pkgsrc-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
firefox-2.0.0.1 vulnerability?
# pwd
/usr/pkgsrc/www/firefox2
# make update
===> Resuming update for firefox-2.0.0.1
=> Required installed package digest>=20010302: digest-20010807 found
===> Checking for vulnerabilities in firefox-2.0.0.1
ERROR: remote-information-exposure vulnerability in firefox-2.0.0.1 - see
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894 for more information
firefox{,2}{,-bin,-gtk1}-[0-9]*
ERROR: Define ALLOW_VULNERABLE_PACKAGES if this package is absolutely essential
*** Error code 1
...
# lynx 'http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894'
...
Description Mozilla Firefox 1.5.0.4, Mozilla Suite 1.7.13, Mozilla
SeaMonkey 1.0.2, and Netscape 8.1 and earlier allows user-assisted
?
The text of the referenced vulnerability doesn't seem to apply to 2.0.0.1..
Cheers,
Patrick
Home |
Main Index |
Thread Index |
Old Index