DaemonForums  

Go Back   DaemonForums > FreeBSD > FreeBSD Ports and Packages

FreeBSD Ports and Packages Installation and upgrading of ports and packages on FreeBSD.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 10th August 2009
delboy's Avatar
delboy delboy is offline
Fdisk Soldier
 
Join Date: May 2008
Posts: 63
Thanked 0 Times in 0 Posts
Default Epiphany and Firefox2 wont update

Trying to update Epiphany I get the following error message.

Code:
===>>> Starting build for www/epiphany <<<===

===>>> Starting check for build dependencies
===>>> Gathering dependency list for www/epiphany from ports
===>>> Starting dependency check
===>>> Launching child to update firefox-2.0.0.20,1 to firefox-2.0.0.20_9,1
	epiphany-2.22.3 >> firefox-2.0.0.20,1

===>>> Port directory: /usr/ports/www/firefox
===>>> Starting check for build dependencies
===>>> Gathering dependency list for www/firefox from ports
===>>> Starting dependency check
===>>> Dependency check complete for www/firefox
	epiphany-2.22.3 >> firefox-2.0.0.20,1

===>  Cleaning for firefox-2.0.0.20_9,1

===>  firefox-2.0.0.20_9,1 has known vulnerabilities:
=> mozilla -- multiple vulnerabilities.
   Reference: <http://portaudit.FreeBSD.org/49e8f2ee-8147-11de-a994-0030843d3802.html>
=> Please update your ports tree and try again.
*** Error code 1

Stop in /usr/ports/www/firefox.
*** Error code 1

Stop in /usr/ports/www/firefox.

===>>> make failed for www/firefox
===>>> Aborting update

===>>> Update for firefox-2.0.0.20,1 failed
===>>> Aborting update
I have uninstalled Firefox2,but I still get error message.
Can't find anything in /usr/ports/UPDATING unless of course I missed it.
Reply With Quote
  #2   (View Single Post)  
Old 12th August 2009
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Old man from scene 24
 
Join Date: Apr 2008
Location: Eindhoven, Netherlands
Posts: 2,074
Thanked 198 Times in 156 Posts
Default

The problem is:

Code:
===>  firefox-2.0.0.20_9,1 has known vulnerabilities:
=> mozilla -- multiple vulnerabilities.
   Reference: <http://portaudit.FreeBSD.org/49e8f2ee-8147-11de-a994-0030843d3802.html>
=> Please update your ports tree and try again.
Ports refuse to install when there are known vulnerabilities.
Did you try the suggestion in the last line? (Update ports tree and try again).
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
  #3   (View Single Post)  
Old 14th August 2009
delboy's Avatar
delboy delboy is offline
Fdisk Soldier
 
Join Date: May 2008
Posts: 63
Thanked 0 Times in 0 Posts
Default

Carpetsmoker.

Yes I did update my ports tree.but to no effect,but what did work was to add xulrunner to USE_GECKO+= in Epiphany makefile.
Not sure if that is the right way to go but Epiphany updated no problem.
Assuming that is the right way to go,is there a code that would cover all ports that depend on Firefox2 and its vulnerabilities rather than change each makefile for the relevant port.
Reply With Quote
  #4   (View Single Post)  
Old 18th August 2009
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Old man from scene 24
 
Join Date: Apr 2008
Location: Eindhoven, Netherlands
Posts: 2,074
Thanked 198 Times in 156 Posts
Default

http://portaudit.FreeBSD.org/49e8f2e...0843d3802.html says the following firefox versions are affected:
Quote:
firefox <3.*,1
firefox >3.*,1 <3.0.13,1
firefox >3.5.*,1 <3.5.2,1
linux-firefox <3.*,1
linux-firefox >3.*,1 <3.0.13,1
linux-firefox >3.5.*,1 <3.5.2,1
linux-firefox-devel <3.5.2
I looked at the firefox website, and as far as I could see I could not find anything about firefox 2. It would seem firefox 2 is EOL and a fix might never be released.

If you want to use the firefox browser, then there are two options:
1) Use firefox 3.0 or 3.5 (www/firefox3, www/firefox35)
2) Ignore the security problem and install firefox anyway by defining the DISABLE_VULNERABILITIES variable. Be sure to read and understand the issue and the impact it may have, if you do not, I would highly recommend using option 1.

Quote:
Yes I did update my ports tree.but to no effect,but what did work was to add xulrunner to USE_GECKO+= in Epiphany makefile.
Not sure if that is the right way to go but Epiphany updated no problem.
Assuming that is the right way to go,is there a code that would cover all ports that depend on Firefox2 and its vulnerabilities rather than change each makefile for the relevant port.
Hm, it does look like ports still want www/firefox instead of www/firefox30 or www/firefox35.
You can set WITH_GECKO in /etc/make.conf to specify a system-wide preference.
Acceptable values are:
firefox nvu seamonkey thunderbird xulrunner flock mozilla libxul

All of them are ports which live in www/.
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
  #5   (View Single Post)  
Old 25th August 2009
delboy's Avatar
delboy delboy is offline
Fdisk Soldier
 
Join Date: May 2008
Posts: 63
Thanked 0 Times in 0 Posts
Default

carpetsmoker

Sorry to be late in replying(been away),decided to go with option1 and use Firefox3,thanks a lot.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
pidgin (py25-gtk) wont upgrade mururoa FreeBSD Installation and Upgrading 3 7th September 2009 07:45 PM
PF wont open port despite rules... Dain_L OpenBSD Security 3 12th September 2008 01:14 AM
Questions about Epiphany and block up popup aleunix OpenBSD Packages and Ports 0 14th June 2008 06:18 AM
KDE wont start up dctr FreeBSD General 9 11th June 2008 05:59 AM
Why wont this compile? Johnny2Bad FreeBSD General 10 19th May 2008 11:30 PM


All times are GMT. The time now is 09:36 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick