I suspect teo is trying to mix the latest ports with the quarterly packages.
pkg -vv
Version : 1.10.5[/BGCOLOR][/BGCOLOR][/BGCOLOR][/BGCOLOR][/BGCOLOR]
[BGCOLOR=#dee3e7][BGCOLOR=#dee3e7][BGCOLOR=#dee3e7][BGCOLOR=#dee3e7][BGCOLOR=#dee3e7]PKG_DBDIR = "/var/db/pkg";
PKG_CACHEDIR = "/var/cache/pkg";
PORTSDIR = "/usr/ports";
INDEXDIR = "";
INDEXFILE = "INDEX-11";
HANDLE_RC_SCRIPTS = false;
DEFAULT_ALWAYS_YES = false;
ASSUME_ALWAYS_YES = false;
REPOS_DIR [
"/etc/pkg/",
"/usr/local/etc/pkg/repos/",
]
PLIST_KEYWORDS_DIR = "";
SYSLOG = true;
ABI = "FreeBSD:11:amd64";
ALTABI = "freebsd:11:x86:64";
DEVELOPER_MODE = false;
VULNXML_SITE = "http://vuxml.freebsd.org/freebsd/vuln.xml.bz2";
FETCH_RETRY = 3;
PKG_PLUGINS_DIR = "/usr/local/lib/pkg/";
PKG_ENABLE_PLUGINS = true;
PLUGINS [
]
DEBUG_SCRIPTS = false;
PLUGINS_CONF_DIR = "/usr/local/etc/pkg/";
PERMISSIVE = false;
REPO_AUTOUPDATE = true;
NAMESERVER = "";
HTTP_USER_AGENT = "pkg/1.10.5";
EVENT_PIPE = "";
FETCH_TIMEOUT = 30;
UNSET_TIMESTAMP = false;
SSH_RESTRICT_DIR = "";
PKG_ENV {
}
PKG_SSH_ARGS = "";
DEBUG_LEVEL = 0;
ALIAS {
all-depends = "query %dn-%dv";
annotations = "info -A";
build-depends = "info -qd";
cinfo = "info -Cx";
comment = "query -i \"%c\"";
csearch = "search -Cx";
desc = "query -i \"%e\"";
download = "fetch";
iinfo = "info -ix";
isearch = "search -ix";
prime-list = "query -e '%a = 0' '%n'";
prime-origins = "query -e '%a = 0' '%o'";
leaf = "query -e '%#r == 0' '%n-%v'";
list = "info -ql";
noauto = "query -e '%a == 0' '%n-%v'";
options = "query -i \"%n - %Ok: %Ov\"";
origin = "info -qo";
provided-depends = "info -qb";
raw = "info -R";
required-depends = "info -qr";
roptions = "rquery -i \"%n - %Ok: %Ov\"";
shared-depends = "info -qB";
show = "info -f -k";
size = "info -sq";
}
CUDF_SOLVER = "";
SAT_SOLVER = "";
RUN_SCRIPTS = true;
CASE_SENSITIVE_MATCH = false;
LOCK_WAIT = 1;
LOCK_RETRIES = 5;
SQLITE_PROFILE = false;
WORKERS_COUNT = 0;
READ_LOCK = false;
PLIST_ACCEPT_DIRECTORIES = false;
IP_VERSION = 0;
AUTOMERGE = true;
VERSION_SOURCE = "";
CONSERVATIVE_UPGRADE = true;
PKG_CREATE_VERBOSE = false;
AUTOCLEAN = false;
DOT_FILE = "";
REPOSITORIES {
}
VALID_URL_SCHEME [
"pkg+http",
"pkg+https",
"https",
"http",
"file",
"ssh",
"ftp",
"ftps",
"pkg+ssh",
"pkg+ftp",
"pkg+ftps",
]
ALLOW_BASE_SHLIBS = false;
WARN_SIZE_LIMIT = 1048576;
METALOG = "";
OSVERSION = 1102000;
IGNORE_OSVERSION = false;
Repositories:
FreeBSD: {
url : "pkg+http://pkg.FreeBSD.org/FreeBSD:11:amd64/quarterly",
enabled : yes,
priority : 0,
mirror_type : "SRV",
signature_type : "FINGERPRINTS",
fingerprints : "/usr/share/keys/pkg"
}
ee /usr/local/etc/repos/FreeBSD.conf
FreeBSD: {
url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest"
}
cd /usr/ports/www/firefox-i18n/
make config-recursive
make install clean
< Rustfmt { stage: 2, target: "x86_64-unknown-freebsd" }
Install rustfmt stage2 (Some("x86_64-unknown-freebsd"))
running: "sh" "/usr/ports/lang/rust/work/rustc-1.27.1-src/build/tmp/dist/rustfmt-0.6.1-x86_64-unknown-freebsd/install.sh" "--prefix=/usr/ports/lang/rust/work/stage/usr/local" "--sysconfdir=/usr/ports/lang/rust/work/stage/usr/local/etc" "--datadir=/usr/ports/lang/rust/work/stage/usr/local/share" "--docdir=/usr/ports/lang/rust/work/stage/usr/local/share/doc/rust" "--bindir=/usr/ports/lang/rust/work/stage/usr/local/bin" "--libdir=/usr/ports/lang/rust/work/stage/usr/local/lib" "--mandir=/usr/ports/lang/rust/work/stage/usr/local/man" "--disable-ldconfig"
install: creating uninstall script at /usr/ports/lang/rust/work/stage/usr/local/lib/rustlib/uninstall.sh
install: installing component 'rustfmt-preview'
install: backing up existing file at /usr/ports/lang/rust/work/stage/usr/local/share/doc/rust/README.md
install: backing up existing file at /usr/ports/lang/rust/work/stage/usr/local/share/doc/rust/LICENSE-MIT
install: backing up existing file at /usr/ports/lang/rust/work/stage/usr/local/share/doc/rust/LICENSE-APACHE
rustfmt ready to fmt.
< Rustfmt { stage: 2, target: "x86_64-unknown-freebsd", host: "x86_64-unknown-freebsd" }
> Analysis { stage: 2, target: "x86_64-unknown-freebsd", host: "x86_64-unknown-freebsd" }
c Assemble { target_compiler: Compiler { stage: 2, host: "x86_64-unknown-freebsd" } }
> Analysis { compiler: Compiler { stage: 2, host: "x86_64-unknown-freebsd" }, target: "x86_64-unknown-freebsd" }
Dist analysis
c Std { compiler: Compiler { stage: 2, host: "x86_64-unknown-freebsd" }, target: "x86_64-unknown-freebsd" }
c Assemble { target_compiler: Compiler { stage: 1, host: "x86_64-unknown-freebsd" } }
image_src: "/usr/ports/lang/rust/work/rustc-1.27.1-src/build/x86_64-unknown-freebsd/stage1-std/x86_64-unknown-freebsd/release/deps/save-analysis", dst: "/usr/ports/lang/rust/work/rustc-1.27.1-src/build/tmp/dist/rust-analysis-1.27.1-x86_64-unknown-freebsd-image/lib/rustlib/x86_64-unknown-freebsd/analysis"
c Assemble { target_compiler: Compiler { stage: 0, host: "x86_64-unknown-freebsd" } }
c RustInstaller { compiler: Compiler { stage: 0, host: "x86_64-unknown-freebsd" }, target: "x86_64-unknown-freebsd" }
c Assemble { target_compiler: Compiler { stage: 0, host: "x86_64-unknown-freebsd" } }
c Libdir { compiler: Compiler { stage: 0, host: "x86_64-unknown-freebsd" }, target: "x86_64-unknown-freebsd" }
c Llvm { target: "x86_64-unknown-freebsd", emscripten: false }
running: "/usr/ports/lang/rust/work/rustc-1.27.1-src/build/x86_64-unknown-freebsd/stage0-tools-bin/fabricate" "generate" "--product-name=Rust" "--rel-manifest-dir=rustlib" "--success-message=save-analysis-saved." "--image-dir" "/usr/ports/lang/rust/work/rustc-1.27.1-src/build/tmp/dist/rust-analysis-1.27.1-x86_64-unknown-freebsd-image" "--work-dir" "/usr/ports/lang/rust/work/rustc-1.27.1-src/build/tmp/dist" "--output-dir" "/usr/ports/lang/rust/work/rustc-1.27.1-src/build/dist" "--package-name=rust-analysis-1.27.1-x86_64-unknown-freebsd" "--component-name=rust-analysis-x86_64-unknown-freebsd" "--legacy-manifest-dirs=rustlib,cargo"
< Analysis { compiler: Compiler { stage: 2, host: "x86_64-unknown-freebsd" }, target: "x86_64-unknown-freebsd" }
Install analysis stage2 (Some("x86_64-unknown-freebsd"))
running: "sh" "/usr/ports/lang/rust/work/rustc-1.27.1-src/build/tmp/dist/rust-analysis-1.27.1-x86_64-unknown-freebsd/install.sh" "--prefix=/usr/ports/lang/rust/work/stage/usr/local" "--sysconfdir=/usr/ports/lang/rust/work/stage/usr/local/etc" "--datadir=/usr/ports/lang/rust/work/stage/usr/local/share" "--docdir=/usr/ports/lang/rust/work/stage/usr/local/share/doc/rust" "--bindir=/usr/ports/lang/rust/work/stage/usr/local/bin" "--libdir=/usr/ports/lang/rust/work/stage/usr/local/lib" "--mandir=/usr/ports/lang/rust/work/stage/usr/local/man" "--disable-ldconfig"
install: creating uninstall script at /usr/ports/lang/rust/work/stage/usr/local/lib/rustlib/uninstall.sh
install: installing component 'rust-analysis-x86_64-unknown-freebsd'
save analysis saved.
< Analysis { stage: 2, target: "x86_64-unknown-freebsd", host: "x86_64-unknown-freebsd" }
> Src { stage: 2 }
> Src
Dist src
c Assemble { target_compiler: Compiler { stage: 0, host: "x86_64-unknown-freebsd" } }
c RustInstaller { compiler: Compiler { stage: 0, host: "x86_64-unknown-freebsd" }, target: "x86_64-unknown-freebsd" }
c Assemble { target_compiler: Compiler { stage: 0, host: "x86_64-unknown-freebsd" } }
c Libdir { compiler: Compiler { stage: 0, host: "x86_64-unknown-freebsd" }, target: "x86_64-unknown-freebsd" }
c Llvm { target: "x86_64-unknown-freebsd", emscripten: false }
running: "/usr/ports/lang/rust/work/rustc-1.27.1-src/build/x86_64-unknown-freebsd/stage0-tools-bin/fabricate" "generate" "--product-name=Rust" "--rel-manifest-dir=rustlib" "--success-message=Awesome-Source." "--image-dir" "/usr/ports/lang/rust/work/rustc-1.27.1-src/build/tmp/dist/rust-src-1.27.1-image" "--work-dir" "/usr/ports/lang/rust/work/rustc-1.27.1-src/build/tmp/dist" "--output-dir" "/usr/ports/lang/rust/work/rustc-1.27.1-src/build/dist" "--package-name=rust-src-1.27.1" "--component-name=rust-src" "--legacy-manifest-dirs=rustlib,cargo"
< Src
Install src stage2 (None)
lib/rustlib/uninstall.sh
}
"
=> port manually into /usr/ports/distfiles/gnome2 and try again.
*** Error code 1
Stop.
make[6]: stopped in /usr/ports/devel/gconf2
*** Error code 1
Stop.
make[5]: stopped in /usr/ports/devel/gconf2
*** Error code 1
Stop.
make[4]: stopped in /usr/ports/www/firefox
*** Error code 1
Stop.
make[3]: stopped in /usr/ports/www/firefox
*** Error code 1
Stop.
make[2]: stopped in /usr/ports/www/firefox-i18n
*** Error code 1
Stop.
make[1]: stopped in /usr/ports/www/firefox-i18n
*** Error code 1
Stop.
make: stopped in /usr/ports/www/firefox-i18n
#
pkg check -d -a
command, that searches for missing dependencies, and some applications on the graphical desktop will not open, examples. pkg upgrade
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
Checking for upgrades (324 candidates): 100%
Processing candidates (324 candidates): 100%
The following 20 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
hal: 0.5.14_33
policykit: 0.9_10
xproto: 7.0.31
kbproto: 1.0.7
printproto: 1.0.5
dmxproto: 2.3.1
xf86dgaproto: 2.1
trapproto: 3.4.3
fontcacheproto: 0.1.3
fontsproto: 2.1.3,1
dmidecode: 3.1_1
libvolume_id: 0.81.1
Installed packages to be REINSTALLED:
thunar-vfs-1.2.0_11 (options changed)
qt5-quick-5.10.1 (direct dependency changed: qt5-widgets)
qt5-opengl-5.10.1 (direct dependency changed: qt5-widgets)
qt5-multimedia-5.10.1 (direct dependency changed: libXv)
qt5-gui-5.10.1 (direct dependency changed: xcb-util-wm)
poppler-data-0.4.9 (ABI changed: 'freebsd:11:*' -> 'freebsd:11:x86:64')
libdvdread-6.0.0 (options changed)
gstreamer-plugins-good-0.10.31_3,3 (needed shared library changed)
Number of packages to be installed: 12
Number of packages to be reinstalled: 8
The process will require 4 MiB more space.
9 MiB to be downloaded.
Proceed with this action? [y/N]: n
#
pkg check -d -a
Checking all packages: 100%
bitmap has a missing dependency: xproto
iceauth has a missing dependency: xproto
libFS has a missing dependency: xproto
libFS has a missing dependency: fontsproto
libXTrap has a missing dependency: trapproto
libXaw has a missing dependency: xproto
libXaw has a missing dependency: printproto
libXevie has a missing dependency: xproto
libXfontcache has a missing dependency: fontcacheproto
libXp has a missing dependency: printproto
libXxf86dga has a missing dependency: xproto
libXxf86dga has a missing dependency: xf86dgaproto
libdmx has a missing dependency: dmxproto
libxkbui has a missing dependency: kbproto
virtualbox-ose-additions is missing a required shared library: libXfixes.so
virtualbox-ose-additions is missing a required shared library: libXext.so
xdpyinfo has a missing dependency: xproto
xf86-input-keyboard has a missing dependency: xproto
xf86-input-mouse has a missing dependency: xproto
xf86-video-scfb has a missing dependency: xproto
xf86-video-vesa has a missing dependency: xproto
xset has a missing dependency: xproto
xwininfo has a missing dependency: xproto
>>> Missing package dependencies were detected.
>>> Found 8 issue(s) in the package database.
The following packages will be installed:
New packages to be INSTALLED:
xproto: 7.0.31
fontsproto: 2.1.3,1
trapproto: 3.4.3
printproto: 1.0.5
fontcacheproto: 0.1.3
xf86dgaproto: 2.1
dmxproto: 2.3.1
kbproto: 1.0.7
Number of packages to be installed: 8
The process will require 2 MiB more space.
255 KiB to be downloaded.
>>> Try to fix the missing dependencies? [y/N]: n
>>> Summary of actions performed:
xproto dependency failed to be fixed
fontsproto dependency failed to be fixed
trapproto dependency failed to be fixed
printproto dependency failed to be fixed
fontcacheproto dependency failed to be fixed
xf86dgaproto dependency failed to be fixed
dmxproto dependency failed to be fixed
kbproto dependency failed to be fixed
>>> There are still missing dependencies.
>>> Try fixing them manually.
>>> Also make sure to check 'pkg updating' for known issues.
#
pkg install neofetch
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 10 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
neofetch: 5.0.0
bash: 4.4.23
printproto: 1.0.5
dmxproto: 2.3.1
xproto: 7.0.31
kbproto: 1.0.7
xf86dgaproto: 2.1
fontcacheproto: 0.1.3
trapproto: 3.4.3
fontsproto: 2.1.3,1
Number of packages to be installed: 10
The process will require 10 MiB more space.
2 MiB to be downloaded.
Proceed with this action? [y/N]: n
#
the installation through binary packages ends up producing many vulnerabilities in the system
Code:Repositories: FreeBSD: { url : "pkg+http://pkg.FreeBSD.org/FreeBSD:11:amd64/quarterly", enabled : yes, priority : 0, mirror_type : "SRV", signature_type : "FINGERPRINTS", fingerprints : "/usr/share/keys/pkg" }
Code:FreeBSD: { url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest" }
I've already told you in relatively direct language to force delete old *proto packages. I'm still not sure you even tried that.
pkg upgrade
or install a binary package, it automatically queues that obsolete package as detailed above. pkg delete -f xproto
pkg delete -f xorgproto
pkg autoremove
portsnap fetch update
pkg version -l \? | cut -f 1 -w | grep -v compat | xargs pkg delete -fy
portmaster x11/xorgproto
shkhln said:Pkg doesn't "produce" vulnerabilities, it only reports them. And, of course, they have not been created at the moment of reporting, they were present in your system long before their discovery.
pkg upgrade
command, and to force upgrade to those packages or vulnerable dependencies, I have used the portmaster
command and the system does not detect more vulnerabilities, however with that obsolete *proto package, you can not install binary packages because it immediately generates conflicts with xorgproto
or when updating and installing a new port or a binary package. pkg upgrade
command and have been detected by the system as vulnerable, as mentioned in other open topics. pkg audit -F
vulnxml file up-to-date
libsndfile-1.0.28_1 is vulnerable:
libsndfile -- out-of-bounds reads
CVE: CVE-2017-17457
CVE: CVE-2017-17456
CVE: CVE-2017-14246
CVE: CVE-2017-14245
WWW: https://vuxml.FreeBSD.org/freebsd/30704aba-1da4-11e8-b6aa-4ccc6adda413.html
sqlite3-3.22.0 is vulnerable:
SQLite -- Corrupt DB can cause a NULL pointer dereference
CVE: CVE-2018-8740
WWW: https://vuxml.FreeBSD.org/freebsd/6d52bda1-2e54-11e8-a68f-485b3931c969.html
firefox-59.0.1,1 is vulnerable:
mozilla -- use-after-free in compositor
CVE: CVE-2018-5148
WWW: https://vuxml.FreeBSD.org/freebsd/23f59689-0152-42d3-9ade-1658d6380567.html
thunderbird-52.6.0_2 is vulnerable:
mozilla -- use-after-free in compositor
CVE: CVE-2018-5148
WWW: https://vuxml.FreeBSD.org/freebsd/23f59689-0152-42d3-9ade-1658d6380567.html
thunderbird-52.6.0_2 is vulnerable:
mozilla -- multiple vulnerabilities
CVE: CVE-2018-5147
CVE: CVE-2018-5146
WWW: https://vuxml.FreeBSD.org/freebsd/7943794f-707f-4e31-9fea-3bbf1ddcedc1.html
thunderbird-52.6.0_2 is vulnerable:
mozilla -- multiple vulnerabilities
CVE: CVE-2018-5143
CVE: CVE-2018-5142
CVE: CVE-2018-5141
CVE: CVE-2018-5140
CVE: CVE-2018-5138
CVE: CVE-2018-5137
CVE: CVE-2018-5136
CVE: CVE-2018-5135
CVE: CVE-2018-5134
CVE: CVE-2018-5133
CVE: CVE-2018-5132
CVE: CVE-2018-5131
CVE: CVE-2018-5130
CVE: CVE-2018-5129
CVE: CVE-2018-5128
CVE: CVE-2018-5127
CVE: CVE-2018-5126
CVE: CVE-2018-5125
WWW: https://vuxml.FreeBSD.org/freebsd/c71cdc95-3c18-45b7-866a-af28b59aabb5.html
4 problem(s) in the installed packages found.
#
shkhln said:I suspect reusing the same repository name (FreeBSD) for the quartely -> latest switch might not be the brightest idea.
when you try to update the binary packages with thepkg upgrade
or install a binary package, it automatically queues that obsolete package as detailed above.
#pkg version -l \? | cut -f 1 -w | grep -v compat | xargs pkg delete -fy
It appears that there is a mix of ports & pkg's with few other problems.anything without reviewing package names first
pkg audit -F
. Review the system & then pkg upgrade
. Use 'yes' then the pkg
may goes for second iteration. Check again then reinstall others required packeges.It is _very_ frustrating.
pkg -vv
Version : 1.10.5
PKG_DBDIR = "/var/db/pkg";
PKG_CACHEDIR = "/var/cache/pkg";
PORTSDIR = "/usr/ports";
INDEXDIR = "";
INDEXFILE = "INDEX-11";
HANDLE_RC_SCRIPTS = false;
DEFAULT_ALWAYS_YES = false;
ASSUME_ALWAYS_YES = false;
REPOS_DIR [
"/etc/pkg/",
"/usr/local/etc/pkg/repos/",
]
PLIST_KEYWORDS_DIR = "";
SYSLOG = true;
ABI = "FreeBSD:11:amd64";
ALTABI = "freebsd:11:x86:64";
DEVELOPER_MODE = false;
VULNXML_SITE = "http://vuxml.freebsd.org/freebsd/vuln.xml.bz2";
FETCH_RETRY = 3;
PKG_PLUGINS_DIR = "/usr/local/lib/pkg/";
PKG_ENABLE_PLUGINS = true;
PLUGINS [
]
DEBUG_SCRIPTS = false;
PLUGINS_CONF_DIR = "/usr/local/etc/pkg/";
PERMISSIVE = false;
REPO_AUTOUPDATE = true;
NAMESERVER = "";
HTTP_USER_AGENT = "pkg/1.10.5";
EVENT_PIPE = "";
FETCH_TIMEOUT = 30;
UNSET_TIMESTAMP = false;
SSH_RESTRICT_DIR = "";
PKG_ENV {
}
PKG_SSH_ARGS = "";
DEBUG_LEVEL = 0;
ALIAS {
all-depends = "query %dn-%dv";
annotations = "info -A";
build-depends = "info -qd";
cinfo = "info -Cx";
comment = "query -i \"%c\"";
csearch = "search -Cx";
desc = "query -i \"%e\"";
download = "fetch";
iinfo = "info -ix";
isearch = "search -ix";
prime-list = "query -e '%a = 0' '%n'";
prime-origins = "query -e '%a = 0' '%o'";
leaf = "query -e '%#r == 0' '%n-%v'";
list = "info -ql";
noauto = "query -e '%a == 0' '%n-%v'";
options = "query -i \"%n - %Ok: %Ov\"";
origin = "info -qo";
provided-depends = "info -qb";
raw = "info -R";
required-depends = "info -qr";
roptions = "rquery -i \"%n - %Ok: %Ov\"";
shared-depends = "info -qB";
show = "info -f -k";
size = "info -sq";
}
CUDF_SOLVER = "";
SAT_SOLVER = "";
RUN_SCRIPTS = true;
CASE_SENSITIVE_MATCH = false;
LOCK_WAIT = 1;
LOCK_RETRIES = 5;
SQLITE_PROFILE = false;
WORKERS_COUNT = 0;
READ_LOCK = false;
PLIST_ACCEPT_DIRECTORIES = false;
IP_VERSION = 0;
AUTOMERGE = true;
VERSION_SOURCE = "";
CONSERVATIVE_UPGRADE = true;
PKG_CREATE_VERBOSE = false;
AUTOCLEAN = false;
DOT_FILE = "";
REPOSITORIES {
}
VALID_URL_SCHEME [
"pkg+http",
"pkg+https",
"https",
"http",
"file",
"ssh",
"ftp",
"ftps",
"pkg+ssh",
"pkg+ftp",
"pkg+ftps",
]
ALLOW_BASE_SHLIBS = false;
WARN_SIZE_LIMIT = 1048576;
METALOG = "";
OSVERSION = 1102000;
IGNORE_OSVERSION = false;
Repositories:
FreeBSD: {
url : "pkg+http://pkg.FreeBSD.org/FreeBSD:11:amd64/latest",
enabled : yes,
priority : 0,
mirror_type : "SRV",
signature_type : "FINGERPRINTS",
fingerprints : "/usr/share/keys/pkg"
}