-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello List,
Portuadit telles my about the "open_basedir Race Condition Vulnerability", OK. By reading the advisory on http://www.hardened-php.net/advisory_082006.132.html I can safely say this does not apply to our environment, we don't use open_basedir or safe_mode and Suhosin is planned anyway (after test). With a "portsnap fetch update" I get a new version php5-5.1.6_1 in my portstree, OK. But "portmanager -u" or even manually with "make install clean" everything fails with the following message: ===> php5-5.1.6_1 has known vulnerabilities: => php -- open_basedir Race Condition Vulnerability. Reference: <http://www.FreeBSD.org/ports/portaudit/edabe438-542f-11db-a5ae-00508d6a62df.html> => Please update your ports tree and try again. *** Error code 1 So what to do now? There are quite a lot if dependencies which i can't update too now. Also installing/enabling Suhosin seems not possible anymore now. Any suggestions are welcome. Greetings fomr Switzerland Alain Wolf -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFJcsDV5MZZmyxvGgRAn4oAKDBqaGjcOflahgH4XRp6WCg0T6qLQCg3uni vk77USw9+yElWvFCJBcDHxs= =4wj4 -----END PGP SIGNATURE----- _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
