On Mon, May 03, 2004 at 04:19:44PM +0200, Artur Pydo
wrote:> Hello,
>
> The current png-1.2.5_4 port has no more vulnerability.
> It has been corrected by ache@FreeBSD.org yesterday.
> But when i try to install the updated port to remplace
> the vulnerable one this is what i am told :
>
> # make install
> ===> png-1.2.5_4 has known vulnerabilities:
> >> libpng denial-of-service.
> Reference:
>
<http://people.freebsd.org/~eik/portaudit/3a408f6f-9c52-11d8-9366-0020ed76ef5a.html>
> >> Please update your ports tree and try again.
> *** Error code 1
>
> The 4-STABLE ports tree is up-to-date.
>
> Isn't it a problem to be unable to update a vulnerable port ?
The VuXML document needed to be updated after ache@ made the fix.
I've done so now.
Cheers,
--
Jacques Vidrine / nectar@celabo.org / jvidrine@verio.net / nectar@freebsd.org