Portupgrading - portauditing

Louis LeBlanc FreeBSD at keyslapper.net
Sun Feb 27 01:05:59 GMT 2005 

On 02/26/05 03:25 PM, epilogue sat at the `puter and typed:
> 
> > I finally gave up and deleted the db at
> > /var/db/portaudit/auditfile.tbz and then did the upgrade.
> > 
> > It still flags firefox as a vulnerability, even though the problem it
> > references is supposed to be explicitly fixed in the version I have
> > installed (window injection vulnerability).
> > 
> > Of course, you can the method described by another poster to get that
> > list, but I haven't been able to get portaudit to actually let me
> > upgrade.  Even the portupgrade -f flag won't work and simply building
> > the port manually is also disabled for flagged ports.
> > 
> > Portaudit seems more a hard lockdown than a warning system.  I think
> > either I am not understanding how to manage it yet, or it has a couple
> > issues that have not been hammered out yet.  Manpages don't have much
> > detail about this issue.  I haven't had a chance to check on the
> > existence of a bug report yet, because I want to hunt down all the
> > docs I can first.
> 
> no need to fiddle with portaudit, as these can be fed directly to make
> or to portupgrade (with the -m flag).
> 
> building ports despite vulnerabilities:
> -DDISABLE_VULNERABILITIES
> 
> building ports despite ignore:
> -DNO_IGNORE
> 
> to my knowledge, these are not yet documented anywhere but here in the
> mailing lists.  i believe that the doc project is already looking to
> integrate this info into the ports manpage (or somewhere else equally
> sensible).
> 
> on the off chance that they lost sight of this target, i'm adding them
> to cc.   (:  thank you docs team  :)
> 
> hth.


Definitely.  Thanks for the primer.

Lou
-- 
Louis LeBlanc                          FreeBSD-at-keyslapper-DOT-net
Fully Funded Hobbyist,                   KeySlapper Extrordinaire :)
Please send off-list email to:         leblanc at keyslapper d.t net
Key fingerprint = C5E7 4762 F071 CE3B ED51  4FB8 AF85 A2FE 80C8 D9A2

Too much is just enough.
    -- Mark Twain, on whiskey
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20050226/ee6e9df7/attachment.bin

More information about the freebsd-questions mailing list