Solved audit -F showing issues (newbe Q)

[userxbw]

worries, fixes, suggestions?
avidemux - I could not even get that to run, then forgot it was even installed.

root@FreeBSD64:/home/userx # pkg audit -F
Fetching vuln.xml.bz2: 100%  803 KiB 822.2kB/s    00:01  
avidemux-2.6.11_15 is vulnerable:
ffmpeg -- multiple vulnerabilities
CVE: CVE-2015-8663
CVE: CVE-2015-8662
WWW: https://vuxml.FreeBSD.org/freebsd/4bae544d-06a3-4352-938c-b3bcbca89298.html

avidemux-2.6.11_15 is vulnerable:
ffmpeg -- multiple vulnerabilities
CVE: CVE-2015-8365
CVE: CVE-2015-8364
CVE: CVE-2015-8363
CVE: CVE-2015-8219
CVE: CVE-2015-8218
CVE: CVE-2015-8217
CVE: CVE-2015-8216
CVE: CVE-2015-6761
WWW: https://vuxml.FreeBSD.org/freebsd/b0da85af-21a3-4c15-a137-fe9e4bc86002.html

2 problem(s) in 1 installed package(s) found.

 

[SirDice]

worries, fixes, suggestions?

pkg upgrade

I could not even get that to run, then forgot it was even installed.

pkg delete avidemux; pkg autoremove

 

[userxbw]

wow, so what's freebsd-update fetch install got to do with it??? like is that basically obsolete?

[userx@FreeBSD64 ~]$ sudo pkg upgade
pkg: unknown command: upgade

For more information on available commands and options see 'pkg help'.
[userx@FreeBSD64 ~]$ sudo pkg upgrade
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
Checking for upgrades (234 candidates): 100%
Processing candidates (234 candidates): 100%
The following 8 package(s) will be affected (of 0 checked):

Installed packages to be UPGRADED:
        firefox: 68.0.1_2,1 -> 68.0.2,1
        drm-fbsd12.0-kmod: 4.16.g20190722_1 -> 4.16.g20190814

Installed packages to be DOWNGRADED:
        libevent: 2.1.11 -> 2.1.10

Installed packages to be REINSTALLED:
        jasper-1.900.1_17 (options changed)
        graphviz-2.40.1_11 (options changed)
        freeglut-3.0.0_2 (needed shared library changed)
        eterm-0.9.6_5 (needed shared library changed)
        dav1d-0.4.0 (options changed)

Number of packages to be upgraded: 2
Number of packages to be reinstalled: 5
Number of packages to be downgraded: 1

53 MiB to be downloaded.

Proceed with this action? [y/N]: y

just toss that one into the bin, huh?

pkg delete avidemux; pkg autoremove

I think I'll be doing that to GNOME.. here in a second.

..
I guess I'll mark this solved.

 

[SirDice]

so what's freebsd-update fetch install got to do with it??

Absolutely nothing, freebsd-update(8) only updates the base OS. It does nothing with ports/packages. This is the biggest mind-bender for someone coming from Linux. On FreeBSD there's the base OS and there are third party applications (ports/packages). Those are two separate entities.

just toss that one into the bin, huh?

If you don't use it there's no reason to keep it around.

 

[userxbw]

so keep them separated, ... hum.. curious.. thanks..