Changeset View
Changeset View
Standalone View
Standalone View
Mk/Scripts/check-vulnerable.sh
Show All 14 Lines | |||||
# If the package is pkg, disable these checks, it fails while | # If the package is pkg, disable these checks, it fails while | ||||
# upgrading when pkg is not there. | # upgrading when pkg is not there. | ||||
# FIXME: check is this is still true | # FIXME: check is this is still true | ||||
if [ "${dp_PORTNAME}" = "pkg" ]; then | if [ "${dp_PORTNAME}" = "pkg" ]; then | ||||
exit 0 | exit 0 | ||||
fi | fi | ||||
if [ -x "${dp_PKG_BIN}" ]; then | if [ ! -x "${dp_PKG_BIN}" ]; then | ||||
exit 0 | |||||
fi | |||||
vlist=$(${dp_PKG_BIN} audit "${dp_PKGNAME}" || :) | vlist=$(${dp_PKG_BIN} audit "${dp_PKGNAME}" || :) | ||||
if [ "${vlist}" = "0 problem(s) in the installed packages found." ]; then | |||||
vlist="" | if [ "${vlist}" != "0 problem(s) in the installed packages found." ]; then | ||||
else | |||||
${dp_ECHO_MSG} "===> ${dp_PKGNAME} has known vulnerabilities:" | ${dp_ECHO_MSG} "===> ${dp_PKGNAME} has known vulnerabilities:" | ||||
${dp_ECHO_MSG} "$vlist" | ${dp_ECHO_MSG} "$vlist" | ||||
${dp_ECHO_MSG} "=> Please update your ports tree and try again." | ${dp_ECHO_MSG} "=> Please update your ports tree and try again." | ||||
${dp_ECHO_MSG} "=> Note: Vulnerable ports are marked as such even if there is no update available." | ${dp_ECHO_MSG} "=> Note: Vulnerable ports are marked as such even if there is no update available." | ||||
${dp_ECHO_MSG} "=> If you wish to ignore this vulnerability rebuild with 'make DISABLE_VULNERABILITIES=yes'" | ${dp_ECHO_MSG} "=> If you wish to ignore this vulnerability rebuild with 'make DISABLE_VULNERABILITIES=yes'" | ||||
exit 1 | exit 1 | ||||
fi | |||||
fi | fi |