Ok..I've used cvsup to update my ports on version 7.2. When I run a pkg_version -v, every package on my system reports "up-to-date with index"..However, when I receive my daily security run output I get the following...
I know there are multiple newer versions of firefox in the ports tree. My question is why does my index database not have this information..Is this because firefox-2.0.0.20_7,1 is whats in the stable ports tree....I'm a little confused..Or maybe completely confused...?
Code:
Checking for packages with security vulnerabilities:
Affected package: ruby-1.8.7.160,1
Type of problem: ruby -- BigDecimal denial of service vulnerability.
Reference: <http://www.FreeBSD.org/ports/portaudit/62e0fbe5-5798-11de-bb78-001cc0377035.html>
Affected package: firefox-2.0.0.20_7,1
Type of problem: mozilla -- multiple vulnerabilities.
Reference: <http://www.FreeBSD.org/ports/portaudit/da185955-5738-11de-b857-000f20797ede.html>
2 problem(s) in your installed packages found.
You are advised to update or deinstall the affected package(s) immediately.I know there are multiple newer versions of firefox in the ports tree. My question is why does my index database not have this information..Is this because firefox-2.0.0.20_7,1 is whats in the stable ports tree....I'm a little confused..Or maybe completely confused...?
