pkg audit and port upgrades
Roland van Laar
roland at micite.net
Thu Sep 15 10:04:53 UTC 2016
Hello Community,
My question: How do I know if a vulnerable port has had an update?
I get daily emails from pkg audit telling me about vulnerabilities in my
ports.
Today it was curl, but the latest curl hasn't yet had an update.
I update the ports tree and rebuild my ports.
Only to notice during the build that it stops the build because the port
is still vulnerable.
=> Please update your ports tree and try again.
=> Note: Vulnerable ports are marked as such even if there is no update
available.
=> If you wish to ignore this vulnerability rebuild with 'make
DISABLE_VULNERABILITIES=yes'
*** Error code 1
Is there a way to know before I build my ports to know if there is a
vulnerability?
Regards,
Roland van Laar
More information about the freebsd-questions
mailing list