On 10/17/08 01:01, Colin Brace wrote: > Hi all, > > I use portsnap to keep the port tree of my FreeBSD 7 box up to date. > According to portaudit, which I run nightly, there is a problem with the > current version of libxml2. So, as usual, I run "sudo portsnap fetch && > sudo portsnap update", and then:
Note that 'portsnap fetch update' will accomplish the same thing. > $ cd /usr/ports/textproc/libxml2 > $ sudo make deinstall > $ sudo make reinstall clean > > But this last command results in an error: > > ===> libxml2-2.6.32 has known vulnerabilities: > => libxml2 -- two vulnerabilities. > Reference: > <http://www.FreeBSD.org/ports/portaudit/d71da236-9a94-11dd-8f42-001c2514716c.html> > => Please update your ports tree and try again. > > It would appear that the port has not yet been updated. Is this some > temporary glitch? Otherwise, the approach I use is not very robust, since I > have now managed to deinstall a library upon which a dozen or so programs > depend. However, this is the first time this has happened. > > Comments, suggestions most welcome. To get libxml2 reinstalled before the port is bumped you'll want to try 'make -DDISABLE_VULNERABILITIES reinstall'. In general, it's easier to use portupgrade(1). See "Using the Ports Collection"[1] in the FreeBSD Handbook. [1] http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ports-using.html -- Benjamin Lee
signature.asc
Description: OpenPGP digital signature