[[OpenPNE 2.13.8 to 2.14.1.1]] Affected package: p5-HTML-Parser-3.60 Type of problem: p5-HTML-Parser -- denial of service. Reference: <http://www.FreeBSD.org/ports/portaudit/68bda678-caab-11de-a97e-be89dfd1042e.html> Affected package: gd-2.0.35,1 Type of problem: gd -- '_gdGetColors' remote buffer overflow vulnerability. Reference: <http://www.FreeBSD.org/ports/portaudit/4e8344a3-ca52-11de-8ee8-00215c6a37bb.html> Affected package: php5-gd-5.2.11_1 Type of problem: gd -- '_gdGetColors' remote buffer overflow vulnerability. Reference: <http://www.FreeBSD.org/ports/portaudit/4e8344a3-ca52-11de-8ee8-00215c6a37bb.html> Affected package: php5-gd-5.2.9 Type of problem: gd -- '_gdGetColors' remote buffer overflow vulnerability. Reference: <http://www.FreeBSD.org/ports/portaudit/4e8344a3-ca52-11de-8ee8-00215c6a37bb.html> 4 problem(s) in your installed packages found. You are advised to update or deinstall the affected package(s) immediately. http://blog.c-production.com/archives/2006/05/freebsdgd1.html libpngをダウングレードしてみる。 blackcube# pwd /usr/local/src /usr/local/bin/wget http://ufpr.dl.sourceforge.net/sourceforge/libpng/libpng-1.2.32.tar.bz2 blackcube# tar xvfz libpng-1.2.32.tar.bz2 blackcube# cd libpng-1.2.32 blackcube# cp scripts/makefile.freebsd Makefile make make install 198 15:46 wget http://ufpr.dl.sourceforge.net/sourceforge/libpng/libpng-1.2.32.tar.bz2 199 15:48 pwd 200 15:49 wget http://ufpr.dl.sourceforge.net/sourceforge/libpng/libpng-1.2.32.tar.bz2 201 15:49 wget http://ufpr.dl.sourceforge.net/sourceforge/libpng/libpng-1.2.32.tar.bz2 202 15:51 /usr/local/bin/wget http://ufpr.dl.sourceforge.net/sourceforge/libpng/libpng-1.2.32.tar.bz2 203 15:52 ll 204 15:52 tar xvfz libpng-1.2.32.tar.bz2 205 15:52 ll 206 15:52 cd libpng-1.2.32 207 15:53 cp scripts/makefile.freebsd Makefile 208 15:53 make 209 15:54 make install 210 15:54 rehash 211 15:54 apachectl restart 212 16:04 make 213 16:11 pwd 214 16:11 cp -ip scripts/makefile.linux makefile 215 16:14 cp -ip scripts/makefile.linux Makefile 216 16:14 cp -ip scripts/makefile.linux Makefile 217 16:16 make 218 16:17 make install 219 16:17 apachectl restart 220 16:21 hist 221 16:21 histry 222 16:25 history /usr/local/src/libpng-1.2.32/Makefile # Where the zlib library and include files are located. ZLIBLIB=/usr/local/lib ZLIBINC=/usr/local/include #ZLIBLIB=../zlib #ZLIBINC=../zlib