GIT – 5-posix-5.2.6 has known vulnerabilities error – Stop in /usr/ports/sysutils/5-posix. 

FreeBSD pkg_add: warning: package php5-pcre-5.2.6_2 requires php5-5.2.8, but php5-pcre-5.2.6_2 is installed

1. FreeBSD php5-posix-5.2.6 has known vulnerabilities error – Stop in /usr/ports/sysutils/php5-posix. 

Q. When I run make clean for php5-extensions port, I’m dumped with the following error:

/usr/ports/sysutils/php5-posix
===> php5-posix-5.2.6 has known vulnerabilities:
=> php — input validation error in posix_access function.
Reference: < http://www.FreeBSD.org/ports/portaudit/ee6fa2bd-406a-11dd-936a-0015af872849.html >
=> Please update your ports tree and try again.
*** Error code 1

Stop in /usr/ports/sysutils/php5-posix.
*** Error code 1

Stop in /usr/ports/lang/php5-extensions.
*** Error code 1

Stop in /usr/ports/lang/php5-extensions.

How do I fix this error?

A. Try upgrading your port tree by typing the following commands:
# portsnap fetch update
# portaudit -Fda

If you still see the error, temporarily error by adding following code to /etc/make.conf file:

# get around php5-posix error
.if !empty(.CURDIR:M*sysutils/php5-posix*)
DISABLE_VULNERABILITIES=yes
.endif

Save and close the file. Try to rebuild port again:
# cd /usr/ports/lang/php5-extensions
# make install clean

Another option is build /usr/ports/lang/php5-extensions port without looking at VULNERABILITIES:
# make -DDISABLE_VULNERABILITIES install

According to FreeBSD team:

It should be noted that this vulnerability is not considered to be serious by the FreeBSD Security Team, since safe_mode and open_basedir are insecure by design and should not be relied upon.

2. FreeBSD pkg_add: warning: package php5-pcre-5.2.6_2 requires php5-5.2.8, but php5-pcre-5.2.6_2 is installed

Q. I’m trying to upgrade my PHP version from 5.2.6 to 5.2.8 using portupgrade . But I’m getting following errors:

*** Error code 1

Stop in /usr/ports/lang/php5.
*** Error code 1

Stop in /usr/ports/lang/php5.
*** Error code 1

Stop in /usr/ports/lang/php5.
** Command failed [exit code 1]: /usr/bin/script -qa /tmp/portupgrade.42275.0 env UPGRADE_TOOL=portupgrade UPGRADE_PORT=php5-pcre-5.2.6_2 UPGRADE_PORT_VER=5.2.6_2 make reinstall
—> Restoring the old version
pkg_add: warning: package ‘php5-pcre-5.2.6_2’ requires ‘php5-5.2.8’, but ‘php5-pcre-5.2.6_2’ is installed
** Fix the installation problem and try again.
[Updating the pkgdb
in /var/db/pkg … – 62 packages found (-0 +1) . done]
** Listing the failed packages (-:ignored / *:skipped / !:failed)
! lang/php5 (php5-pcre-5.2.6_2) (install error)

How do I fix this problem and upgrade php5-pcre?

A. This is well known problem and can be fixed easily.

As of php 5.2.7, pcre extension is distributed with the core php5 package, and not as a standalone module anymore. Follow these steps to update your installation:

# pkg_delete -f php5-pcre-5.2.6
# pkgdb -F
# portupgrade php5-pcre

If you are using portmaster, enter:
# pkg_delete -f php5-pcre\*
# portmaster php5\*

If you are using pecl ports you might need to force an update on them, enter:
# portupgrade -f pecl\*
OR
# portmaster pecl\*

If you have the pecl hash, json and/or zip extensions you need to replace them with the php5 bundled ones, enter
# portupgrade -o archivers/php5-zip archivers/pecl-zip
# portupgrade -o devel/php5-json devel/pecl-json
# portupgrade -o security/php5-hash security/pecl-hash

OR
# portmaster -o archivers/php5-zip archivers/pecl-zip
# portmaster -o devel/php5-json devel/pecl-json
# portmaster -o security/php5-hash security/pecl-hash

Finally ,build your INDEX locally and you tried to build it after the php update commit, you need to rebuild it after you updated lang/php5:
# cd /usr/ports
# make index

References

  1. man page make, portmaster, portupgrade, /usr/ports/UPDATING
Print Friendly

Comments

comments

Bài viết liên quan