Subject: Re: installing vulnerable pkgs
To: None <>
From: ratio <>
List: pkgsrc-users
Date: 07/26/2006 21:23:34
For the record, the original thread starts at, and a workaround 
can be found at 
Thanks, Roland and Lubomir!


----- Original Message ----- 
From: "Lubomir Sedlacik" <>
To: "ratio" <>
Cc: <>
Sent: Wednesday, July 26, 2006 10:16 AM
Subject: Re: installing vulnerable pkgs

On Tue, Jul 25, 2006 at 06:39:07PM -0400, ratio wrote:
> Is there an easy way to allow the installation of just one package
> (possibly allowing dependencies) without removing the checks for all
> packages?


> Something finer-grained than ALLOW_VULNERABLE_PACKAGES but not as fine
> as I'm not as interested in what the
> vulnerability is as whether or not I'm aware that one exists and that
> I'm really sure I want to install it regardless.
> Also, how does one get a version 1.0.1 formatted pkg-vulnerabilities
> file?  I haven't even been able to get to
> work since I don't have vulnerability IDs in my pkg-vulnerabilities
> file--download-vulnerability-list(8) gets me a version 1.0.0 formatted
> file. NetBSD-3.0, i386, pkgsrc updated to 2006Q2 via cvs a few days
> ago.

the functionality was removed few months ago.  search the archives and
cvs logs for details.


-- Lubomir Sedlacik <salo@{NetBSD,Xtrmntr,silcnet}.org>   --