pkgsrc-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

pkg/30042: Weird (wrong?) vulnerability message when building chat/zenicb



>Number:         30042
>Category:       pkg
>Synopsis:       Weird (wrong?) vulnerability message when building chat/zenicb
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Apr 23 20:45:00 +0000 2005
>Originator:     tls%rek.tjls.com@localhost
>Release:        NetBSD 2.0, pkgsrc-2005Q1 as of 2005-04-22
>Organization:
        The NetBSD Foundation
>Environment:
System: NetBSD rekusant 2.0 NetBSD 2.0 (REKUSANT) #5: Wed Feb 16 21:11:54 UTC 
2005 root@ADMIN:/usr/src/sys/arch/i386/compile/REKUSANT i386
Architecture: i386
Machine: i386
>Description:
        Trying to rebuild package chat/zenicb with USE_XEMACS set gives
        extremely confusing messages about two vulnerabilities.  When I
        check the URLs given as the descriptions of the vulnerabilities,
        they seem to not be relevant.
>How-To-Repeat:

enola-gay# pwd
/usr/pkgsrc/chat/zenicb
enola-gay# make install
===> Checking for vulnerabilities in xemacs-nb2
*** WARNING - remote-user-shell vulnerability in xemacs-nb2 - see 
http://list-archive.xemacs.org/xemacs-announce/200102/msg00000.html for more 
information ***
*** WARNING - remote-code-execution vulnerability in xemacs-nb2 - see 
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 for more 
information ***
or define ALLOW_VULNERABLE_PACKAGES if this package is absolutely essential
*** Error code 1

Stop.
make: stopped in /usr/pkgsrc/chat/zenicb
*** Error code 1

        
>Fix:




Home | Main Index | Thread Index | Old Index