From owner-freebsd-ports@FreeBSD.ORG  Sat Mar  9 09:36:46 2013
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: freebsd-ports@freebsd.org
Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115])
 by hub.freebsd.org (Postfix) with ESMTP id 47403A15
 for <freebsd-ports@freebsd.org>; Sat,  9 Mar 2013 09:36:46 +0000 (UTC)
 (envelope-from ohartman@zedat.fu-berlin.de)
Received: from outpost1.zedat.fu-berlin.de (outpost1.zedat.fu-berlin.de
 [130.133.4.66]) by mx1.freebsd.org (Postfix) with ESMTP id 0B8B779B
 for <freebsd-ports@freebsd.org>; Sat,  9 Mar 2013 09:36:46 +0000 (UTC)
Received: from inpost2.zedat.fu-berlin.de ([130.133.4.69])
 by outpost1.zedat.fu-berlin.de (Exim 4.80.1)
 for freebsd-ports@freebsd.org with esmtp
 (envelope-from <ohartman@zedat.fu-berlin.de>)
 id <1UEGCr-000lyM-D8>; Sat, 09 Mar 2013 10:36:45 +0100
Received: from e178025158.adsl.alicedsl.de ([85.178.25.158]
 helo=munin.geoinf.fu-berlin.de)
 by inpost2.zedat.fu-berlin.de (Exim 4.80.1)
 for freebsd-ports@freebsd.org with esmtpsa
 (envelope-from <ohartman@zedat.fu-berlin.de>)
 id <1UEGCr-0035PI-Ah>; Sat, 09 Mar 2013 10:36:45 +0100
Message-ID: <513B02ED.4040302@zedat.fu-berlin.de>
Date: Sat, 09 Mar 2013 10:37:49 +0100
From: "Hartmann, O." <ohartman@zedat.fu-berlin.de>
Organization: FU Berlin
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64;
 rv:17.0) Gecko/20130309 Thunderbird/17.0.4
MIME-Version: 1.0
To: freebsd-ports@freebsd.org
Subject: lang/ruby19: ruby-1.9.3.392,1 is vulnerable: ** [check-vulnerable]
 Error code 1
References: <513B02C5.9090406@zedat.fu-berlin.de>
In-Reply-To: <513B02C5.9090406@zedat.fu-berlin.de>
X-Forwarded-Message-Id: <513B02C5.9090406@zedat.fu-berlin.de>
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: 7bit
X-Originating-IP: 85.178.25.158
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Mar 2013 09:36:46 -0000


I try to compile port lang/ruby19 and I always get on a FreeBSD
9.1-STABLE box the following error message, which is obviously triggered
by some port auditing - but I do not find the "knob" to switch it off.

Can someone give a hint, please?

Regards,

Oliver

===>  Cleaning for ruby-1.9.3.392,1
===>  ruby-1.9.3.392,1 has known vulnerabilities:
ruby-1.9.3.392,1 is vulnerable:
Ruby -- XSS exploit of RDoc documentation generated by rdoc

WWW: http://portaudit.FreeBSD.org/d3e96508-056b-4259-88ad-50dc8d1978a6.html

ruby-1.9.3.392,1 is vulnerable:
Ruby -- Denial of Service and Unsafe Object Creation Vulnerability in JSON

WWW: http://portaudit.FreeBSD.org/c79eb109-a754-45d7-b552-a42099eb2265.html
=> Please update your ports tree and try again.
*** [check-vulnerable] Error code 1

Stop in /usr/ports/lang/ruby19.
*** [build] Error code 1

Stop in /usr/ports/lang/ruby19.