FreeBSD portupgrade without port vulnerability check
Portupgrade,
portinstall are two tools used to upgrade installed packages or install new ones via ports or packages systems.
man portupgrade:
Quote:
SYNOPSIS
portupgrade [-habcCDDefFiknNOpPPqrRsuvwWy] [-A command] [-B command]
[-l file] [-L format] [-S command] [-x pkgname_glob]
[[-o origin] [-m make_args] [-M make_env] pkgname_glob ...]
DESCRIPTION
The portupgrade command is used to upgrade installed packages via ports
or packages. The portinstall command is equivalent to portupgrade -N.
Before reading these instructions, you must understand that a port/pack-
age can have the following two types of related ports/packages:
required Ports/packages that a port/package needs for it to be built
and/or run. Port Makefiles refer to this type of ports/pack-
ages using the BUILD_DEPENDS and RUN_DEPENDS macros, respec-
tively.
dependent Ports/packages that need this port/package.
...
-m
--make-args Specify arguments to append to each make(1) com-
mand line.
In order to upgrade a package for which there is a vulnerability report (related to it's version), the
DISABLE_VULNERABILITIES=yes make argument can be passed to portupgrade:
Code:
# portupgrade -m DISABLE_VULNERABILITIES=yes hackedftpd
A list of FreeBSD ports vulnerability reports can be found at VuXML project:
http://www.vuxml.org/freebsd/index.html