On 16/07/2014 7:48 AM, Bryan Drewery wrote:
> On 7/15/2014 7:45 AM, René Ladan wrote:
>> Hi,
>>
>> according to Freshports [1] there are currently 24 vulnerable ports not
>> marked as forbidden.
>> How about checking this list on a regular basis and marking such ports and
>> forbidden and optionally as deprecated? This would inform users not using
>> vuxml earlier about vulnerabilities.
>>
>> [1] http://www.freshports.org/ports-vulnerable.php
>>
>> Regards,
>> René
>> _______________________________________________
> Do take it case-by-case though. Doing this wipes out most Linux ports
> IIRC. Some of the vulns documented are not worthy of a FORBIDDEN.
>
Good point Bryan. I've added this to my /usr/ports/Mk/bsd.port.mk to
accomodate an ability to choose and make my own informed decision. It
might be worthy of adoption:
--- /usr/ports/Mk/bsd.port.mk.orig2 2014-07-16 10:28:19.000000000 +1000
+++ /usr/ports/Mk/bsd.port.mk 2014-07-16 10:28:31.000000000 +1000
@@ -3036,7 +3036,7 @@
.if !defined(TRYBROKEN)
IGNORE= is marked as broken on ${ARCH}: ${BROKEN_${ARCH}}
.endif
-.elif defined(FORBIDDEN)
+.elif defined(FORBIDDEN) && !defined(NO_IGNORE_FORBIDDEN)
IGNORE= is forbidden: ${FORBIDDEN}
.endif
The use of NO_IGNORE is far too course, so NO_IGNORE_FORBIDDEN is a
compromise. :)
_______________________________________________
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
