svn update /usr/doc /usr/src /usr/ports && make fetchindex && pkg audit -F portmaster -BvDa -y ===>>> The following actions will be taken if you choose to proceed: Upgrade openssh-portable-7.1.p1_4,1 to openssh-portable-7.1.p2,1 ===>>> Proceed? y/n [y] ===>>> Starting build for ports that need updating <<<=== ===>>> Launching child to install security/openssh-portable ===>>> All >> security/openssh-portable (1/1) ===>>> Currently installed version: openssh-portable-7.1.p1_4,1 ===>>> Port directory: /usr/ports/security/openssh-portable ===>>> Starting check for build dependencies ===>>> Gathering dependency list for security/openssh-portable from ports ===>>> Starting dependency check ===>>> Checking dependency: devel/autoconf ===>>> Checking dependency: ports-mgmt/pkg ===>>> Checking dependency: security/libressl ===>>> Dependency check complete for security/openssh-portable ===>>> All >> openssh-portable-7.1.p1_4,1 (1/1) ===> Cleaning for openssh-portable-7.1.p2,1 ===> openssh-portable-7.1.p2,1 has known vulnerabilities: openssh-portable-7.1.p2,1 is vulnerable: openssh -- information disclosure CVE: CVE-2016-0778 CVE: CVE-2016-0777 WWW: https://vuxml.FreeBSD.org/freebsd/dfe0cdc1-baf2-11e5-863a-b499baebfeaf.html 1 problem(s) in the installed packages found. => Please update your ports tree and try again. => Note: Vulnerable ports are marked as such even if there is no update available. => If you wish to ignore this vulnerability rebuild with 'make DISABLE_VULNERABILITIES=yes' *** Error code 1 Stop. make[1]: stopped in /usr/ports/security/openssh-portable *** Error code 1 Stop. make: stopped in /usr/ports/security/openssh-portable ===>>> make build failed for security/openssh-portable ===>>> Aborting update ===>>> Update for security/openssh-portable failed ===>>> Aborting update ===>>> You can restart from the point of failure with this command line: portmaster <flags> security/openssh-portable Exit 1
It is addressed and fixed. Please run "pkg audit -F" again.
pkg audit -F vulnxml file up-to-date openssh-portable-7.1.p1_4,1 is vulnerable: openssh -- information disclosure CVE: CVE-2016-0778 CVE: CVE-2016-0777 WWW: https://vuxml.FreeBSD.org/freebsd/dfe0cdc1-baf2-11e5-863a-b499baebfeaf.html 1 problem(s) in the installed packages found. Does not help.
Now fixed.