Linux, FreeBSD, Juniper, Cisco / Network security articles and troubleshooting guides
https://forum.ivorde.com/

FreeBSD portupgrade without port vulnerability check
https://forum.ivorde.com/freebsd-portupgrade-without-port-vulnerability-check-t64.html
Page 1 of 1

Author:  mandrei99 [ Thu Mar 18, 2010 6:12 am ]
Post subject:  FreeBSD portupgrade without port vulnerability check

Portupgrade, portinstall are two tools used to upgrade installed packages or install new ones via ports or packages systems.

man portupgrade:
Quote:
SYNOPSIS
portupgrade [-habcCDDefFiknNOpPPqrRsuvwWy] [-A command] [-B command]
[-l file] [-L format] [-S command] [-x pkgname_glob]
[[-o origin] [-m make_args] [-M make_env] pkgname_glob ...]

DESCRIPTION
The portupgrade command is used to upgrade installed packages via ports
or packages. The portinstall command is equivalent to portupgrade -N.

Before reading these instructions, you must understand that a port/pack-
age can have the following two types of related ports/packages:
required Ports/packages that a port/package needs for it to be built
and/or run. Port Makefiles refer to this type of ports/pack-
ages using the BUILD_DEPENDS and RUN_DEPENDS macros, respec-
tively.
dependent Ports/packages that need this port/package.
...
-m
--make-args Specify arguments to append to each make(1) com-
mand line.


In order to upgrade a package for which there is a vulnerability report (related to it's version), the DISABLE_VULNERABILITIES=yes make argument can be passed to portupgrade:

Code:
# portupgrade -m DISABLE_VULNERABILITIES=yes hackedftpd


A list of FreeBSD ports vulnerability reports can be found at VuXML project: http://www.vuxml.org/freebsd/index.html

Page 1 of 1 All times are UTC - 5 hours [ DST ]
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
http://www.phpbb.com/