On Mon, May 03, 2004 at 04:19:44PM +0200, Artur Pydo wrote: > Hello, > > The current png-1.2.5_4 port has no more vulnerability. > It has been corrected by ache@FreeBSD.org yesterday. > But when i try to install the updated port to remplace > the vulnerable one this is what i am told : > > # make install > ===> png-1.2.5_4 has known vulnerabilities: > >> libpng denial-of-service. > Reference: > <http://people.freebsd.org/~eik/portaudit/3a408f6f-9c52-11d8-9366-0020ed76ef5a.html> > >> Please update your ports tree and try again. > *** Error code 1 > > The 4-STABLE ports tree is up-to-date. > > Isn't it a problem to be unable to update a vulnerable port ? The VuXML document needed to be updated after ache@ made the fix. I've done so now. Cheers, -- Jacques Vidrine / nectar@celabo.org / jvidrine@verio.net / nectar@freebsd.org _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"