Portmaster: How to build vulnerable ports?
bob prohaska
fbsd at www.zefox.net
Sat May 20 16:10:03 UTC 2017
In playing with portmaster to compile epiphany the compile stops with
===>>> www/epiphany 1/1 >> cairo-1.14.6,2 >> freetype2-2.7.1 (2/75)
===> Cleaning for freetype2-2.7.1
===> freetype2-2.7.1 has known vulnerabilities:
freetype2-2.7.1 is vulnerable:
freetype2 -- buffer overflows
CVE: CVE-2017-8287
CVE: CVE-2017-8105
WWW: https://vuxml.FreeBSD.org/freebsd/4a088d67-3af2-11e7-9d75-c86000169601.html
1 problem(s) in the installed packages found.
=> Please update your ports tree and try again.
=> Note: Vulnerable ports are marked as such even if there is no update available.
=> If you wish to ignore this vulnerability rebuild with 'make DISABLE_VULNERABILITIES=yes'
As it happens, freetype2 is already up to date and installed. I've tried
using
root at www:/usr/ports # portmaster -m DISABLE_VULNERABILITES=yes --no-confirm www/epiphany [long list of dependencies]
but the -m flag seems to have no effect.
What is the best way to proceed with the compilation? This happens to be on
an RPI2 running -current, but it would be surprising if that matters.
Thanks for reading,
bob prohaska
More information about the freebsd-ports
mailing list