Skipping the FreeBSD vulnerability check during portupgrade

FreeBSD has an excellent facility for checking its ports for vulnerabilities provided by security/portaudit. This is very handy when installing an unknown package. However, it can be quite a hindrance when upgrading from one very vulnerable version of a port to one with fewer vulnerabilities, since portupgrade will flatly refuse to upgrade the port, with this kind of error:

===> wordpress-2.2.1,1 has known vulnerabilities:
=> wordpress — unmoderated comments disclosure.
Reference: <http://www.FreeBSD.org/ports/portaudit/6a31cbe3-1695-11dc-a197-0011098b2f36.html>
=> Please update your ports tree and try again.

It’s best, of course, to confirm that the vulnerability is something you can live with. If so, you can pass a flag to “make” to have it skip the vulnerability check:

portupgrade -m -DDISABLE_VULNERABILITIES wordpress

Naturally, I wouldn’t recommend doing this in conjunction with “portupgrade -all” since it would defeat the purpose of having the vulnerability check at all.

Share
Tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

By submitting this form, you accept the Mollom privacy policy.

This site uses Akismet to reduce spam. Learn how your comment data is processed.