From owner-freebsd-ports@freebsd.org Sat May 20 16:24:36 2017 Return-Path: Delivered-To: freebsd-ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1C0DFD76420 for ; Sat, 20 May 2017 16:24:36 +0000 (UTC) (envelope-from herbert@mailbox.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 01BBD1AED for ; Sat, 20 May 2017 16:24:36 +0000 (UTC) (envelope-from herbert@mailbox.org) Received: by mailman.ysv.freebsd.org (Postfix) id 010C8D7641F; Sat, 20 May 2017 16:24:36 +0000 (UTC) Delivered-To: ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 00AE1D7641E for ; Sat, 20 May 2017 16:24:36 +0000 (UTC) (envelope-from herbert@mailbox.org) Received: from mx2.mailbox.org (mx2.mailbox.org [80.241.60.215]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.mailbox.org", Issuer "SwissSign Server Silver CA 2014 - G22" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B78DE1AEC for ; Sat, 20 May 2017 16:24:35 +0000 (UTC) (envelope-from herbert@mailbox.org) Received: from smtp2.mailbox.org (smtp2.mailbox.org [80.241.60.241]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx2.mailbox.org (Postfix) with ESMTPS id 0D85A4456F for ; Sat, 20 May 2017 18:15:11 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mailbox.org; h= content-type:content-type:mime-version:references:in-reply-to :subject:subject:from:from:message-id:date:date:received; s= mail20150812; t=1495296909; bh=JmKLl1WSzqv5P+EQTsEYE2+mytRvQZzS1 Xhk9u82ZDE=; b=t2VKsDxkn/2UdBxIarMoYyvuYrn44hqbM3bZSqJQ4lvycEf2U 7R9m8Fj7QrDEH6IoXlrYcD6dmo3B6BeGLwP82r2WW29jFCagcQPbwUHLGsGu7jdM txH3emPlYz0iVqMVhXJzb8n7cDwkiDXqW9W8hEKbdZPZ3hJ3zUzkBnTSIiTKpEJ/ QgRRprJpyfx+YbOnoM7B5R54FjYVNMbaR5oFdypQcVua6KBkEuOVsvmtTBNsukb1 CMCE+4Je9Qlqcczhb6v09W5rvEzckKcT09MHAx1vOE7oloVw736+xBs4oPvtw3Ug 8x9/qXdchab/H8uGPO5BUU637qhcJvBczKmGQ== X-Virus-Scanned: amavisd-new at heinlein-support.de Received: from smtp2.mailbox.org ([80.241.60.241]) by spamfilter03.heinlein-hosting.de (spamfilter03.heinlein-hosting.de [80.241.56.117]) (amavisd-new, port 10030) with ESMTP id G8--KPGGMHcd for ; Sat, 20 May 2017 18:15:09 +0200 (CEST) Date: Sat, 20 May 2017 18:15:09 +0200 Message-ID: <87d1b3v71u.wl-herbert@mailbox.org> From: "Herbert J. Skuhra" To: ports@freebsd.org Subject: Re: Portmaster: How to build vulnerable ports? In-Reply-To: <20170520160957.GA16003@www.zefox.net> References: <20170520160957.GA16003@www.zefox.net> MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 20 May 2017 16:24:36 -0000 bob prohaska skrev: > > In playing with portmaster to compile epiphany the compile stops with > ===>>> www/epiphany 1/1 >> cairo-1.14.6,2 >> freetype2-2.7.1 (2/75) > > ===> Cleaning for freetype2-2.7.1 > ===> freetype2-2.7.1 has known vulnerabilities: > freetype2-2.7.1 is vulnerable: > freetype2 -- buffer overflows > CVE: CVE-2017-8287 > CVE: CVE-2017-8105 > WWW: https://vuxml.FreeBSD.org/freebsd/4a088d67-3af2-11e7-9d75-c86000169601.html > > 1 problem(s) in the installed packages found. > => Please update your ports tree and try again. > => Note: Vulnerable ports are marked as such even if there is no update available. > => If you wish to ignore this vulnerability rebuild with 'make DISABLE_VULNERABILITIES=yes' > > > As it happens, freetype2 is already up to date and installed. I've tried > using No, r441132 | kwm | 2017-05-18 10:46:06 +0200 (Thu, 18 May 2017) | 14 lines Update freetype2 to 2.8. > root@www:/usr/ports # portmaster -m DISABLE_VULNERABILITES=yes --no-confirm www/epiphany [long list of dependencies] Typo here. -- Herbert