On Wednesday 16 July 2008 19:58:22 tethys ocean wrote: > Verifying install for /usr/local/lib/php/20060613/posix.so in > /usr/ports/sysutils/php5-posix > ===> php5-posix-5.2.6 has known vulnerabilities: > => php -- input validation error in posix_access function. > Reference: < > http://www.FreeBSD.org/ports/portaudit/ee6fa2bd-406a-11dd-936a-0015af872849 >.html
Yeah, this is a pretty bogus 'vulnerability', since no sane person uses safe_mode. For the time being, I've added the following to /etc/make.conf, but I'm looking to see if I can come up with a patch for the ports system that allows you to specify vuln id's you want to ignore. .if !empty(.CURDIR:M*sysutils/php5-posix*) DISABLE_VULNERABILITIES=yes .endif -- Mel Problem with today's modular software: they start with the modules and never get to the software part. _______________________________________________ email@example.com mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"