Forgot to say:
Tue, Oct 07, 2008 at 12:30:58AM +0400, Eygene Ryabinkin wrote:
> OK, I had implemented both '-o' option to pkg_audit and the usage of the
> local INDEX file.
The latter can be activated by writing something like
-
portaudit_pkg_index="file:///usr/ports/INDEX-%d"
-
to the /u
Mon, Oct 06, 2008 at 02:30:29PM +0400, Eygene Ryabinkin wrote:
> OK, fine. I will implement the usage of the local INDEX file in some
> days.
OK, I had implemented both '-o' option to pkg_audit and the usage of the
local INDEX file. I had reworked pkg_audit and portaudit a bit further,
mostly fi
Mel,
Mon, Oct 06, 2008 at 02:40:48PM +0200, Mel wrote:
> What I meant is the '-o' flag in pkg_audit, so I can figure out myself whether
> it's new or not and my buildserver can prioritize it's builds based on
> vulnerable packages it's clients have installed. The origin is the unique key
> that
On Monday 06 October 2008 14:22:13 Eygene Ryabinkin wrote:
> Mel,
>
> Mon, Oct 06, 2008 at 01:07:51PM +0200, Mel wrote:
> > On Monday 06 October 2008 12:28:48 Eygene Ryabinkin wrote:
> > Once you have the origin of the port, you can:
> > - make -C $PORTSDIR/$origin -V PKGNAME
> > - get the matching
Mel,
Mon, Oct 06, 2008 at 01:07:51PM +0200, Mel wrote:
> On Monday 06 October 2008 12:28:48 Eygene Ryabinkin wrote:
> Once you have the origin of the port, you can:
> - make -C $PORTSDIR/$origin -V PKGNAME
> - get the matching origin(s) out of ${INDEXDIR}/${INDEXFILE}
> - get the matching origin(s
Eygene Ryabinkin wrote:
Miroslav, good day.
Mon, Oct 06, 2008 at 12:41:05AM +0200, Miroslav Lachman wrote:
I am busy these days, but it is nice to read about your progress. I hope
I will get some time to test all of these large patches in a few days
and I will report back my experiences!
F
On Monday 06 October 2008 12:28:48 Eygene Ryabinkin wrote:
> Mel, good day.
>
> Mon, Oct 06, 2008 at 11:24:54AM +0200, Mel wrote:
> > On Monday 06 October 2008 07:23:37 Eygene Ryabinkin wrote:
> > > But downloading the INDEX file from the central server seemed to be the
> > > best way, since it alm
Miroslav,
Mon, Oct 06, 2008 at 10:59:46AM +0200, Miroslav Lachman wrote:
> I have '/usr/sbin/portsnap cron' and '/usr/sbin/portsnap -I update' in
> my crontab, so I get INDEX updated every night before nightly security
> e-mail is generated.
Ah, I see. Thanks!
> > But downloading the INDEX fi
Mel, good day.
Mon, Oct 06, 2008 at 11:24:54AM +0200, Mel wrote:
> On Monday 06 October 2008 07:23:37 Eygene Ryabinkin wrote:
> > But downloading the INDEX file from the central server seemed to be the
> > best way, since it almost always gives one the latest port versions, so
> > I had implemente
Hello,
On Monday 06 October 2008 07:23:37 Eygene Ryabinkin wrote:
> But downloading the INDEX file from the central server seemed to be the
> best way, since it almost always gives one the latest port versions, so
> I had implemented this in a first place.
I've been following this, but I don't a
Miroslav, good day.
Mon, Oct 06, 2008 at 12:41:05AM +0200, Miroslav Lachman wrote:
> I am busy these days, but it is nice to read about your progress. I hope
> I will get some time to test all of these large patches in a few days
> and I will report back my experiences!
Fine, thank you! I am r
Sun, Oct 05, 2008 at 11:03:17PM +0400, Eygene Ryabinkin wrote:
> I had also changed the output format for pkg_audit, so I am attaching
> another version of the second patch for the pkg_install bundle.
One neat about new pkg_audit utility: if you already have the build
directory for pkg_install in
Miroslav, good day.
Sun, Sep 28, 2008 at 04:14:24PM +0400, Eygene Ryabinkin wrote:
> > If I read nightly security e-mail with for example 4 vulnerable
> > packages, then I need to log in to server and manualy try, if newer
> > (fixed) packages are available. It seems not so hard to check output
Miroslav, good day.
Sun, Sep 28, 2008 at 01:15:01PM +0200, Miroslav Lachman wrote:
> Is there any possibility to cooperate portaudit / pkg_audit with
> pkg_version to show vulnerable package with information if newer (not
> vulnerable) package (or port) version is available for upgrade to?
>
>
Eygene Ryabinkin wrote:
Roman, good day.
Sat, Sep 27, 2008 at 08:18:08PM +0400, Roman Kurakin wrote:
Have you also posted this to [EMAIL PROTECTED]
No, forgot to do it. CC'ing ports@
Thanks!
The original posting to hackers@ goes below. It will be double-posted
to the bug-followup@ -- so
Roman, good day.
Sat, Sep 27, 2008 at 08:18:08PM +0400, Roman Kurakin wrote:
> Have you also posted this to [EMAIL PROTECTED]
No, forgot to do it. CC'ing ports@
Thanks!
The original posting to hackers@ goes below. It will be double-posted
to the bug-followup@ -- sorry for this.
> Eygene Ryab
Have you also posted this to [EMAIL PROTECTED]
rik
Eygene Ryabinkin wrote:
Good day.
A while ago I had created the new utility that serves as VuXML
filter for the installed packages:
http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/126853
My primary intention was to speed up the process of
Good day.
A while ago I had created the new utility that serves as VuXML
filter for the installed packages:
http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/126853
My primary intention was to speed up the process of auditing the
vulnerable ports: I needed to run portaudit checks with Nagios and
18 matches
Mail list logo
