From nobody Sun Jun 12 19:49:35 2022 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id A351F84547C for ; Sun, 12 Jun 2022 19:50:12 +0000 (UTC) (envelope-from 93ab.82.c38900003baf31.bd047cba9bd9b2933f47c933fcc7e638@email-od.com) Received: from s1-b515.socketlabs.email-od.com (s1-b515.socketlabs.email-od.com [142.0.181.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4LLlfW4rygz3Kd9 for ; Sun, 12 Jun 2022 19:50:11 +0000 (UTC) (envelope-from 93ab.82.c38900003baf31.bd047cba9bd9b2933f47c933fcc7e638@email-od.com) DKIM-Signature: v=1; a=rsa-sha256; d=tundraware.com;s=slkey; c=relaxed/relaxed; q=dns/txt; t=1655063412; x=1657655412; h=x-tundraware-mailscanner-from:x-greylist:content-transfer-encoding:content-type:subject:from:to:content-language:mime-version:date:message-id:x-thread-info:subject:to:from:cc:reply-to; bh=5p1uqKuRoV+8EkYzoUjLqb6JLsBQ9ygwYN6MhJBTiSg=; b=ZxwwN9qsps+3twSKpYGc+kxEPn32SRXeACx0Fq8I/jM37yGJTHVsI3mO6DFZHsnJ05wyGj8Ondje5XQ179YCJ4UKUNc5OKbY0kn+s8+Kxn4jIta3Wu4S2NyFySF03kzupyAyq4L/ogkhYWzvQlyvVKxWCdPgUVG12NIRv7YLK4SaRQP6L/IoD7QQNNdbn7UVXixYIDY9vV3MbAX70+0ha+fvmDlgwM1NX9WJEqxSwonyN+Ma+M4v8SeQm+vO2KohUEqktfdcLGcs8LYymIYNCBxKonJd7eFOeW3bH/Dz55I+hQEev8UA9OrpDD+GgDg8ysxKR/ZOmMDRV+lewewHEg== DKIM-Signature: v=1; a=rsa-sha256; d=email-od.com;i=@email-od.com;s=dkim; c=relaxed/relaxed; q=dns/txt; t=1655063412; x=1657655412; h=x-tundraware-mailscanner-from:x-greylist:content-transfer-encoding:content-type:subject:from:to:content-language:mime-version:date:message-id:x-thread-info:subject:to:from:cc:reply-to; bh=5p1uqKuRoV+8EkYzoUjLqb6JLsBQ9ygwYN6MhJBTiSg=; b=tbd2ets+xdvBjzkXZ82D7S/PSTEiICPc0wK4xus9TXHNYu0IaZYutwQKF1XHpbasIyWabmQ3yvMvULSvBWzT2P6HFm9gd4WQD6JjDiZrrzALkbXTqTxqXrC+HZLY/ry4LR320Maf4msAyM1WEPXf7H6ptV4nlNaXZcv2EIdyO1I= X-Thread-Info: OTNhYi4xMi5jMzg5MDAwMDNiYWYzMS5mcmVlYnNkLXF1ZXN0aW9ucz1mcmVlYnNkLm9yZw== Received: from r2.us-east-2.aws.in.socketlabs.com (r2.us-east-2.aws.in.socketlabs.com [142.0.189.2]) by mxh4.email-od.com with ESMTP(version=Tls12 cipher=Aes256 bits=256); Sun, 12 Jun 2022 15:49:54 -0400 Received: from oceanview.tundraware.com (oceanview.tundraware.com [45.55.60.57]) by r2.us-east-2.aws.in.socketlabs.com with ESMTP(version=Tls12 cipher=Aes256 bits=256); Sun, 12 Jun 2022 15:49:54 -0400 Received: from [192.168.0.2] (ozzie.tundraware.com [75.145.138.73]) (authenticated bits=0) by oceanview.tundraware.com (8.16.1/8.16.1) with ESMTPSA id 25CJnehm042025 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO) for ; Sun, 12 Jun 2022 14:49:41 -0500 (CDT) (envelope-from tundra@tundraware.com) Message-ID: Date: Sun, 12 Jun 2022 14:49:35 -0500 List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.9.1 Content-Language: en-US To: FreeBSD Mailing List From: Tim Daneliuk Subject: Curious Ports Behavior Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.4 (oceanview.tundraware.com [45.55.60.57]); Sun, 12 Jun 2022 14:49:41 -0500 (CDT) X-TundraWare-MailScanner-Information: Please contact the ISP for more information X-TundraWare-MailScanner-ID: 25CJnehm042025 X-TundraWare-MailScanner: Found to be clean X-TundraWare-MailScanner-SpamCheck: not spam (whitelisted), SpamAssassin (not cached, score=-2.91, required 6, autolearn=not spam, ALL_TRUSTED -1.00, BAYES_00 -1.90, T_SCC_BODY_TEXT_LINE -0.01) X-TundraWare-MailScanner-From: tundra@tundraware.com X-Spam-Status: No X-Rspamd-Queue-Id: 4LLlfW4rygz3Kd9 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=tundraware.com header.s=slkey header.b=ZxwwN9qs; dkim=pass header.d=email-od.com header.s=dkim header.b=tbd2ets+; dmarc=pass (policy=reject) header.from=tundraware.com; spf=pass (mx1.freebsd.org: domain of 93ab.82.c38900003baf31.bd047cba9bd9b2933f47c933fcc7e638@email-od.com designates 142.0.181.21 as permitted sender) smtp.mailfrom=93ab.82.c38900003baf31.bd047cba9bd9b2933f47c933fcc7e638@email-od.com X-Spamd-Result: default: False [-2.75 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:142.0.176.0/20]; RCVD_COUNT_THREE(0.00)[4]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[tundraware.com:+,email-od.com:+]; DMARC_POLICY_ALLOW(-0.50)[tundraware.com,reject]; NEURAL_HAM_SHORT(-0.06)[-0.055]; FORGED_SENDER(0.30)[tundra@tundraware.com,93ab.82.c38900003baf31.bd047cba9bd9b2933f47c933fcc7e638@email-od.com]; RECEIVED_SPAMHAUS_PBL(0.00)[45.55.60.57:received]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:53658, ipnet:142.0.180.0/22, country:US]; FROM_NEQ_ENVFROM(0.00)[tundra@tundraware.com,93ab.82.c38900003baf31.bd047cba9bd9b2933f47c933fcc7e638@email-od.com]; MID_RHS_MATCH_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[email-od.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[tundraware.com:s=slkey,email-od.com:s=dkim]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-0.99)[-0.990]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; RCVD_IN_DNSWL_NONE(0.00)[142.0.181.21:from,142.0.189.2:received]; MLMMJ_DEST(0.00)[freebsd-questions] X-ThisMailContainsUnwantedMimeParts: N Two machines, one physical running on an older i5. The other is a cloud based virtual machine. Both running 13.1-STABLE as of 6/1/2022 I just did a fresh clone of the ports tree on both machines before asking here. When I attempt to compile www/apache23 on the VM, I have no problems. But attempting to compile www/apach23 on the physical machine emits this: ===> apache24-2.4.54 has known vulnerabilities: apache24-2.4.54 is vulnerable: Apache httpd -- Multiple vulnerabilities CVE: CVE-2022-26377 CVE: CVE-2022-28330 CVE: CVE-2022-28614 CVE: CVE-2022-28615 CVE: CVE-2022-29404 CVE: CVE-2022-30522 CVE: CVE-2022-30556 CVE: CVE-2022-31813 WWW: https://vuxml.FreeBSD.org/freebsd/49adfbe5-e7d1-11ec-8fbd-d4c9ef517024.html IOW, the physical machine port installation stops because of known vulnerabilities, but the VM instance works fine. There is no evidence of "DISABLE_VULNERABILITIES" in the VM's environment or /etc/make.conf Can anyone suggest a reason for this difference of behavior and/or a possible remediation. I don't want servers running with high severity vulnerabilities ...