FreeBSD has an excellent facility for checking its ports for vulnerabilities provided by security/portaudit. This is very handy when installing an unknown package. However, it can be quite a hindrance when upgrading from one very vulnerable version of a port to one with fewer vulnerabilities, since portupgrade will flatly refuse to upgrade the port, with this kind of error:
===> wordpress-2.2.1,1 has known vulnerabilities:
=> wordpress — unmoderated comments disclosure.
=> Please update your ports tree and try again.
It’s best, of course, to confirm that the vulnerability is something you can live with. If so, you can pass a flag to “make” to have it skip the vulnerability check:
portupgrade -m -DDISABLE_VULNERABILITIES wordpress
Naturally, I wouldn’t recommend doing this in conjunction with “portupgrade -all” since it would defeat the purpose of having the vulnerability check at all.