# Post install configuration



## jewsofeast (Jul 17, 2010)

Hi,

I added pulseaudio to base system. Post install portaudit returns following errors


```
Affected package - png-1.2.40
Problem: png -- libpng decompression buffer overflow
Affected package - tiff-3.9.1
Problem: tiff -- multiple integer overflows
Affected package - tiff-3.9.1
Problem: tiff -- buffer overflow vulnerability
Affected package - libvorbis-1.2.2.3
Problem: libvorbis -- multiple vulnerabilities
```

Please help resolve the conflicts.


----------



## mky (Jul 17, 2010)

Hi,
login as root and perform following steps:

1. Update ports tree
[CMD=""]portsnap fetch update[/CMD]

2. Install portmaster (if you haven't yet):
[CMD=""]cd /usr/ports/ports-mgmt/portmaster && make install clean[/CMD]

3. If you use tcsh(1) shell, then rehash commands:
[CMD=""]rehash[/CMD]

4a. Update your vulnerable ports:
[CMD=""]portmaster png tiff libvorbis[/CMD]

OR

4b. Update all ports: (this takes much time)
[CMD=""]portmaster -a[/CMD]

5. Check portaudit
[CMD=""]portaudit[/CMD]


----------



## jewsofeast (Jul 17, 2010)

I've install portmaster already and updated it. Will do that again.


----------



## mky (Jul 17, 2010)

Did you updated your ports tree? I have installed:


```
libvorbis-1.2.3_1,3 Audio compression codec library
png-1.4.3           Library for manipulating PNG images
tiff-3.9.4          Tools and library routines for working with TIFF images
```

And portaudit returns no vulnerable ports.


----------



## jewsofeast (Jul 17, 2010)

> portmaster -a



did the trick. I ran all updates on merits.


----------

