From owner-freebsd-chromium@freebsd.org  Fri Jan 22 23:39:03 2016
Return-Path: <owner-freebsd-chromium@freebsd.org>
Delivered-To: freebsd-chromium@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id E06A4A8DB99
 for <freebsd-chromium@mailman.ysv.freebsd.org>;
 Fri, 22 Jan 2016 23:39:03 +0000 (UTC)
 (envelope-from philneaton95@gmail.com)
Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org
 [IPv6:2001:1900:2254:206a::50:5])
 by mx1.freebsd.org (Postfix) with ESMTP id C340F15D7
 for <freebsd-chromium@freebsd.org>; Fri, 22 Jan 2016 23:39:03 +0000 (UTC)
 (envelope-from philneaton95@gmail.com)
Received: by mailman.ysv.freebsd.org (Postfix)
 id C0B10A8DB96; Fri, 22 Jan 2016 23:39:03 +0000 (UTC)
Delivered-To: chromium@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id C044EA8DB95
 for <chromium@mailman.ysv.freebsd.org>; Fri, 22 Jan 2016 23:39:03 +0000 (UTC)
 (envelope-from philneaton95@gmail.com)
Received: from mail-pf0-x230.google.com (mail-pf0-x230.google.com
 [IPv6:2607:f8b0:400e:c00::230])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 9F51215D6
 for <chromium@freebsd.org>; Fri, 22 Jan 2016 23:39:03 +0000 (UTC)
 (envelope-from philneaton95@gmail.com)
Received: by mail-pf0-x230.google.com with SMTP id n128so49468675pfn.3
 for <chromium@freebsd.org>; Fri, 22 Jan 2016 15:39:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:date:message-id:subject:from:to:content-type;
 bh=wH94ghlRgIMIy9n8/80aJ9Qpe/z3i2PM4QKjMAnGjrw=;
 b=xam8XTvBcCBshZjPQTAXHrEzQn5Tja6ZoY9Si0YShW4Ohsa01PkyJjCeijvuq2l5BW
 JHoAomNdbVWgYF3r2vg6RORCTAC+LQgSlsGtGIDE7DdKBg30DlP96y+l5RlWGxmuM5h2
 LUsG5gctH8ujEp6gVzxXNirW6qody9PZEeYDW0rCPSndGUAmtOi2j1yjWDK0/lN1jrwN
 grWyemEHtg4epmieV+q39/jnlSx1n4454U9dJ766fI1yOAckYxAntKMXZfNTwdGNyiXX
 qFyQIGt3qlRWEyWX9D75pKX+6OxdFNvFEQ6m6HYk+TqY7DX1HyixbS48nMr3ADnf/YwA
 UkXg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:mime-version:date:message-id:subject:from:to
 :content-type;
 bh=wH94ghlRgIMIy9n8/80aJ9Qpe/z3i2PM4QKjMAnGjrw=;
 b=mDtV84C5H5d44Hm+/HHRANsjwF0nIwS0flUwl5II0hREAFcaClwbOO8M3TK39/JeSF
 aiJ9z6JmikFYg0+zrJjl7RSmCv8qn/2D25Wmt7FaElNcfWKkhUPuW+xGM9eel3p67XuH
 gPwJXaMXLC7DM0jaP00uHGRGn244YD4rbkKvX0hEiG5WyPLgPHqxzK4T3vOL7avIfRnq
 UPD6KlpUdW98H6hP91YndC4by0R510KGHIJUKMw2Z2+4y+b/dgfQCgWy4xYvKYr6TvlD
 fCshtAoWPNyme/aZMsHO8V1sKV3wLSxP7/Qj3JXDLJZYhnnjymk3NdujbiKC8hY3U/NB
 u9+Q==
X-Gm-Message-State: AG10YOSTTJIo79wY5Ved6woQ3f5OKY6xdSvYqmS6sP47HMQc+PJ0OWxBH+OQd2iirjTS07ItcxQqrDjdhHGrbA==
MIME-Version: 1.0
X-Received: by 10.98.75.143 with SMTP id d15mr8320971pfj.96.1453505943076;
 Fri, 22 Jan 2016 15:39:03 -0800 (PST)
Received: by 10.67.2.5 with HTTP; Fri, 22 Jan 2016 15:39:03 -0800 (PST)
Date: Fri, 22 Jan 2016 18:39:03 -0500
Message-ID: <CAByiw+oTU-39Wdm391oDSDHfmdwHcLyw8ZkWgstEiWQzDE+1=w@mail.gmail.com>
Subject: current chromium version in ports tree giving vulnerabilities warnings
From: Phil Eaton <philneaton95@gmail.com>
To: chromium@freebsd.org
Content-Type: text/plain; charset=UTF-8
X-Content-Filtered-By: Mailman/MimeDel 2.1.20
X-BeenThere: freebsd-chromium@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: FreeBSD-specific Chromium issues <freebsd-chromium.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-chromium>, 
 <mailto:freebsd-chromium-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-chromium/>
List-Post: <mailto:freebsd-chromium@freebsd.org>
List-Help: <mailto:freebsd-chromium-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-chromium>, 
 <mailto:freebsd-chromium-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Jan 2016 23:39:04 -0000

Hi,

I just tried to update chromium but the build is failing with a number of
vulnerabilities. I understand that I can build and ignore these
vulnerabilities, but I wanted to report this anyway. Here is the result of
make install:

To build Chromium, you should have around 2 GB of memory
and a fair amount of free diskspace (~ 3.7GB).

Make sure you have Python build with the SEM option ON
(default in python27-2.7.8 since r361735)
===>  chromium-47.0.2526.111 has known vulnerabilities:
chromium-47.0.2526.111 is vulnerable:
chromium -- multiple vulnerabilities
CVE: CVE-2016-1620
CVE: CVE-2016-1619
CVE: CVE-2016-1618
CVE: CVE-2016-1617
CVE: CVE-2016-1616
CVE: CVE-2016-1615
CVE: CVE-2016-1614
CVE: CVE-2016-1613
CVE: CVE-2016-1612
WWW:
https://vuxml.FreeBSD.org/freebsd/371bbea9-3836-4832-9e70-e8e928727f8c.html

1 problem(s) in the installed packages found.
=> Please update your ports tree and try again.
=> Note: Vulnerable ports are marked as such even if there is no update
available.
=> If you wish to ignore this vulnerability rebuild with 'make
DISABLE_VULNERABILITIES=yes'
*** Error code 1

Stop.
make[1]: stopped in /usr/ports/www/chromium
*** Error code 1

Stop.
make: stopped in /usr/ports/www/chromium

Thanks!

-- 
Phil Eaton