From owner-freebsd-stable@FreeBSD.ORG  Sat Mar  9 09:36:06 2013
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id A2D2D90A
 for <freebsd-stable@freebsd.org>; Sat,  9 Mar 2013 09:36:06 +0000 (UTC)
 (envelope-from ohartman@zedat.fu-berlin.de)
Received: from outpost1.zedat.fu-berlin.de (outpost1.zedat.fu-berlin.de
 [130.133.4.66]) by mx1.freebsd.org (Postfix) with ESMTP id 4745C77F
 for <freebsd-stable@freebsd.org>; Sat,  9 Mar 2013 09:36:05 +0000 (UTC)
Received: from inpost2.zedat.fu-berlin.de ([130.133.4.69])
 by outpost1.zedat.fu-berlin.de (Exim 4.80.1)
 for freebsd-stable@freebsd.org with esmtp
 (envelope-from <ohartman@zedat.fu-berlin.de>)
 id <1UEGCD-000luI-2f>; Sat, 09 Mar 2013 10:36:05 +0100
Received: from e178025158.adsl.alicedsl.de ([85.178.25.158]
 helo=munin.geoinf.fu-berlin.de)
 by inpost2.zedat.fu-berlin.de (Exim 4.80.1)
 for freebsd-stable@freebsd.org with esmtpsa
 (envelope-from <ohartman@zedat.fu-berlin.de>)
 id <1UEGCD-0035Oa-0G>; Sat, 09 Mar 2013 10:36:05 +0100
Message-ID: <513B02C5.9090406@zedat.fu-berlin.de>
Date: Sat, 09 Mar 2013 10:37:09 +0100
From: "Hartmann, O." <ohartman@zedat.fu-berlin.de>
Organization: FU Berlin
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64;
 rv:17.0) Gecko/20130309 Thunderbird/17.0.4
MIME-Version: 1.0
To: FreeBSD Stable <freebsd-stable@freebsd.org>
Subject: lang/ruby19: ruby-1.9.3.392,1 is vulnerable: ** [check-vulnerable]
 Error code 1
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: 7bit
X-Originating-IP: 85.178.25.158
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Mar 2013 09:36:06 -0000

I try to compile port lang/ruby19 and I always get on a FreeBSD
9.1-STABLE box the following error message, which is obviously triggered
by some port auditing - but I do not find the "knob" to switch it off.

Can someone give a hint, please?

Regards,

Oliver

===>  Cleaning for ruby-1.9.3.392,1
===>  ruby-1.9.3.392,1 has known vulnerabilities:
ruby-1.9.3.392,1 is vulnerable:
Ruby -- XSS exploit of RDoc documentation generated by rdoc

WWW: http://portaudit.FreeBSD.org/d3e96508-056b-4259-88ad-50dc8d1978a6.html

ruby-1.9.3.392,1 is vulnerable:
Ruby -- Denial of Service and Unsafe Object Creation Vulnerability in JSON

WWW: http://portaudit.FreeBSD.org/c79eb109-a754-45d7-b552-a42099eb2265.html
=> Please update your ports tree and try again.
*** [check-vulnerable] Error code 1

Stop in /usr/ports/lang/ruby19.
*** [build] Error code 1

Stop in /usr/ports/lang/ruby19.