pkgsrc-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

error in vulnerability list re: latest firefox

Hi, all.

I'm trying to install firefox ( from pkgsrc-current, but "make
fetch" complains about CVE-2006-2894, which I'm fairly sure was
addressed several versions ago.  I think that the problem is that
the entry in the vulnerability list needs to be updated.  There are
four lines that refer to the problem:

  firefox{,2}{,-bin,-gtk1}-[0-9]*       remote-information-exposure
  seamonkey{,-bin,-gtk1}-[0-9]* remote-information-exposure
  mozilla{,-bin,-gtk2}-[0-9]*   remote-information-exposure
  netscape7-[0-9]*      remote-information-exposure

... but I'm pretty sure that firefox (formerly known as firefox2) and
seamonkey have had that fixed in the past few releases.

For now I'll work around with ALLOW_VULNERABLE_PACKAGES.

Anne Bennett.

Home | Main Index | Thread Index | Old Index