Subject: Re: installing vulnerable pkgs
To: None <pkgsrc-users@netbsd.org>
From: ratio <ratio@insight.rr.com>
List: pkgsrc-users
Date: 07/26/2006 21:23:34
For the record, the original thread starts at
http://mail-index.netbsd.org/tech-pkg/2006/02/13/0005.html, and a workaround
can be found at http://mail-index.netbsd.org/tech-pkg/2006/02/13/0014.html.
Thanks, Roland and Lubomir!
--
----- Original Message -----
From: "Lubomir Sedlacik" <salo@Xtrmntr.org>
To: "ratio" <ratio@insight.rr.com>
Cc: <pkgsrc-users@netbsd.org>
Sent: Wednesday, July 26, 2006 10:16 AM
Subject: Re: installing vulnerable pkgs
On Tue, Jul 25, 2006 at 06:39:07PM -0400, ratio wrote:
> Is there an easy way to allow the installation of just one package
> (possibly allowing dependencies) without removing the checks for all
> packages?
no.
> Something finer-grained than ALLOW_VULNERABLE_PACKAGES but not as fine
> as ALLOW_VULNERABILITIES.foo? I'm not as interested in what the
> vulnerability is as whether or not I'm aware that one exists and that
> I'm really sure I want to install it regardless.
>
> Also, how does one get a version 1.0.1 formatted pkg-vulnerabilities
> file? I haven't even been able to get ALLOW_VULNERABILITIES.foo to
> work since I don't have vulnerability IDs in my pkg-vulnerabilities
> file--download-vulnerability-list(8) gets me a version 1.0.0 formatted
> file. NetBSD-3.0, i386, pkgsrc updated to 2006Q2 via cvs a few days
> ago.
the functionality was removed few months ago. search the archives and
cvs logs for details.
regards,
--
-- Lubomir Sedlacik <salo@{NetBSD,Xtrmntr,silcnet}.org> --