From owner-freebsd-ports@FreeBSD.ORG  Mon Apr 21 08:29:11 2014
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: ports@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 77BA0539
 for <ports@FreeBSD.org>; Mon, 21 Apr 2014 08:29:11 +0000 (UTC)
Received: from portsmon.freebsd.org (portsmon.freebsd.org
 [IPv6:2001:1900:2254:206a::50:3])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 691811BB3
 for <ports@FreeBSD.org>; Mon, 21 Apr 2014 08:29:11 +0000 (UTC)
Received: from portsmon.freebsd.org ([127.0.1.104])
 by portsmon.freebsd.org (8.14.8/8.14.8) with ESMTP id s3L8TBb6005090
 for <ports@FreeBSD.org>; Mon, 21 Apr 2014 08:29:11 GMT
 (envelope-from linimon@FreeBSD.org)
Date: Mon, 21 Apr 2014 08:29:11 GMT
Message-Id: <201404210829.s3L8TBb6005090@portsmon.freebsd.org>
From: linimon@FreeBSD.org
To: ports@FreeBSD.org
Subject: FreeBSD ports which are currently marked forbidden
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: portmgr-feedback@FreeBSD.org
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports/>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Apr 2014 08:29:11 -0000

As part of an ongoing effort to reduce the number of problems in the
FreeBSD ports system, we periodically notify users about
ports that are marked as "forbidden" in their Makefiles.  Often,
these ports are so marked due to security concerns, such as known
exploits.

An overview of each port, including errors seen on the build farm,
is included below.

portname:           devel/bugzilla40
forbidden because:  no upstream fixes for CVE-2014-1517, see
                    http://www.bugzilla.org/security/4.0.11/
build errors:       none.
overview:           http://portsmon.FreeBSD.org/portoverview.py?category=devel&portname=bugzilla40


portname:           devel/bugzilla42
forbidden because:  no upstream fixes for CVE-2014-1517, see
                    http://www.bugzilla.org/security/4.0.11/
build errors:       none.
overview:           http://portsmon.FreeBSD.org/portoverview.py?category=devel&portname=bugzilla42


portname:           net/asterisk14
forbidden because:  Unsupported for so long that this version is not
                    listed in security advisories
build errors:       none.
overview:           http://portsmon.FreeBSD.org/portoverview.py?category=net&portname=asterisk14


portname:           net/ntp
forbidden because:  CVE-2013-5211 / VU
build errors:       none.
overview:           http://portsmon.FreeBSD.org/portoverview.py?category=net&portname=ntp


portname:           net/ntp-rc
forbidden because:  CVE-2013-5211 / VU
build errors:       none.
overview:           http://portsmon.FreeBSD.org/portoverview.py?category=net&portname=ntp-rc


portname:           www/openx
forbidden because:  CVE-2013-7149
build errors:       none.
overview:           http://portsmon.FreeBSD.org/portoverview.py?category=www&portname=openx