Subject: Re: pkg-vulnerabilities, vulnerable packages, Opera 9.23, README.htmls
To: Dennis den Brok <>
From: Adrian Portelli <>
List: pkgsrc-users
Date: 08/25/2007 00:30:49
Dennis den Brok wrote:
> To sum it up in a single mail:
>  * What I'm wondering about: Firefox has this long-standing
> remote-information-exposure issue which prevents it from being built
> without ALLOW_VULNERABLE=yes; yet, there's a binary package available
> from a directory different from packages/vulnerable, and the
> corresponding README.html doesn't mention any vulnerabilities at all. I
> reckon this is to not confuse new users with such a popular package
> being not instantly available, but I haven't found anything about a
> change of policy regarding that matter; ISTR that earlier, Firefox was
> being treated differently?
> TIA for anything.

I'll look into this.  What version of the pkg_install tools are you
running ?