Can't reinstall linux-f10-openldap

Lowell Gilbert freebsd-questions-local at
Mon May 19 20:54:00 UTC 2014

Walter Hurry <walterhurry at> writes:

> On Mon, 19 May 2014 13:47:16 -0400, Lowell Gilbert wrote:
>> Walter Hurry <walterhurry at> writes:
>>> I'm trying to reinstall net/linux-f10-openldap, but am being prevented
>>> from doing so.
>>> ------------------------------------------------------------
>>> ===>  linux-f10-openldap-2.4.12_1 has known vulnerabilities:
>>> linux-f10-openldap-2.4.12_1 is vulnerable:
>>> OpenLDAP -- incorrect handling of NULL in certificate Common Name CVE:
>>> CVE-2009-3767 WWW:
>>> a5ac-001b21614864.html => Please update your ports tree and try again.
>>> *** [check-vulnerable] Error code 1
>>> Stop in /usr/ports/net/linux-f10-openldap.
>>> ------------------------------------------------------------
>>> The portaudit web page says that there is indeed a vulnerability in
>>> this version, but it is the latest version available in the ports tree.
>>> Is there any way around this?
>> The only options are the obvious ones:
>>  1) Override the vulnerability warning and install anyway.
> <snip>
> Thanks for the reply. How do I implement option 1? Sorry, but there are 
> huge gaps in my FreeBSD knowledge.

You set an environment variable, DISABLE_VULNERABILITIES. It's listed in
the manual for ports(7), although I think the reference to the portaudit
port is no longer applicable.

> This is FreeBSD 9.2 (amd64), and I was using 'portupgrade -f'. 

portupgrade may have its own settings for that; I don't have it
installed at the moment, so I can't easily check.

Good luck.

More information about the freebsd-questions mailing list