Re: portaudit and automake14

On 8/28/12 11:53 AM, Bryan Drewery wrote: > On 8/28/2012 1:47 PM, David Newman wrote: >> 1. On a 8.0-RELEASE system, I'm having a problem with the automake14 >> port, where the portaudit port reports this vulnerability: >> >> http://portaudit.freebsd.org/10f38033-

Re: portaudit and automake14

On 8/28/2012 1:47 PM, David Newman wrote: > 1. On a 8.0-RELEASE system, I'm having a problem with the automake14 > port, where the portaudit port reports this vulnerability: > > http://portaudit.freebsd.org/10f38033-e006-11e1-9304-.html > > Refreshing th

portaudit and automake14

1. On a 8.0-RELEASE system, I'm having a problem with the automake14 port, where the portaudit port reports this vulnerability: http://portaudit.freebsd.org/10f38033-e006-11e1-9304-.html Refreshing the ports collection with 'portsnap fetch extract' and then runn

Re: Problems with portaudit after update to 0.6.0

On Mon, 19 Mar 2012 11:14:13 -0300 "Fábio Jr." wrote: > Hi folks, > > I'm facing problems after updating the portaudit to 0.6.0. This is > happening on 2 server I own, both with FreeBSD 6.2. Check this out: You obviously have missed that FreeBSD 6.x is no longer su

Re: Problems with portaudit after update to 0.6.0

El día 19 de marzo de 2012 08:14, "Fábio Jr." escribió: > Hi folks, > > I'm facing problems after updating the portaudit to 0.6.0. This is happening > on 2 server I own, both with FreeBSD 6.2. Check this out: > >   /# portaudit -Fda/ >   /auditfile.tbz        

Problems with portaudit after update to 0.6.0

Hi folks, I'm facing problems after updating the portaudit to 0.6.0. This is happening on 2 server I own, both with FreeBSD 6.2. Check this out: /# portaudit -Fda/ /auditfile.tbz 100% of 75 kB 381 kBps/ /unknown option '-sha256'/

portaudit report against web app since updated (by web app itself)

I originally installed WordPress as a port because it was convenient to way to make sure I had all the PHP dependencies. However, I've since updated WordPress internally a number of times, and am now getting portaudit advisories against the original port that was installed. I'd pre

portaudit: exim vulnerable but exim-mysql not??

Hi, I've noticed that servers runing exim version 4.74 are being flagged by portaudit as having this vulnerability: http://www.FreeBSD.org/ports/portaudit/36594c54-7be7-11e0-9838-0022156e8794.html But systems with the port exim-mysql are not. This has to be an oversight doesn

Re: portaudit php vulnerabilities

On Fri, 25 Dec 2009 23:45:39 -0800 Nerius Landys replied: >> For the past week or so, portaudit has been warning me that the >> installed version of php on my system (php5-5.2.11_1) has known >> vulnerabilties. Fair enough. However, I've not seen a fix in the >> port

Re: portaudit php vulnerabilities

> For the past week or so, portaudit has been warning me that the > installed version of php on my system (php5-5.2.11_1) has known > vulnerabilties. Fair enough. However, I've not seen a fix in the ports > tree since then. Is my only option to deinstall php until this gets &g

portaudit php vulnerabilities

For the past week or so, portaudit has been warning me that the installed version of php on my system (php5-5.2.11_1) has known vulnerabilties. Fair enough. However, I've not seen a fix in the ports tree since then. Is my only option to deinstall php until this gets

Re: Portaudit strange behavior.

Hi again, Today portaudit works fine with ${portaudit_sites="http://portaudit.FreeBSD.org/"} Now I need to change this option in portaudit on all servers. Regards Arek -- Arek Czereszewski arek (at) wup-katowice (dot) pl "UNIX allows me to work smar

Re: Portaudit strange behavior.

On Wednesday, 1 July 2009 02:02:47 Arek Czereszewski wrote: > Hi, > > On all my servers I have portaudit version 0.5.13 > If I try update audit database (by hand or from periodic script) > I have: > > # portaudit -Fd > auditfile.tbz 1

Re: Portaudit strange behavior.

On Wednesday 01 July 2009 08:02:47 Arek Czereszewski wrote: > Hi, > > On all my servers I have portaudit version 0.5.13 > If I try update audit database (by hand or from periodic script) > I have: > > # portaudit -Fd > auditfile.tbz 1

Portaudit strange behavior.

Hi, On all my servers I have portaudit version 0.5.13 If I try update audit database (by hand or from periodic script) I have: # portaudit -Fd auditfile.tbz 100% of 53 kB 39 kBps portaudit: Database too old. Old database restored. portaudit: Download failed

Re: portaudit and periodic

I believe I am incorrect. I checked further and it looks like $daily_status_security_portaudit_enable defaults to YES in the portaudit script so it should run fine. Everything seems to be working. I don't know why I thought it wasn't running before. Sorry for the trouble. Thanks. On S

portaudit and periodic

I am using FreeBSD 7-RELEASE. I installed portaudit. The FreeBSD handbook stated that during the install process, the configuration files for periodic will be updated, permitting portaudit output in the daily security runs. portaudit was not run in my daily security runs. There is no mention of

Re: portaudit -solved

portaudit command failed. I have now opened up port 80 and get the thing working. Your message got me thinking in this direction as you confiremed that the file is from http://www.FreeBSD.org/ports. Once again thanks and apologies for the late reply. On Mon, 8 Dec 2008, Sahil Tandon wrote

Re: portaudit

Richard KHOO Guan Chen wrote: > I have recently installed 6.4 release and tried to do a portausidt -F. > No go reply was that auditfile.tbz unavailable. By default, portaudit fetches the database from www.FreeBSD.org/ports. What is the output of the following commands on your machine?

portaudit

I have recently installed 6.4 release and tried to do a portausidt -F. No go reply was that auditfile.tbz unavailable. Would be grateful for help Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-que

Portaudit - auditfile.tbz failure of download.

Hello all, anyone having issues with portaudit download of the auditfile.tbz? mine seems to just stall. I'm using portaudit .0.5.2 with -Fda switches. Thanks Ezat ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/ma

Re: portaudit in periodic [SOLVED]

e problem was that I have to use a proxy: from the shell portaudit picked up HTTP_PROXY and FTP_PROXY from the environment, while it didn't when launched from cron. Obiously setting up portaudit.conf was the solution. bye & Thanks av. _

Re: portaudit in periodic

Andrea Venturoli wrote: > Cristian KLEIN ha scritto: > >> I used to have problem with cron scripts, because cron uses another >> PATH then >> what the script gets if it's run from the shell. Could you try the >> following >> (assuming sh): >> >> export SHELL=/bin/sh >> export PATH=/etc:/bin:/sbin:

Re: portaudit in periodic

Cristian KLEIN ha scritto: I used to have problem with cron scripts, because cron uses another PATH then what the script gets if it's run from the shell. Could you try the following (assuming sh): export SHELL=/bin/sh export PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin export HOME=/var/log periodic

Re: portaudit in periodic

l. That shouldn't be relevant, the update should be done as a side-effect of the daily security run, and the path to portaudit is hard-coded into the periodic script. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: portaudit in periodic

Andrea Venturoli wrote: > Hello. > I'm running a dozen boxes (most being 6.2) with portaudit installed and > I usually get a port vulnerability report in the daily security run. > > On one box, however, portaudit's db won't update automatically. The >

Re: portaudit in periodic

RW ha scritto: Have you checked its clock? Yep. # date Fri Nov 23 18:13:17 CET 2007 Seems fine to me. Also, it's running ntp, although I'd excpect something better from it. bye & Thanks av. ___ freebsd-questions@freebsd.org mailing list

Re: portaudit in periodic

On Fri, 23 Nov 2007 10:28:31 +0100 Andrea Venturoli <[EMAIL PROTECTED]> wrote: > Hello. > I'm running a dozen boxes (most being 6.2) with portaudit installed > and I usually get a port vulnerability report in the daily security > run. > > On one box, however

portaudit in periodic

Hello. I'm running a dozen boxes (most being 6.2) with portaudit installed and I usually get a port vulnerability report in the daily security run. On one box, however, portaudit's db won't update automatically. The security reports will mention no vulnerability, even when I

portaudit problem

Hi All i am trying to run portaudit -F to fetch new database on FreeBSD 6.1-RELEASE but i cannot fetch the new database and it gives me [EMAIL PROTECTED]:/var/db/portaudit] # portaudit -F auditfile.tbz 100% of 39 kB 2516 kBps portaudit: Database too old. Old

portaudit problem

For some reason, portaudit is now showing 0 problems with my ports when yesterday it was showing about 9. Did something happen that is going to cause me a lot of headaches? -Matt ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org

portaudit thinks a vulnerability just disappeared

I have a 4.11-RELEASE system. Prior to doing some minor portupdates, I had this portaudit report: Checking for packages with security vulnerabilities: Affected package: php4-4.4.1_3 Type of problem: php -- open_basedir Race Condition Vulnerability. Reference: <http://www.FreeBSD.org/po

Re: portsdb output and portaudit question

"jan gestre" <[EMAIL PROTECTED]> > > the box's running for almost 2 months now setup as webmail server, the > > only thing i removed was the linux compatible applications since i have no > > plans of installing linux. i ran pkgdb -F and pkgdb -fu to no avail, after > > doing cvsup this morning, ra

Re: portsdb output and portaudit question

On 8/1/06, Gerard <[EMAIL PROTECTED]> wrote: "jan gestre" <[EMAIL PROTECTED]> > it took almost 3 hours, i don't have X installed. i'm sending you the > portmanager.log in private coz it might clutter the thread. You have a warning message listed here: Tue Aug 1 04:38:03 2006 options changed

Re: portsdb output and portaudit question

Chris Whitehouse wrote: > It seems to be when a port presents the blue Options screen. If you > change anything (maybe even when you don't, not sure) portmanager gives > that message. Unless there are other problems it seems to get back round > to updating the port later in the run. Interestin

Re: portsdb output and portaudit question

Gerard wrote: "jan gestre" <[EMAIL PROTECTED]> it took almost 3 hours, i don't have X installed. i'm sending you the portmanager.log in private coz it might clutter the thread. You have a warning message listed here: Tue Aug 1 04:38:03 2006 options changed so returningphp4-mbstring

Re: portsdb output and portaudit question

"jan gestre" <[EMAIL PROTECTED]> > it took almost 3 hours, i don't have X installed. i'm sending you the > portmanager.log in private coz it might clutter the thread. You have a warning message listed here: Tue Aug 1 04:38:03 2006 options changed so returningphp4-mbstring-4.4.2_2 /

Re: portsdb output and portaudit question

"jan gestre" <[EMAIL PROTECTED]> > > > after almost an eternity i finally was able to upgrade all packages via > > portmanager, run cvsup then portsdb and with the same end result, i still > > get those missing..not install... packages :( It seems to me that you rebuilt your system with portmanag

Re: portsdb output and portaudit question

On 8/1/06, jan gestre <[EMAIL PROTECTED]> wrote: On 8/1/06, Gerard Seibert <[EMAIL PROTECTED]> wrote: > > > > On Tue, 1 Aug 2006, jan gestre wrote: > > > hi guys, > > > > i was trying to portupgrade ruby coz portaudit is complaining of > &g

Re: portsdb output and portaudit question

On 8/1/06, Gerard Seibert <[EMAIL PROTECTED]> wrote: On Tue, 1 Aug 2006, jan gestre wrote: > hi guys, > > i was trying to portupgrade ruby coz portaudit is complaining of > vulnerabilities, i did run cvsup and portsdb -Uu before portupgrade, at > first i couldn't up

Re: portsdb output and portaudit question

On Tue, 1 Aug 2006, jan gestre wrote: hi guys, i was trying to portupgrade ruby coz portaudit is complaining of vulnerabilities, i did run cvsup and portsdb -Uu before portupgrade, at first i couldn't upgrade ruby coz portupgrade is complaining maybe coz portaudit but someone in the

Re: portsdb output and portaudit question

On 8/1/06, jan gestre <[EMAIL PROTECTED]> wrote: On 8/1/06, Svein Halvor Halvorsen <[EMAIL PROTECTED]> wrote: > jan gestre wrote: > i was trying to portupgrade ruby coz portaudit is complaining of > vulnerabilities, i did run cvsup and portsdb -Uu before portupgrade,

Re: portsdb output and portaudit question

On 8/1/06, Svein Halvor Halvorsen <[EMAIL PROTECTED]> wrote: jan gestre wrote: > i was trying to portupgrade ruby coz portaudit is complaining of > vulnerabilities, i did run cvsup and portsdb -Uu before portupgrade, at > first i couldn't upgrade ruby coz portupgrade is c

Re: portsdb output and portaudit question

jan gestre wrote: > i was trying to portupgrade ruby coz portaudit is complaining of > vulnerabilities, i did run cvsup and portsdb -Uu before portupgrade, at > first i couldn't upgrade ruby coz portupgrade is complaining maybe coz > portaudit but someone in the li

portsdb output and portaudit question

hi guys, i was trying to portupgrade ruby coz portaudit is complaining of vulnerabilities, i did run cvsup and portsdb -Uu before portupgrade, at first i couldn't upgrade ruby coz portupgrade is complaining maybe coz portaudit but someone in the list suggested this: # portupgrade -

Re: portaudit report vs. portupgrade report

or that advice. > > So I have done the cvsup, buildworld, buildkernel, > .., process and completed without errors. (Thanks to > all who have posted helpful messages on this subject.) > > Running "portaudit -Fa" advised me that the same 9 > packages were still a probl

portaudit report vs. portupgrade report

ernel, ..., process and completed without errors. (Thanks to all who have posted helpful messages on this subject.) Running "portaudit -Fa" advised me that the same 9 packages were still a problem. Running "portupgrade -n firefox" advised me: ** No need to upgrade 'firefox-1.

Re: Local portaudit server.

David Robillard wrote: > We use the port security/portaudit on all of our FreeBSD servers. > Currently, every machine has to out on the internet to download the > portaudit vulnerability database from the FreeBSD server. If your internal machines need to talk to the web, and you wish t

Re: Local portaudit server.

David Robillard wrote: Hello, We use the port security/portaudit on all of our FreeBSD servers. Currently, every machine has to out on the internet to download the portaudit vulnerability database from the FreeBSD server. Since all of the machines are downloading the exact same file, we would

Local portaudit server.

Hello, We use the port security/portaudit on all of our FreeBSD servers. Currently, every machine has to out on the internet to download the portaudit vulnerability database from the FreeBSD server. Since all of the machines are downloading the exact same file, we would like to setup a local

Re: What happened with portaudit?

run output all of them disappeared, but nobody upgraded or removed the affected packages. I reinstalled portaudit, refreshd its database, but now it reports 0 affected pakages. The pkg_info command lists that three packages, so they are still installed. Does anybody suspect what's wrong?

Re: What happened with portaudit?

le packages (php4, > > > ruby, openssl) in tomorrows security run output, but in today's security > > > run output all of them disappeared, but nobody upgraded or removed the > > > affected packages. I reinstalled portaudit, refreshd its database, but > > > now

Re: What happened with portaudit?

On Sunday, 2005-11-06 at 23:09:42 +0100, Simon L. Nielsen wrote: > It does seem to work for me now. Could people having this problem > please check the size of /var/db/portaudit/auditfile.tbz and try to > run portaudit -Fa to refetch the database and check again? > For referenc

Re: What happened with portaudit?

's security > > run output all of them disappeared, but nobody upgraded or removed the > > affected packages. I reinstalled portaudit, refreshd its database, but > > now it reports 0 affected pakages. The pkg_info command lists that three > > packages, so they are st

Re: What happened with portaudit?

raded or removed the > affected packages. I reinstalled portaudit, refreshd its database, but > now it reports 0 affected pakages. The pkg_info command lists that three > packages, so they are still installed. Does anybody suspect what's wrong

Re: What happened with portaudit?

Kövesdán Gábor wrote: Hello, One of my machines I got a report about 3 vulnerable packages (php4, ruby, openssl) in tomorrows security run output, but in today's security run output all of them disappeared, but nobody upgraded or removed the affected packages. I reinstalled port

Re: What happened with portaudit?

e affected packages. I reinstalled portaudit, refreshd its database, but now it reports 0 affected pakages. The pkg_info command lists that three packages, so they are still installed. Does anybody suspect what's wrong? Cheers, Gabor Kovesdan

What happened with portaudit?

Hello, One of my machines I got a report about 3 vulnerable packages (php4, ruby, openssl) in tomorrows security run output, but in today's security run output all of them disappeared, but nobody upgraded or removed the affected packages. I reinstalled portaudit, refreshd its database

Re: portaudit reports: how to exclude a specific vulnerability

"Michael C. Shultz" <[EMAIL PROTECTED]> writes: > On Sunday 30 October 2005 22:45, you wrote: G'day. [...] >> I can't work out how to tell portaudit to stop bothering me about >> [a single] particular vulnerability, though. >> >> Can I

Re: portaudit reports: how to exclude a specific vulnerability

On Sunday 30 October 2005 22:45, you wrote: > G'day. I am relatively new to FreeBSD, but failed to find an answer to > this question in the handbook, manual pages, or other references about > portaudit: > > At the moment, portaudit is reporting one vulnerability on my system,

portaudit reports: how to exclude a specific vulnerability

G'day. I am relatively new to FreeBSD, but failed to find an answer to this question in the handbook, manual pages, or other references about portaudit: At the moment, portaudit is reporting one vulnerability on my system, with the 'p5-Crypt-OpenPGP' package. There isn&#

Re: portaudit question.....

trying to understand and use the FreeBSD tools ) IMHO, the messages from portaudit are misleadingly worded. Portaudit is correct that some of the software you installed has *some kind* of security vulnerability. But everything else it says is potentially misleading. 1) There may be no

Re: portaudit question.....

pretty sure I'm still overlooking and/or leaving something out. I just discovered the portaudit command and ran it against my system. It comes up with 15 items that need to be upgraded or deinstalled. For this question I'll use Mozilla. The version it reports is Mozilla-1.7.7,

Re: portaudit question.....

- Original Message - From: "Wright Jim Contractor 14MDSS/SGSI" <[EMAIL PROTECTED]> To: Sent: Wednesday, September 28, 2005 1:07 PM Subject: portaudit question. > To keep the story short: > > > > I'm using version FreeBSD 5.4-RELEASE #6: Thu Aug

Re: portaudit question.....

On Wed, 28 Sep 2005 15:07:40 -0500, Wright Jim Contractor 14MDSS/SGSI <[EMAIL PROTECTED]> Subject: portaudit question. Wrote these words of wisdom: > To keep the story short: > > > > I'm using version FreeBSD 5.4-RELEASE #6: Thu Aug 25 09:12:43 CDT 2005; > pa

portaudit question.....

or leaving something out. I just discovered the portaudit command and ran it against my system. It comes up with 15 items that need to be upgraded or deinstalled. For this question I'll use Mozilla. The version it reports is Mozilla-1.7.7,2. When I go to http://www.freebsd.o

Re: question about Portaudit and code freezes

Is Xpdf still listed in the portsaudit database as being vulnerable for you? portaudit -f /usr/ports/INDEX-5 If so, I guess there is nothing I can do except wait... I was just wondering if this has not been corrected because of the freeze? On Aug 25, 2005, at 11:12 AM, Roland Smith wrote

Re: question about Portaudit and code freezes

, even though the > >>latest portrevision was supposed to resolve these problems? Has the > >>portaudit database not been updated because of the code freeze? > >> > > > >Some other ports (like cups-base) incorporate part of the xpdf > >code. so they will

Re: question about Portaudit and code freezes

Yes, everything is up-to-date... Still can't portinstall cups-base because of the problem with xpdf, and this problem still appears when I portaudit -f /usr/ports/INDEX-5 On Aug 25, 2005, at 4:40 AM, Herbert J. Skuhra wrote: On Thu, Aug 25, 2005 at 03:23:11AM -0500, Joe Auty

Re: question about Portaudit and code freezes

On Thu, Aug 25, 2005 at 03:23:11AM -0500, Joe Auty wrote: > Hello, > > How come xpdf is still showing up as a vulnerability, even though the > latest portrevision was supposed to resolve these problems? Has the > portaudit database not been updated because of the code free

question about Portaudit and code freezes

Hello, How come xpdf is still showing up as a vulnerability, even though the latest portrevision was supposed to resolve these problems? Has the portaudit database not been updated because of the code freeze? --- Joe Auty NetMusician: helping musicians exploit new

Re: portaudit is being stubborn

Good news about the wget-devel I wasnt aware it was been updated again, when this problem first occured both versions of wget were affected. It appears in nighly security logs so can get annoying after a while. Chris On 5/21/05, Thomas Hurst <[EMAIL PROTECTED]> wrote: > * Tony Shadwick ([EMAIL P

Re: portaudit: recommended packages can't be installed

about portaudit and wget from just the other day, and you will realize that fixes are not necessarily being commited once a security flaw has been found. > Also -- is there a similar utility to portaudit and freebsd-update, > that can be used on the base operating system (not through ports)

Re: portaudit is being stubborn

to do the trick. Note portaudit_fixed is a regular expression, so if you want to list multiple entries, seperate them with | -- Thomas 'Freaky' Hurst http://hur.st/ --- portaudit.old Mon Sep 6 20:18:55 2004 +++ portaudit Sat May 21 20:18:21 2005 @@ -136,8 +136,8 @@

Re: portaudit: recommended packages can't be installed

On Sat, May 21, 2005 at 01:29:11PM +, Robert S wrote: > 8I've just started playing around with FreeBSD. One of my main > priorities of an OS is ease of upgrading. If I run portaudit, I get a > list of insecure packages (here is an excerpt from the output): > > Affec

Re: portaudit is being stubborn

I'd like to see it done, but I know just enough sh scripting to be dangerous. ;) If it were perl I'd be all over it. Any takers? :) On Sat, 21 May 2005, Thomas Hurst wrote: * Chris ([EMAIL PROTECTED]) wrote: This annoys me as well, I expect portaudit to alert me when an

Re: portaudit: recommended packages can't be installed

On Saturday 21 May 2005 06:29 am, Robert S wrote: > 8I've just started playing around with FreeBSD. One of my main > priorities of an OS is ease of upgrading. If I run portaudit, I get > a list of insecure packages (here is an excerpt from the output): > > Affected pack

portaudit: recommended packages can't be installed

8I've just started playing around with FreeBSD. One of my main priorities of an OS is ease of upgrading. If I run portaudit, I get a list of insecure packages (here is an excerpt from the output): Affected package: firefox-1.0.3,1 Type of problem: mozilla -- code execution via javas

Re: portaudit is being stubborn

* Chris ([EMAIL PROTECTED]) wrote: > This annoys me as well, I expect portaudit to alert me when an update > is available to fix an exploit, but wget has no update so what is the > point of the warning, there also seems to be no way to shut it up. portaudit_fixed is only for OS

Re: portaudit is being stubborn

On Fri, 20 May 2005 13:43:29 +0100 Chris <[EMAIL PROTECTED]> wrote: > This annoys me as well, I expect portaudit to alert me when an update > is available to fix an exploit, but wget has no update so what is the > point of the warning, there also seems to be no way to shut it

Re: portaudit is being stubborn

This annoys me as well, I expect portaudit to alert me when an update is available to fix an exploit, but wget has no update so what is the point of the warning, there also seems to be no way to shut it up. Chris On 5/17/05, Tony Shadwick <[EMAIL PROTECTED]> wrote: > This is driving me

portaudit is being stubborn

This is driving me nuts. I just downloaded the latest portaudit database and ran it on my system: mx02# portaudit -ad Database created: Tue May 17 13:40:02 CDT 2005 Affected package: wget-1.8.2_7 Type of problem: wget -- multiple vulnerabilities. Reference: <http://www.FreeBSD.org/po

Re: portaudit question

Thomas S. Crum - AAA Web Solution, Inc. wrote: Is there something that I am not updating that portaudit would like to see done or is this just a generic warning. Either way, please provide examples of what I might due to have it stop complaining. I can find no examples googling the portaudit "

RE: portaudit question

Thomas S. Crum wrote: > Is there something that I am not updating that portaudit > would like to see > done or is this just a generic warning. Either way, please provide > examples of what I might due to have it stop complaining. I > can find no > examples googling the port

Re: portaudit question

On Fri, 10 Dec 2004 09:19:15 -0500, Thomas S. Crum - AAA Web Solution, Inc. <[EMAIL PROTECTED]> wrote: > Is there something that I am not updating that portaudit would like to see > done or is this just a generic warning. Either way, please provide > examples of what I might due

portaudit question

Is there something that I am not updating that portaudit would like to see done or is this just a generic warning. Either way, please provide examples of what I might due to have it stop complaining. I can find no examples googling the portaudit "note" below. # Here's what I did.

Re: ports freeze and portaudit alerts

to override the freeze? > > > > What "JPEG vuln in firefox"? > > Sorry, that was from memory - I was thinking of the libpng hole > (which of course isn't firefox specific). > > But I'm still seeing this: > > s known vulnerabilities: > >>

Re: ports freeze and portaudit alerts

as from memory - I was thinking of the libpng hole (which of course isn't firefox specific). But I'm still seeing this: s known vulnerabilities: >> mozilla -- scripting vulnerabilities. Reference: <http://www.FreeBSD.org/ports/portaudit/b2e6d1d6-1339-11d9-bc4a-000c41e2cdad

portaudit and base system

Some output: bane# portaudit -F -a auditfile.tbz 100% of9 kB 24 kBps New database installed. Affected package: FreeBSD-491000 Type of problem: multiple vulnerabilities in the cvs server code. Reference: <http://www.FreeBSD.org/ports/portaudit/d2102505-f

Re: Portaudit question

Matthew Seaman wrote: On Wed, Sep 08, 2004 at 10:01:23AM -0500, Chris wrote: While running portaudit, I get the complaint; Affected package: FreeBSD-502010 Type of problem: multiple vulnerabilities in the cvs server code. Reference: <http://www.FreeBSD.org/ports/portaudit/d2102505-f03d-11d8-8

Re: Portaudit question

On Wed, Sep 08, 2004 at 10:01:23AM -0500, Chris wrote: > While running portaudit, I get the complaint; > > Affected package: FreeBSD-502010 > Type of problem: multiple vulnerabilities in the cvs server code. > Reference: > <http://www.FreeBSD.org/ports/portaudit/d2

Portaudit question

While running portaudit, I get the complaint; Affected package: FreeBSD-502010 Type of problem: multiple vulnerabilities in the cvs server code. Reference: <http://www.FreeBSD.org/ports/portaudit/d2102505-f03d-11d8-81b0-000347a4fa7d.html> Note: To disable this check add the u

Re: Installing portaudit from ports

hich you probably don't as openssl is in the base system) think first of installing it under /usr/local. In this case, probably all you need to do is: # pkg_delete security/openssl then install portaudit, and then (if you're sure you need it) re-install security/openssl. Be warned: y

Installing portaudit from ports

Hi, I'm trying to install portaudit from ports, but get this error: Dependency error: this port wants the OpenSSL library from the FreeBSD base system. You can't build against it, while a newer version is installed by a port. Please deinstall the port or undefine WITH_OP

Re: portaudit

like these over half gigs for each cron > report and this is generating traffic See my other mail. Give what I asked for. I cannot guess what is happening. Give the output of: # portaudit -Vd && env FETCH_CMD='fetch -vvvp' portaudit -F -d > > tha

Re: portaudit

-Mihai Tetcu wrote: > On Tue, 13 Apr 2004 14:04:04 -0600 (MDT) > RJ45 <[EMAIL PROTECTED]> wrote: > > > > > Hello, > > I installed portaudit. > > Since I installed it I noticed there are always ESTABLISHED connections to > > some ftp serve

Re: portaudit

D]> wrote: > > > > > Hello, > > I installed portaudit. > > Since I installed it I noticed there are always ESTABLISHED connections to > > some ftp servers: > > > > tcp4 0 20 venus.51739freebsd.utcluj.r

Re: portaudit

On Tue, 13 Apr 2004 14:04:04 -0600 (MDT) RJ45 <[EMAIL PROTECTED]> wrote: > > Hello, > I installed portaudit. > Since I installed it I noticed there are always ESTABLISHED connections to > some ftp servers: > > tcp4 0 20 venus.51739freebsd.utcluj

portaudit

Hello, I installed portaudit. Since I installed it I noticed there are always ESTABLISHED connections to some ftp servers: tcp4 0 20 venus.51739freebsd.utcluj.r.ftp ESTABLISHED tcp4 0 20 venus.49718gort.ludd.ltu.se.ftp ESTABLISHED tcp4 0 6