Portmaster: How to build vulnerable ports?
Herbert J. Skuhra
herbert at mailbox.org
Sat May 20 16:24:36 UTC 2017
bob prohaska skrev:
> In playing with portmaster to compile epiphany the compile stops with
> ===>>> www/epiphany 1/1 >> cairo-1.14.6,2 >> freetype2-2.7.1 (2/75)
> ===> Cleaning for freetype2-2.7.1
> ===> freetype2-2.7.1 has known vulnerabilities:
> freetype2-2.7.1 is vulnerable:
> freetype2 -- buffer overflows
> CVE: CVE-2017-8287
> CVE: CVE-2017-8105
> WWW: https://vuxml.FreeBSD.org/freebsd/4a088d67-3af2-11e7-9d75-c86000169601.html
> 1 problem(s) in the installed packages found.
> => Please update your ports tree and try again.
> => Note: Vulnerable ports are marked as such even if there is no update available.
> => If you wish to ignore this vulnerability rebuild with 'make DISABLE_VULNERABILITIES=yes'
> As it happens, freetype2 is already up to date and installed. I've tried
r441132 | kwm | 2017-05-18 10:46:06 +0200 (Thu, 18 May 2017) | 14 lines
Update freetype2 to 2.8.
> root at www:/usr/ports # portmaster -m DISABLE_VULNERABILITES=yes --no-confirm www/epiphany [long list of dependencies]
More information about the freebsd-ports