There're at least two vulnerabilities (one critical and one moderate) in the port. There aren't fixes by upsream. Last version (6.7.6) has been released on on Mar 18, 2021. Current port version (6.7.4) has been released on Jun 3, 2020. I think the port should be marked as deprecated.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=091bf2a40acc9257a3bedbd5782eb3d7c6b714ef commit 091bf2a40acc9257a3bedbd5782eb3d7c6b714ef Author: Thomas Zander <riggs@FreeBSD.org> AuthorDate: 2022-02-26 15:13:06 +0000 Commit: Thomas Zander <riggs@FreeBSD.org> CommitDate: 2022-02-26 15:17:21 +0000 www/grafana6: Mark deprecated, for removal on 2022-03-31 Details: - 6.x branch is deprecated upstream - Has unfixed vulnerabilities - grafana7 and grafana8 are available as replacements - no consumers of grafana6 in the ports tree PR: 261560 Reported by: Boris Korzun <drtr0jan@yandex.ru> Approved by: Maintainer timeout (4 weeks) MFH: 2022Q1 Security: CVE-2022-21702 CVE-2022-21703 CVE-2022-21713 www/grafana6/Makefile | 4 ++++ 1 file changed, 4 insertions(+)
A commit in branch 2022Q1 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=f31ef9255a0c42051abd6885945245c7cf2520b4 commit f31ef9255a0c42051abd6885945245c7cf2520b4 Author: Thomas Zander <riggs@FreeBSD.org> AuthorDate: 2022-02-26 15:13:06 +0000 Commit: Thomas Zander <riggs@FreeBSD.org> CommitDate: 2022-02-26 15:18:50 +0000 www/grafana6: Mark deprecated, for removal on 2022-03-31 Details: - 6.x branch is deprecated upstream - Has unfixed vulnerabilities - grafana7 and grafana8 are available as replacements - no consumers of grafana6 in the ports tree PR: 261560 Reported by: Boris Korzun <drtr0jan@yandex.ru> Approved by: Maintainer timeout (4 weeks) MFH: 2022Q1 Security: CVE-2022-21702 CVE-2022-21703 CVE-2022-21713 (cherry picked from commit 091bf2a40acc9257a3bedbd5782eb3d7c6b714ef) www/grafana6/Makefile | 4 ++++ 1 file changed, 4 insertions(+)
Removing the port...