Just shot myself into my foot running portaudit – it prevented me from upgrading a port because it contained vulnerabilities. Ok, it’s usually a good idea to get informations about vulnerabilites in the installed ports and preventing the careless admin from installing bugy software, but sometimes it just hurts. This time it was about a port containing more than one security flaw where the upgrade would fix some but not all vulnerabilities. So it’s clear what one should do: install the new version and wait for the next bug free release. But the
portupgrade command keeps failing. Here’s how to let it ignore the concerns it raises:
portupgrade -m -DDISABLE_VULNERABILITIES Happy upgrading!