On, Thu Nov 15, 2007, David Southwell wrote: > On Wednesday 14 November 2007 14:19:39 Erwin Lansing wrote: > > On Wed, Nov 14, 2007 at 02:05:46PM -0600, Andrew Daugherity wrote: > > > cups-base was patched for this vulnerability (with version 1.3.3_2), but > > > the change to the vulnerabilities file erroneously has it marked as > > > cups-base > 1.3.3_2, instead of cups-base < 1.3.3_2: > > > http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/vuxml/vuln.xml?r1=1. > > >148 1 > > > > Committed. Thanks for noticing! > > > > -erwin > > Thanks v. much. Unfortunately it seems the freeze is preventing the commit > from being effective. I have just cvsupped and portupgrade -a and still > getting the same problem. > > I wonder if this commit could be implemented despite the freeze. I am getting > 98 port upgrades fail that depend upon cups-base
Did you do a portaudit -F to fetch the latest portaudit database that's used for checking? I did a few minutes ago and anything's fine on my side, portaudit -a does not report cups-base to be vulnerable any longer. Regards Marcus
pgpBvf3Lccw5e.pgp
Description: PGP signature
