update openssl

To: netbsd-users%netbsd.org@localhost
Subject: update openssl
From: scar <scar%drigon.com@localhost>
Date: Tue, 12 May 2015 18:20:22 -0700

after updating openssl on my system for the 2015-006 security advisory,
the version is 1.0.2a.  now i am getting insecurity emails for that
version but i can't update it... isn't this the right procedure (below)?

# cd /usr/pkgsrc/security/openssl
# cvs update -dP
cvs update: Updating .
cvs update: Updating files
cvs update: Updating patches
cvs update: Updating pkg
# make update
===> Checking for vulnerabilities in openssl-1.0.2a
Package openssl-1.0.2a has a multiple-vulnerabilities vulnerability, see
http://www.securityfocus.com/archive/1/535303
ERROR: Define ALLOW_VULNERABLE_PACKAGES in mk.conf or IGNORE_URL in
pkg_install.conf(5) if this package is absolutely essential.
*** Error code 1

Stop.
make: stopped in /usr/pkgsrc/security/openssl
*** Error code 1

Stop.
make: stopped in /usr/pkgsrc/security/openssl
#

Follow-Ups:
- Re: update openssl
  - From: jgw

Prev by Date: Re: Prepping to install
Next by Date: Re: update openssl
Previous by Thread: Prepping to install
Next by Thread: Re: update openssl
Indexes:

Home | Main Index | Thread Index | Old Index