lang/go security problem on one but not the other

Kevin Oberman rkoberman at
Wed Sep 2 16:24:38 UTC 2015

On Wed, Sep 2, 2015 at 8:36 AM, Rob Belics <rob at> wrote:

> I have a server and my workstation. Both run FreeBSD 10.2-RELEASE. Both had
> lang/go version 1.4 on them. lang/go version 1.5 was released in ports and
> it builds on my local workstation, including reinstalling version 1.4.2
> but, on the server, it complains about the previous security
> vulnerabilities and won't build.
> I tried uninstalling both and deleted the distifles but that didn't change
> anything. Why and what should I do?

Vulnerabilities are checked against a flat XML file that is normally
located in /var/db/pkg/vuln.xml. Check the dates of this file on both
systems. It should be updated daily when the periodic security check runs.
By default this starts at 3:00 local time. If the file is not being updated
on one system, that would explain the inconsistency.

Are you receiving the logs of the periodic jobs daily? They are sent to
Kevin Oberman, Network Engineer, Retired
E-mail: rkoberman at
PGP Fingerprint: D03FB98AFA78E3B78C1694B318AB39EF1B055683

More information about the freebsd-ports mailing list