On Sat, Mar 24, 2012 at 10:54:32AM -0700, Kevin Oberman wrote: > On Sat, Mar 24, 2012 at 10:29 AM, Jason Hellenthal > <jhellent...@dataix.net> wrote: > > > > Apparently this port has fell two versions behind. Is there anything > > that is going to happen to update it to the current stable version ? > > > > > > These advisories have been out for a week now. And the current version > > is 2.12.18. > > > > > > Database created: Sat Mar 24 13:15:03 EDT 2012 > > Affected package: gnutls-2.12.16 > > Type of problem: libtasn1 -- ASN.1 length decoding vulnerability. > > Reference: > > http://portaudit.FreeBSD.org/2e7e9072-73a0-11e1-a883-001cc0a36e12.html > > > > Affected package: gnutls-2.12.16 > > Type of problem: gnutls -- possible overflow/Denial of service > > vulnerabilities. > > Reference: > > http://portaudit.FreeBSD.org/aecee357-739e-11e1-a883-001cc0a36e12.html > > > > 2 problem(s) in your installed packages found. > > > > > > > > -- > > ;s =; > > Note that one of these problems is with libtasn1 and is not a gnutls > problems at all. So updating libtasn1actually fixes this one, although > the other does require an update to a version of gnutls that has yet > to be ported.
Only if it was installed or implied... .if (defined(WITH_LIBTASN1) || exists(${LOCALBASE}/lib/libtasn1.so.4)) && !defined(WITHOUT_LIBTASN1) LIB_DEPENDS+= tasn1.4:${PORTSDIR}/security/libtasn1 .else CONFIGURE_ARGS+= --with-included-libtasn1 .endif -- ;s =; _______________________________________________ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"