strange error when building cups
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Can some tell me what this means and how to fix it: === cups-pstoraster-8.15.4_1 depends on shared library: cups.2 - not found ===Verifying install for cups.2 in /usr/ports/print/cups-base === cups-base-1.3.3 is forbidden: remote execution of arbitrary code. *** Error code 1 Stop in /FreeBSD/FreeBSD-current/ports/print/cups-base. *** Error code 1 Stop in /FreeBSD/FreeBSD-current/ports/print/cups-pstoraster. *** Error code 1 Stop in /FreeBSD/FreeBSD-current/ports/print/cups. - -- Aryeh M. Friedman Developer, not business, friendly http://www.flosoft-systems.com -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHNHICJ9+1V27SttsRAiXyAJoCWlDpO6DEtpxQbtOMGUfXrDOqsQCfatHn MOPolbRjOxQttSox4ZAsq00= =66aR -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: strange error when building cups
Aryeh M. Friedman wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Can some tell me what this means and how to fix it: === cups-pstoraster-8.15.4_1 depends on shared library: cups.2 - not found ===Verifying install for cups.2 in /usr/ports/print/cups-base === cups-base-1.3.3 is forbidden: remote execution of arbitrary code. *** Error code 1 Stop in /FreeBSD/FreeBSD-current/ports/print/cups-base. *** Error code 1 Stop in /FreeBSD/FreeBSD-current/ports/print/cups-pstoraster. *** Error code 1 Stop in /FreeBSD/FreeBSD-current/ports/print/cups. Hi Aryeh, I can't tell you about the error, but: %pkg_info | grep cups cups-base-1.3.3 Common UNIX Printing System cups-pstoraster-8.15.4_1 Postscript interpreter for CUPS printing to non-PS printers Looks like the same versions. They do build ok. Perhaps a make clean distclean will shake out the bugs? 'Remote execution' is interesting. Do you use some sort of load balancer? HtH, Adam J Richardson ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: strange error when building cups
Aryeh M. Friedman [EMAIL PROTECTED] writes: Can some tell me what this means and how to fix it: === cups-pstoraster-8.15.4_1 depends on shared library: cups.2 - not found ===Verifying install for cups.2 in /usr/ports/print/cups-base === cups-base-1.3.3 is forbidden: remote execution of arbitrary code. *** Error code 1 It means that installing cups-base-1.3.3 is forbidden, and that the reason is a security problem allowing for remote execution of arbitrary code. To fix it, you can wait for the update to cups-base-1.3.4 to hit the tree, or update the port yourself, or (if you're willing to leave your system vulnerable to a remotely-exploitable bug; e.g., if the machine isn't on the Internet) comment the FORBIDDEN line out of the Makefile. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: strange error when building cups
On Fri, Nov 09, 2007 at 03:18:20PM +, Adam J Richardson wrote: Aryeh M. Friedman wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Can some tell me what this means and how to fix it: === cups-pstoraster-8.15.4_1 depends on shared library: cups.2 - not found ===Verifying install for cups.2 in /usr/ports/print/cups-base === cups-base-1.3.3 is forbidden: remote execution of arbitrary code. *** Error code 1 Stop in /FreeBSD/FreeBSD-current/ports/print/cups-base. *** Error code 1 Stop in /FreeBSD/FreeBSD-current/ports/print/cups-pstoraster. *** Error code 1 Stop in /FreeBSD/FreeBSD-current/ports/print/cups. Hi Aryeh, I can't tell you about the error, but: %pkg_info | grep cups cups-base-1.3.3 Common UNIX Printing System cups-pstoraster-8.15.4_1 Postscript interpreter for CUPS printing to non-PS printers Looks like the same versions. They do build ok. Perhaps a make clean distclean will shake out the bugs? 'Remote execution' is interesting. Do you use some sort of load balancer? This means that there is a security flaw outstanding with the print/cups-base package. It could potentially be exploited by an attacker to run arbitrary code on your print server. The warning is being emitted by the following line in the print/cups-base Makefile: FORBIDDEN= remote execution of arbitrary code The fix would be to find the vulnerability and patch it, or failing that, contact the maintainer and see what he says. As a workaround, if you don't care about the vulnerability, you can set NO_IGNORE in the make environment and try again. ports(7) has more detail. Dan -- Daniel Bye _ ASCII ribbon campaign ( ) - against HTML, vCards and X - proprietary attachments in e-mail / \ pgpi7uPpLhiOQ.pgp Description: PGP signature
Re: strange error when building cups
On Fri, 09 Nov 2007 15:18:20 + Adam J Richardson [EMAIL PROTECTED] wrote: Aryeh M. Friedman wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Can some tell me what this means and how to fix it: === cups-pstoraster-8.15.4_1 depends on shared library: cups.2 - not found ===Verifying install for cups.2 in /usr/ports/print/cups-base === cups-base-1.3.3 is forbidden: remote execution of arbitrary code. *** Error code 1 Stop in /FreeBSD/FreeBSD-current/ports/print/cups-base. *** Error code 1 Stop in /FreeBSD/FreeBSD-current/ports/print/cups-pstoraster. *** Error code 1 Stop in /FreeBSD/FreeBSD-current/ports/print/cups. Hi Aryeh, I can't tell you about the error, but: %pkg_info | grep cups cups-base-1.3.3 Common UNIX Printing System cups-pstoraster-8.15.4_1 Postscript interpreter for CUPS printing to non-PS printers Looks like the same versions. They do build ok. Perhaps a make clean distclean will shake out the bugs? 'Remote execution' is interesting. Do you use some sort of load balancer? The print/cups-base was marked FORBIDDEN due remote execution of arbitrary code on 2007-11-08, see: http://docs.freebsd.org/cgi/mid.cgi?200711081832.lA8IWv3T075088 You can read more about the vulnerability at: http://www.freebsd.org/ports/portaudit/8dd9722c-8e97-11dc-b8f6-001c2514716c.html If you decide that your risk is acceptable you still wish to install/update at this time, you can comment ( # ) the particular line in the ports/print/cups-base/Makefile: #FORBIDDEN= remote execution of arbitrary code I would presume that cups-base-1.3.4 is going to be committed shortly since there are quite a few ports that depend on it. HTH, Randy -- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: strange error when building cups
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Adam J Richardson wrote: Aryeh M. Friedman wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Can some tell me what this means and how to fix it: === cups-pstoraster-8.15.4_1 depends on shared library: cups.2 - not found ===Verifying install for cups.2 in /usr/ports/print/cups-base === cups-base-1.3.3 is forbidden: remote execution of arbitrary code. *** Error code 1 Stop in /FreeBSD/FreeBSD-current/ports/print/cups-base. *** Error code 1 Stop in /FreeBSD/FreeBSD-current/ports/print/cups-pstoraster. *** Error code 1 Stop in /FreeBSD/FreeBSD-current/ports/print/cups. Hi Aryeh, I can't tell you about the error, but: %pkg_info | grep cups cups-base-1.3.3 Common UNIX Printing System cups-pstoraster-8.15.4_1 Postscript interpreter for CUPS printing to non-PS printers Looks like the same versions. They do build ok. Perhaps a make clean distclean will shake out the bugs? attempted that before I posted (just distclean and I have no idea what the clean would do that distclean doesn't) 'Remote execution' is interesting. Do you use some sort of load balancer? No it is a single machine via a router to a cable modem - -- Aryeh M. Friedman Developer, not business, friendly http://www.flosoft-systems.com -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHNIwWJ9+1V27SttsRAi5/AJ9OGeSoLqdgOHKpxDfmUANdiaOLiwCffWS3 i/+DtnajgDuSDNsomdoMgI8= =H9v9 -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]