On Wed, Sep 2, 2015 at 9:31 AM, Rob Belics <r...@spartantheatre.org> wrote:
> The date for vuln.xml, on the server which it won't build on, is September > 1 while the date on the other is July 25. > OK. So the July 25 system seems to not be updating the vuln.xml file and that file is from prior to the discovery of the vulnerabilities in 1.4.2. First, you need to find out why one system does not seem to be updating the vuln.xml file. It should be updated by /usr/local/etc/periodic/security/410.pkg-audit which is installed as part of pkg. You can try running it manually (as root) to see what the problem might be. Second, you should drop the maintainer of go14, jlaffaye@, a request that he update go14 to 1.4.3. It is quite likely that he is already aware of the issue and just has not gotten it taken care of yet. the vulnerability was first reported on Aug. 28, so it is pretty recent. It is not unlikely that he has been on vacation at this time of the year. -- Kevin Oberman, Network Engineer, Retired E-mail: rkober...@gmail.com PGP Fingerprint: D03FB98AFA78E3B78C1694B318AB39EF1B055683 _______________________________________________ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
