# db5



## cbrace (Jun 30, 2022)

Hi all,

On my VPS running v13.1-RELEASE I see a warning in the daily output:


> Checking for packages with security vulnerabilities:
> Database fetched: Tue Jun 28 03:26:32 CEST 2022
> db5-5.3.28_8: Tag: expiration_date Value: 2022-06-30
> db5-5.3.28_8: Tag: deprecated Value: EOLd, potential security issues, maybe use db18 instead


If I run `pkg remove db5` it wants to remove apache24 as well:

```
Installed packages to be REMOVED:
    apache24: 2.4.54
    apr: 1.7.0.1.6.1_2
    db5: 5.3.28_8
    mod_php80: 8.0.18_2
```
Thing is, I installed apache24 from a package using pkg, not compiled from port, so I don't know how to manually change this dependency to db18, the package of which I have already installed. Can someone more versed in packages suggest a way forward here?
TIA


----------



## mer (Jun 30, 2022)

db5 is a dependency of a bunch of others.
My systems, I get the same warning but it traces to libreoffice.  I'm running 13.1-RELEASE and picking up packages from quarterly not latest so I expect it will get updated at some point.
You could try using pkgs from latest but that may update a lot of things.

I am not worrying about it at this point, it will get fixed when it gets fixed.


----------

