Portupgrading - portauditing

epilogue epilogue at allstream.net
Sat Feb 26 20:25:59 UTC 2005


> I finally gave up and deleted the db at
> /var/db/portaudit/auditfile.tbz and then did the upgrade.
> 
> It still flags firefox as a vulnerability, even though the problem it
> references is supposed to be explicitly fixed in the version I have
> installed (window injection vulnerability).
> 
> Of course, you can the method described by another poster to get that
> list, but I haven't been able to get portaudit to actually let me
> upgrade.  Even the portupgrade -f flag won't work and simply building
> the port manually is also disabled for flagged ports.
> 
> Portaudit seems more a hard lockdown than a warning system.  I think
> either I am not understanding how to manage it yet, or it has a couple
> issues that have not been hammered out yet.  Manpages don't have much
> detail about this issue.  I haven't had a chance to check on the
> existence of a bug report yet, because I want to hunt down all the
> docs I can first.

no need to fiddle with portaudit, as these can be fed directly to make
or to portupgrade (with the -m flag).

building ports despite vulnerabilities:
-DDISABLE_VULNERABILITIES

building ports despite ignore:
-DNO_IGNORE

to my knowledge, these are not yet documented anywhere but here in the
mailing lists.  i believe that the doc project is already looking to
integrate this info into the ports manpage (or somewhere else equally
sensible).

on the off chance that they lost sight of this target, i'm adding them
to cc.   (:  thank you docs team  :)

hth.


cheers,
epi



More information about the freebsd-doc mailing list