Portmaster: How to build vulnerable ports?

bob prohaska fbsd at www.zefox.net
Sat May 20 16:10:03 UTC 2017

In playing with portmaster to compile epiphany the compile stops with

===>>> www/epiphany 1/1 >> cairo-1.14.6,2 >> freetype2-2.7.1 (2/75)

===>  Cleaning for freetype2-2.7.1
===>  freetype2-2.7.1 has known vulnerabilities:
freetype2-2.7.1 is vulnerable:
freetype2 -- buffer overflows
CVE: CVE-2017-8287
CVE: CVE-2017-8105
WWW: https://vuxml.FreeBSD.org/freebsd/4a088d67-3af2-11e7-9d75-c86000169601.html

1 problem(s) in the installed packages found.
=> Please update your ports tree and try again.
=> Note: Vulnerable ports are marked as such even if there is no update available.
=> If you wish to ignore this vulnerability rebuild with 'make DISABLE_VULNERABILITIES=yes'

As it happens, freetype2 is already up to date and installed. I've tried

root at www:/usr/ports # portmaster -m DISABLE_VULNERABILITES=yes --no-confirm www/epiphany [long list of dependencies]

but the -m flag seems to have no effect.

What is the best way to proceed with the compilation? This happens to be on
an RPI2 running -current, but it would be surprising if that matters.

Thanks for reading,

bob prohaska

More information about the freebsd-ports mailing list