FreeBSD WARNING: Vulnerability Database Out of Date, Checking Anyway Error and Solution

Q. While installing any FreeBSD port I’m getting following error message:
….
===> FreeBSD WARNING: Vulnerability Database Out of Date, Checking Anyway

ADVERTISEMENTS

How do I fix this warning message?

A. You need to install portaudit package to get rid of this error message. portaudit command checks installed packages for known vulnerabilities and generates reports including references to security advisories. If you have a vulnerable package installed, you are advised to update or deinstall it immediately. his package also installs a script into /usr/local/etc/periodic/security that regularly updates this database and includes a report of vulnerable packages in the daily security report.

Login as the root and type the following command to fix this issue:
# cd /usr/ports/ports-mgmt/portaudit
# make install clean
# /usr/local/sbin/portaudit -Fda

Now you should able to install any port without vulnerability database out of date error.

🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source/DevOps topics:
CategoryList of Unix and Linux commands
File Managementcat
FirewallCentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNCentOS 8 Debian 10 Firewall Ubuntu 20.04

ADVERTISEMENTS
4 comments… add one
  • Guy Jul 1, 2008 @ 7:20

    shouldn’t that be
    cd /usr/ports/ports-mgmt/portaudit

  • 🐧 nixCraft Jul 1, 2008 @ 7:44

    Guy,

    Thanks for the heads up. The FAQ has been updated.

  • Rianav Jan 9, 2010 @ 19:48

    How long can this be experted to take, on say, a 2007 laptop? And with 500 ports installed? Thank you.

  • hplogsdon Feb 12, 2010 @ 6:47

    @Rianav Not long.

    portaudit checks the database of installed packages/ports against a list of known to be vulnerable ports. It doesn’t necessarily have to check every file every port installs every time its run. On a VM I have running right now, it took about 2 seconds to report anything back. It has appx 300 ports installed.

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.