On Fri, Jan 22, 2010 at 11:54:08AM +0000, Tom Hukins wrote: > On Thu, Jan 21, 2010 at 05:29:17PM +0000, Matthew Seaman wrote: > > portdowngrade is what you'ld have to use. However, perl-5.8.8 has known > > security vulnerabilities: > > > > http://www.vuxml.org/freebsd/4a99d61c-f23a-11dd-9f55-0030843d3802.html > > It looks like VuXML might have got that wrong. The referenced CVE > describes Perl 5.8.4 as fixing this bug: > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0448
It looks like I didn't read carefully enough: the vulnerability in rmtree() also exists in 5.8.8: http://www.vuxml.org/freebsd/13b0c8c8-bee0-11dd-a708-001fc66e7203.html Apologies, Tom _______________________________________________ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
