DragonFly users List (threaded) for 2008-03
DragonFly BSD
DragonFly users List (threaded) for 2008-03
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Building modular xorg


From: Dave Hayes <dave@xxxxxxxxxxx>
Date: Sat, 15 Mar 2008 16:12:28 -0700

I'm using 2007Q4 pkgsrc on Dragonfly 1.12. It turns out I need some of
the libraries in pkgsrc under meta-pkgs/modular-xorg-libs, so I
attempted to build these and got this:

# cd /usr/pkgsrc/meta-pkgs/modular-xorg-libs
# bmake package
. ..
===> Checking for vulnerabilities in libXfont-1.3.1nb1
Package libXfont-1.3.1nb1 has a buffer-overflow vulnerability, see 
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0006
ERROR: Define ALLOW_VULNERABLE_PACKAGES in mk.conf or IGNORE_URLS in
audit-packages.conf(5) if this package is absolutely essential.

This actually failed differently (I download the vulns file nightly)
than before, before I got this:

===> Building binary package for libXrender
. ..
ERROR: This package has set PKG_FAIL_REASON:
ERROR: Do not include x11.buildlink3.mk for X11_TYPE != "native".
*** Error code 1

Hm. No clue how to proceed here. For grins, I tried to build the server
first. So:

# cd /usr/pkgsrc/x11/modular-xorg-server
# bmake package
=> Bootstrap dependency digest>=20010302: found digest-20070803
===> Checking for vulnerabilities in modular-xorg-server-1.3.0.0nb3
Package modular-xorg-server-1.3.0.0nb3 has a buffer-overflow vulnerability, 
see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5760
Package modular-xorg-server-1.3.0.0nb3 has a privacy-leak vulnerability, see 
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5958
Package modular-xorg-server-1.3.0.0nb3 has a memory-corruption vulnerability, 
see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6427
Package modular-xorg-server-1.3.0.0nb3 has a buffer-overflow vulnerability, 
see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6428
Package modular-xorg-server-1.3.0.0nb3 has a buffer-overflow vulnerability, 
see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6429
ERROR: Define ALLOW_VULNERABLE_PACKAGES in mk.conf or IGNORE_URLS in 
audit-packages.conf(5) if this package is absolutely essential.

What is the correct way to build modular-xorg on DragonFly? 

Thanks in advance.
-- 
Dave Hayes - Consultant - Altadena CA, USA - dave@jetcafe.org 
>>> The opinions expressed above are entirely my own <<<

Wisdom (n.) - 1. Something you can learn without knowing it.





[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]