mato wrote: > On Wed, 6 Dec 2006 16:46:24 -0800, Josh Carroll wrote >>>>> ** Port marked as IGNORE: multimedia/win32-codecs: >>>>> is forbidden: Remote code execution: >>>>> http://vuxml.FreeBSD.org/24f6b1eb-43d5-11db-81e1-000e0c2e438a.html >>>>> >>>>> Isn't this behaviour flawed ?? Or am I missing something ? >> You need to make config in /usr/ports/multimedia/win32-codecs, and >> unselect quicktime. Then the port should install. This is assuming, >> of course, that you can live without the QT codec(s). >> >> Josh > > > OK, I will try it.. Thank you all. > > But the question remains -- if new port version is not vulnerable why i cannot > upgrade to it ?? > Its only not vulnerable if you unselect the quicktime codec. the vulnerability is in the quicktime codec.
The port will by default use the stored config in /var/db/ports/win32-codecs/options and if this says to use the quicktime codec then it will not upgrade. This seems pretty sensible to me. Vince > Cheers, > > Martin > _______________________________________________ > firstname.lastname@example.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" _______________________________________________ email@example.com mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"