# webkit2-gtk3 multiple vulnerabilities!



## teo (Jul 11, 2019)

Hello!

When trying to update webkit2-gtk3  end up giving error, the system detects that vulnerability, how to fix it?

# `pkg audit -F`

```
vulnxml file up-to-date
webkit2-gtk3-2.24.0_1 is vulnerable:
webkit2-gtk3 -- Multiple vulnerabilities
CVE: CVE-2019-8623
CVE: CVE-2019-8622
CVE: CVE-2019-8619
CVE: CVE-2019-8611
CVE: CVE-2019-8615
CVE: CVE-2019-8610
CVE: CVE-2019-8609
CVE: CVE-2019-8608
CVE: CVE-2019-8607
CVE: CVE-2019-8601
CVE: CVE-2019-8597
CVE: CVE-2019-8596
CVE: CVE-2019-8595
CVE: CVE-2019-8594
CVE: CVE-2019-8587
CVE: CVE-2019-8586
CVE: CVE-2019-8584
CVE: CVE-2019-8583
CVE: CVE-2019-8571
CVE: CVE-2019-6237
CVE: CVE-2019-11070
CVE: CVE-2019-8563
CVE: CVE-2019-8559
CVE: CVE-2019-8558
CVE: CVE-2019-8551
CVE: CVE-2019-8544
CVE: CVE-2019-8536
CVE: CVE-2019-8535
CVE: CVE-2019-8524
CVE: CVE-2019-8523
CVE: CVE-2019-8518
CVE: CVE-2019-8515
CVE: CVE-2019-8506
CVE: CVE-2019-8503
CVE: CVE-2019-7292
CVE: CVE-2019-7285
CVE: CVE-2019-6251
CVE: CVE-2019-6201
WWW: https://vuxml.FreeBSD.org/freebsd/3dd46e05-9fb0-11e9-bf65-00012e582166.html

1 problem(s) in 1 installed package(s) found.
#
```

# `portmaster -o www/webkit2-gtk3 www/webkit2-gtk3`

```
.......................                    ......................               ..................
           .......................                    ......................               ..................

/bin/sh ./../mkinstalldirs /usr/ports/devel/gperf/work/stage/usr/local/share/doc/gperf
mkdir /usr/ports/devel/gperf/work/stage/usr/local/share/doc/gperf
install -m 0644 ./gperf.html /usr/ports/devel/gperf/work/stage/usr/local/share/doc/gperf/gperf.html
====> Compressing man pages (compress-man)
===>>> Starting check for runtime dependencies
===>>> Gathering dependency list for devel/gperf from ports
===>>> Dependency check complete for devel/gperf

===>>> webkit2-gtk3-2.24.0_1 >> devel/gperf (38/39)

===> Installing for gperf-3.0.3_2
===> Checking if gperf is already installed
===> Registering installation for gperf-3.0.3_2 as automatic
Installing gperf-3.0.3_2...

===>>> Installation of devel/gperf (gperf-3.0.3_2) succeeded


===>>> Returning to dependency check for www/webkit2-gtk3
===>>> Launching child to install devel/ninja

===>>> webkit2-gtk3-2.24.0_1 >> devel/ninja (39/39)

===>>> Port directory: /usr/ports/devel/ninja

===>>> Starting check for build dependencies
===>>> Gathering dependency list for devel/ninja from ports
===>>> Dependency check complete for devel/ninja

===>>> webkit2-gtk3-2.24.0_1 >> devel/ninja (39/39)

===> Cleaning for ninja-1.9.0,2
===> License APACHE20 accepted by the user
===> ninja-1.9.0,2 depends on file: /usr/local/sbin/pkg - found
===> Fetching all distfiles required by ninja-1.9.0,2 for building
===> Extracting for ninja-1.9.0,2
=> SHA256 Checksum OK for ninja-build-ninja-v1.9.0_GH0.tar.gz.
===> Patching for ninja-1.9.0,2
===> ninja-1.9.0,2 depends on file: /usr/local/bin/python3.6 - found
===> Configuring for ninja-1.9.0,2
===> Building for ninja-1.9.0,2
bootstrapping ninja...
warning: A compatible version of re2c (>= 0.11.3) was not found; changes to src/*.in.cc will not affect your build.
wrote build.ninja.
bootstrap complete. rebuilding...
[26/26] LINK ninja
===>>> Building the port required 70 seconds
===> Staging for ninja-1.9.0,2
===> Generating temporary packing list
install -s -m 555 /usr/ports/devel/ninja/work/ninja-1.9.0/ninja /usr/ports/devel/ninja/work/stage/usr/local/bin
(cd /usr/ports/devel/ninja/work/ninja-1.9.0 && install -m 0644 HACKING.md README doc/manual.asciidoc /usr/ports/devel/ninja/work/stage/usr/local/share/doc/ninja)
====> Compressing man pages (compress-man)
===>>> Starting check for runtime dependencies
===>>> Gathering dependency list for devel/ninja from ports
===>>> Dependency check complete for devel/ninja

===>>> webkit2-gtk3-2.24.0_1 >> devel/ninja (39/39)

===> Installing for ninja-1.9.0,2
===> Checking if ninja is already installed
===> Registering installation for ninja-1.9.0,2 as automatic
Installing ninja-1.9.0,2...

===>>> Installation of devel/ninja (ninja-1.9.0,2) succeeded


===>>> Returning to dependency check for www/webkit2-gtk3
===>>> Dependency check complete for www/webkit2-gtk3

===> Cleaning for webkit2-gtk3-2.24.0_1
===> webkit2-gtk3-2.24.0_1 has known vulnerabilities:
webkit2-gtk3-2.24.0_1 is vulnerable:
webkit2-gtk3 -- Multiple vulnerabilities
CVE: CVE-2019-8623
CVE: CVE-2019-8622
CVE: CVE-2019-8619
CVE: CVE-2019-8611
CVE: CVE-2019-8615
CVE: CVE-2019-8610
CVE: CVE-2019-8609
CVE: CVE-2019-8608
CVE: CVE-2019-8607
CVE: CVE-2019-8601
CVE: CVE-2019-8597
CVE: CVE-2019-8596
CVE: CVE-2019-8595
CVE: CVE-2019-8594
CVE: CVE-2019-8587
CVE: CVE-2019-8586
CVE: CVE-2019-8584
CVE: CVE-2019-8583
CVE: CVE-2019-8571
CVE: CVE-2019-6237
CVE: CVE-2019-11070
CVE: CVE-2019-8563
CVE: CVE-2019-8559
CVE: CVE-2019-8558
CVE: CVE-2019-8551
CVE: CVE-2019-8544
CVE: CVE-2019-8536
CVE: CVE-2019-8535
CVE: CVE-2019-8524
CVE: CVE-2019-8523
CVE: CVE-2019-8518
CVE: CVE-2019-8515
CVE: CVE-2019-8506
CVE: CVE-2019-8503
CVE: CVE-2019-7292
CVE: CVE-2019-7285
CVE: CVE-2019-6251
CVE: CVE-2019-6201
WWW: https://vuxml.FreeBSD.org/freebsd/3dd46e05-9fb0-11e9-bf65-00012e582166.html

1 problem(s) in 1 installed package(s) found.
=> Please update your ports tree and try again.
=> Note: Vulnerable ports are marked as such even if there is no update available.
=> If you wish to ignore this vulnerability rebuild with 'make DISABLE_VULNERABILITIES=yes'
*** Error code 1

Stop.
make[1]: stopped in /usr/ports/www/webkit2-gtk3
*** Error code 1

Stop.
make: stopped in /usr/ports/www/webkit2-gtk3

===>>> make build failed for www/webkit2-gtk3
===>>> Aborting update

===>>> There are messages from installed ports to display,
but first take a moment to review the error messages
above. Then press Enter when ready to proceed. 

===>>> pkg-message for py36-urllib3-1.22,1
Always:
Be careful, support of IPv6 is broken with PySocks 1.5.7.

===>>> Done displaying pkg-message files

===>>> The following actions were performed:
Installation of devel/bison (bison-3.4.1,1)
Upgrade of libarchive-3.3.3,1 to libarchive-3.3.3_1,1
Installation of devel/scons (scons-3.0.1)
Installation of devel/jsoncpp (jsoncpp-1.8.1_6)
Installation of devel/libtool (libtool-2.4.6_1)
Installation of devel/libuv (libuv-1.30.1)
Upgrade of curl-7.65.1 to curl-7.65.1_1
Installation of security/rhash (rhash-1.3.5)
Installation of devel/py-pytz@py36 (py36-pytz-2019.1,1)
Installation of devel/py-babel@py36 (py36-Babel-2.7.0)
Installation of textproc/py-MarkupSafe@py36 (py36-MarkupSafe-1.1.1)
Installation of devel/py-Jinja2@py36 (py36-Jinja2-2.10.1)
Installation of devel/py-six@py36 (py36-six-1.12.0)
Installation of textproc/py-docutils@py36 (py36-docutils-0.14_4)
Installation of graphics/py-imagesize@py36 (py36-imagesize-0.7.1)
Installation of textproc/py-alabaster@py36 (py36-alabaster-0.7.6)
Installation of textproc/py-pygments@py36 (py36-pygments-2.4.1)
Installation of lang/cython@py36 (py36-cython-0.29_1)
Installation of textproc/py-pystemmer@py36 (py36-pystemmer-1.3.0_2)
Installation of textproc/py-snowballstemmer@py36 (py36-snowballstemmer-1.2.0_1)
Installation of textproc/py-sphinx_rtd_theme@py36 (py36-sphinx_rtd_theme-0.4.3)
Installation of textproc/py-sphinxcontrib-websupport@py36 (py36-sphinxcontrib-websupport-1.1.2)
Installation of dns/py-idna@py36 (py36-idna-2.8)
Installation of net/py-pysocks@py36 (py36-pysocks-1.7.0)
Installation of devel/py-pycparser@py36 (py36-pycparser-2.19)
Installation of devel/py-cffi@py36 (py36-cffi-1.12.3)
Installation of devel/py-asn1crypto@py36 (py36-asn1crypto-0.24.0)
Installation of security/py-cryptography@py36 (py36-cryptography-2.6.1)
Installation of security/py-openssl@py36 (py36-openssl-18.0.0)
Installation of net/py-urllib3@py36 (py36-urllib3-1.22,1)
Installation of security/py-certifi@py36 (py36-certifi-2019.6.16)
Installation of devel/py-setuptools_scm@py36 (py36-setuptools_scm-3.3.3)
Installation of devel/py-pytest-runner@py36 (py36-pytest-runner-2.11.1)
Installation of textproc/py-chardet@py36 (py36-chardet-3.0.4_1)
Installation of www/py-requests@py36 (py36-requests-2.21.0)
Installation of textproc/py-sphinx (py36-sphinx-1.6.5_2,1)
Installation of devel/cmake (cmake-3.14.5)
Installation of devel/gperf (gperf-3.0.3_2)
Installation of devel/ninja (ninja-1.9.0,2)


===>>> You can restart from the point of failure with this command line:
portmaster <flags> www/webkit2-gtk3 

This command has been saved to /tmp/portmasterfail.txt

#
```


----------



## SirDice (Jul 11, 2019)

Update your ports tree.

PR 239003


----------

