Re: portsdb output and portaudit question
- From: Svein Halvor Halvorsen <svein.h@xxxxxxxxxxxxxxxxx>
- Date: Mon, 31 Jul 2006 20:12:00 +0200
jan gestre wrote:
i was trying to portupgrade ruby coz portaudit is complaining of
vulnerabilities, i did run cvsup and portsdb -Uu before portupgrade, at
first i couldn't upgrade ruby coz portupgrade is complaining maybe coz
portaudit but someone in the list suggested this:
# portupgrade -Rr -m DISABLE_VULNERABILITIES="yes" ruby
whoala it installed the ruby package but still portaudit complains even
though the installed version is current which has no vulnerability. is this
normal? any way to fix these?
This is expected behavior. The ports system will let you upgrade a
vulnerable port without complaint. It will however complain if you try
to install (or upgrade to) a version that has vulnerabilities. Since
portupgrade complained, it's no surprise that portaudit also complains
after the forced upgrade.
This means that either the version in ports aren't fixed yet (the
existence of a vulnerability of a prior version does not imply that said
vulnerability is fixed in the current version), or that your ports tree
is out of date. Seeing that the latter is not true, I would say you
just have to wait for an updated version to appear in ports.
You can create an account at freshports and ad ruby to your "watch
list". That means you'll get notified when new versions arrive.
Svein Halvor
Attachment:
signature.asc
Description: OpenPGP digital signature
- Follow-Ups:
- Re: portsdb output and portaudit question
- From: jan gestre
- Re: portsdb output and portaudit question
- References:
- portsdb output and portaudit question
- From: jan gestre
- portsdb output and portaudit question
- Prev by Date: Re: Gotta start somewhere ... how many of us are really out there?
- Next by Date: Re: portsdb output and portaudit question
- Previous by thread: portsdb output and portaudit question
- Next by thread: Re: portsdb output and portaudit question
- Index(es):
Relevant Pages
|
|
