libxml2 port update

So I did

Code:
[root@lucy /usr/ports/textproc/libxml2]# portaudit -a
Affected package: libxml2-2.6.32_1
Type of problem: libxml2 -- multiple vulnerabilities.
Reference: <http://www.FreeBSD.org/ports/portaudit/f1e0164e-b67b-11dd-a55e-00163e000016.html>

1 problem(s) in your installed packages found.

You are advised to update or deinstall the affected package(s) immediately.

and found out that I have to update libxml2.. butt

Code:
[root@lucy /usr/ports/textproc/libxml2]# portmaster libxml2
===>>> Gathering distinfo list for installed ports

===>>> Currently installed version: libxml2-2.6.32_1
===>>> Port directory: /usr/ports/textproc/libxml2
===>>> Launching 'make checksum' for textproc/libxml2 in background
===>>> Gathering dependency list for textproc/libxml2 from ports
===>>> Starting recursive 'make config' check
===>>> Recursive 'make config' check complete for textproc/libxml2

===>>> Starting build for textproc/libxml2 <<<===

===>>> The 'make config' check found no dependencies to update

===>  Cleaning for libxml2-2.6.32_1

===>  libxml2-2.6.32_1 has known vulnerabilities:
=> libxml2 -- multiple vulnerabilities.
   Reference: <http://www.FreeBSD.org/ports/portaudit/f1e0164e-b67b-11dd-a55e-00163e000016.html>
=> Please update your ports tree and try again.
*** Error code 1

Stop in /usr/ports/textproc/libxml2.

===>>> make failed for textproc/libxml2
===>>> Aborting update

Does this mean that there is no newer version of libxml2 in the ports yet? I did a portupgrade and have the latest version of the ports tree already. It is a dependency for php5 so I can't just delete it right now.

Suggestions?
 
You need to update your ports tree. So either run portsnap, csup or however you keep your ports tree up to date, and then try again as port revision 2 does exist in the tree(libxml2-2.6.32_2)
 
try the following 3 steps
1
Code:
rm /var/db/portaudit/auditfile.tbz
2
Code:
portmaster libxml2
3
Code:
portaudit -Fda
 
Thanks guys, problem solved. I suppose I was a bit confused about how to upgrade the ports tree.. thought portupgrade was for that reason, my bad.

so basically whenever there's a vulnerability do:

Code:
# csup -L 2 /root/ports-supfile
# portmaster -a                   #to update all installed ports

or

Code:
# portmaster portname             #to update the vulnerable port
 
Ico said:
so basically whenever there's a vulnerability do:

Code:
# csup -L 2 /root/ports-supfile
# portmaster -a                   #to update all installed ports

or

Code:
# portmaster portname             #to update the vulnerable port

This is a matter of preference / opinion, but I'd suggest updating only the vulnerable port (not all ports, which sometimes gets you into trouble). I don't have a lot of tolerance for breakage. ;)

Also, make a habit of reading /usr/ports/UPDATING after you update your ports tree. This file includes special instructions for upgrading certain ports.
 
Back
Top