Skipping the FreeBSD vulnerability check during portupgrade

FreeBSD has an excellent facility for checking its ports for vulnerabilities provided by security/portaudit. This is very handy when installing an unknown package. However, it can be quite a hindrance when upgrading from one very vulnerable version of a port to one with fewer vulnerabilities, since portupgrade will flatly refuse to upgrade the port, with this kind of error:

===> wordpress-2.2.1,1 has known vulnerabilities:
=> wordpress — unmoderated comments disclosure.
Reference: <http://www.FreeBSD.org/ports/portaudit/6a31cbe3-1695-11dc-a197-0011098b2f36.html>
=> Please update your ports tree and try again.

It’s best, of course, to confirm that the vulnerability is something you can live with. If so, you can pass a flag to “make” to have it skip the vulnerability check:

portupgrade -m -DDISABLE_VULNERABILITIES wordpress

Naturally, I wouldn’t recommend doing this in conjunction with “portupgrade -all” since it would defeat the purpose of having the vulnerability check at all.

Share
Tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published.

By submitting this form, you accept the Mollom privacy policy.

This site uses Akismet to reduce spam. Learn how your comment data is processed.