FreeBSD portaudit is one very usefull security tool that checks installed packages for known vulnerabilities and generates reports including references to security advisories. Its intended audience is system administrators and individual users.Portaudit uses a database maintained by port committers and the FreeBSD security team to check if security advisories for any installed packages exist. Note that a current ports tree (or any local copy of the ports tree) is not required for operation. This package also installs a script into /usr/local/etc/periodic/security that regularly updates this database and includes a report of vulnerable packages in the daily security report. If you have a vulnerable package installed, you are advised to update or deinstall it immediately.

Install FreeBSD port even though portaudit reports vulnerability - Ignore portaudit

If you want to install a port and portaudit reports vulnerabilities for this port, you can bypass portaudit by using make -DDISABLE_VULNERABILITIES:

$ cd /usr/ports/lang/php4 $ make -DDISABLE_VULNERABILITIES

 

Upgrade FreeBSD port even though portaudit reports vulnerability

For upgrading ports on FreeBSD, you can you use portupgrade. In case that portupgrade tells that it cannot continue because the port has a vulnerability reported by portaudit, bypass the vulnerability check with portupgrade -m DISABLE_VULNERABILITIES=yes port_name

$ portupgrade -m DISABLE_VULNERABILITIES=yes por_name

I do not recommend using these methods unless you know what you're doing. Good luck.

Also read: How to check for vulnerabilities installed ports on FreeBSD box

 

Bookmarks:

Echo "FreeBSD force port installation/upgrade even though portaudit reports vulnerability for it" around:

-------------------advertising-----------------