Subject: Re: installing vulnerable pkgs
To: ratio <ratio@insight.rr.com>
From: Lubomir Sedlacik <salo@Xtrmntr.org>
List: pkgsrc-users
Date: 07/26/2006 16:16:59
--+ZmrHH5cGjskQnY1
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Jul 25, 2006 at 06:39:07PM -0400, ratio wrote:
> Is there an easy way to allow the installation of just one package
> (possibly allowing dependencies) without removing the checks for all
> packages?=20

no.

> Something finer-grained than ALLOW_VULNERABLE_PACKAGES but not as fine
> as ALLOW_VULNERABILITIES.foo? I'm not as interested in what the
> vulnerability is as whether or not I'm aware that one exists and that
> I'm really sure I want to install it regardless.
>=20
> Also, how does one get a version 1.0.1 formatted pkg-vulnerabilities
> file?  I haven't even been able to get ALLOW_VULNERABILITIES.foo to
> work since I don't have vulnerability IDs in my pkg-vulnerabilities
> file--download-vulnerability-list(8) gets me a version 1.0.0 formatted
> file. NetBSD-3.0, i386, pkgsrc updated to 2006Q2 via cvs a few days
> ago.

the functionality was removed few months ago.  search the archives and
cvs logs for details.


regards,

--=20
-- Lubomir Sedlacik <salo@{NetBSD,Xtrmntr,silcnet}.org>   --

--+ZmrHH5cGjskQnY1
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (NetBSD)

iD8DBQFEx3lbiwjDDlS8cmMRAkWiAJ9xWuCsVp+hJ3YQ7RNJE/mDoWJ35gCeI0Cg
qbZt9haGnrbRTbo8wgb3B64=
=mesK
-----END PGP SIGNATURE-----

--+ZmrHH5cGjskQnY1--