-3f46-11de-becb-001cc0377035.html>
I realize that I can install it w/ DISABLE_VULNERABILITIES. but I hate
having known exploits on my system & not installing it breaks flashplugin
and acroread (among others).
I've never tried to create or modify a linux emulation port before; so I'm
wondering just how annoying & tedious it's going to be?
it looks like there are no Fedora 10 RPMs of pango > 1.24 so it would
probably involve finding an F10 box and building one from source.
But would updating just Pango be possible? Or would it start the "RPM Hell"
avalanche and require me to re-roll all of my linux ports?
Is it time for a complete upgrade of our Linux ports to Fedora 14? or some
other distro that is easier to track & update?
tom
_______________________________________________
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
