On Sat, Sep 12, 2009 at 10:24:21PM -0600, Chad Perrin wrote: > On Sat, Sep 12, 2009 at 02:19:22PM +0400, Boris Samorodov wrote: > > On Fri, 11 Sep 2009 23:01:23 -0600 Chad Perrin wrote: > > > > > How long has this been broken for 7.2? Considering all the stuff that > > > depends on linux-pango, I'm surprised it hasn't been fixed. > > > > It will be broken until someone provide an URL to non-vulnerable > > RPM package. > > Daniel Bye's comments seem to indicate that FreeBSD 8.x doesn't have this > problem. Did I misunderstand?
FreeBSD 8 uses linux-f10 as its default linuxulator, and in that, pango has been updated to 1.22.3, which doesn't seem to suffer from the same vulnerabilities. Or at least, they haven't yet been exposed! ;-) You may be able to use f10 on 7.2 - set compat.linux.osrelease=2.6.16 in /etc/sysctl.conf, and OVERRIDE_LINUX_BASE_PORT=f10 OVERRIDE_LINUX_NONBASE_PORTS=f10 in /etc/make.conf, then reinstall all your linux stuff. I did this before moving on to 8BETA1 and it worked OK. I think I ended up deleting all the old stuff, before installing afresh. As all the packages are already compiled, it shouldn't take long. Dan -- Daniel Bye _ ASCII ribbon campaign ( ) - against HTML, vCards and X - proprietary attachments in e-mail / \
Description: PGP signature