Re: Allow_vulnerable_packages= yes

To: Edgar Rodolfo <rodolfobsd%gmail.com@localhost>
Subject: Re: Allow_vulnerable_packages= yes
From: Matthias Scheler <tron%zhadum.org.uk@localhost>
Date: Mon, 27 Feb 2012 08:31:34 +0000

On Tue, Feb 21, 2012 at 02:40:29AM -0500, Edgar Rodolfo wrote:
> Then i put in /usr/pkgsrc/mk/default/mk.conf

> ALLOW_VULNERABLE_PACKAGES= yes
> is a risk it?, if i don't put it i can't use squid and other packages
> :(, currently i am using my small  server (squid and dns and other)
> Thank in advance for your recommendation

The Squid security problem only affects setups were Squid is used as
a transport proxy. It also cannot be exploited if people from the
outside cannot connect to Squid in the first place.

About the PHP problem:
PHP constantly has problems. "lang/php53" currently only has one
known vulnerability with handling archives. As this doesn't
affect my use case I live with it.

        Kind regards

-- 
Matthias Scheler                                  http://zhadum.org.uk/

Follow-Ups:
- Re: Allow_vulnerable_packages= yes
  - From: Edgar Rodolfo

References:
- Allow_vulnerable_packages= yes
  - From: Edgar Rodolfo

Prev by Date: Re: 6.0 + Thinkpad T61 = instant reboot. And now?
Next by Date: Re: select() timeout
Previous by Thread: Re: Allow_vulnerable_packages= yes
Next by Thread: Re: Allow_vulnerable_packages= yes
Indexes:

Home | Main Index | Thread Index | Old Index