CVS log for ports/ports-mgmt/portaudit/Makefile
![[BACK]](/gifs/back.gif){kind=small}
Up to [FreeBSD] / ports / ports-mgmt / portaudit
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
Revision 1.31: download - view: text, markup, annotated - select for diffs
Sat Nov 17 06:00:45 2012 UTC (6 months ago) by svnexp
Branches: MAIN
CVS tags: HEAD
Diff to: previous 1.30: preferred, colored
Changes since revision 1.30: +1 -1 lines
Switch exporter over
Revision 1.30: download - view: text, markup, annotated - select for diffs
Sun Mar 11 21:32:57 2012 UTC (14 months, 1 week ago) by simon
Branches: MAIN
CVS tags: RELEASE_8_3_0
Diff to: previous 1.29: preferred, colored
Changes since revision 1.29: +2 -1 lines
Portaudit 0.6.0: Fix remote code execution which can occur with a specially crafted audit file. The attacker would need to get the portaudit(1) to download the bad audit database, e.g. by performing a man in the middle attack. Add signature verification of the portaudit database. The public key is for the database generated for portaudit.FreeBSD.org is included in the distribution. Submitted by: Michael Gmelin <freebsd@grem.de> Reported by: Michael Gmelin <freebsd@grem.de>, Joerg Scheinert Security: Remote code execution Security: http://vuxml.FreeBSD.org/6d329b64-6bbb-11e1-9166-001e4f0fb9b1.html Feature safe: yes With hat: so
Revision 1.29: download - view: text, markup, annotated - select for diffs
Sat Feb 5 08:37:06 2011 UTC (2 years, 3 months ago) by remko
Branches: MAIN
CVS tags: RELEASE_9_0_0, RELEASE_8_2_0, RELEASE_7_4_0
Diff to: previous 1.28: preferred, colored
Changes since revision 1.28: +1 -1 lines
Add some improvements via Doug: This patch changes the order in which the conf file is read vs. when the default variable assignments are made in order to provide the ability to override them in the conf file. It also adds the ability to include a conf file in the same directory as the script. The patch also changes some of the = assignments to := where having a null setting by mistake would be fatal. The use case for these changes is the ability to "package" all of the elements together in one place for use on multiple systems that can all mount the same central location. PR: 154518 Submitted by: dougb Hat: secteam Feature safe: yes
Revision 1.28: download - view: text, markup, annotated - select for diffs
Mon Jan 31 20:17:04 2011 UTC (2 years, 3 months ago) by uqs
Branches: MAIN
Diff to: previous 1.27: preferred, colored
Changes since revision 1.27: +1 -1 lines
Don't enclose URLs in <>, it makes them harder to copy&paste and URLs are not email addresses. PR: ports/127214 (first half) Reviewed by: simon Feature safe: yes
Revision 1.27: download - view: text, markup, annotated - select for diffs
Mon May 3 21:02:20 2010 UTC (3 years ago) by delphij
Branches: MAIN
CVS tags: RELEASE_8_1_0, RELEASE_6_EOL
Diff to: previous 1.26: preferred, colored
Changes since revision 1.26: +1 -1 lines
Prefer using base system binaries. Reported by: Paul Hoffman <phoffman proper com> With hat: secteam
Revision 1.26: download - view: text, markup, annotated - select for diffs
Mon Oct 26 09:17:28 2009 UTC (3 years, 6 months ago) by remko
Branches: MAIN
CVS tags: RELEASE_7_3_0
Diff to: previous 1.25: preferred, colored
Changes since revision 1.25: +1 -1 lines
Forgot to bump version. Prodded by: antoine
Revision 1.25: download - view: text, markup, annotated - select for diffs
Sun Jun 21 15:45:18 2009 UTC (3 years, 11 months ago) by simon
Branches: MAIN
CVS tags: RELEASE_8_0_0
Diff to: previous 1.24: preferred, colored
Changes since revision 1.24: +1 -1 lines
Download portaudit database from http://portaudit.FreeBSD.org/ instead of http://www.FreeBSD.org/ports/portaudit/. This is primarily done to work around bug in lighttpd on www.FreeBSD.org where If-Modified-Since isn't handled correctly possibly resulting in users behind web proxies getting an outdated version of the portaudit database. Bump portaudit version number. Big thanks to the reporter for the detailed PR with good information about reproducing the issue. PR: www/134505 Reported by: Christian Ullrich <chris@chrullrich.net> Prodding by: remko, Christian Ullrich
Revision 1.24: download - view: text, markup, annotated - select for diffs
Thu Dec 27 09:54:23 2007 UTC (5 years, 4 months ago) by simon
Branches: MAIN
CVS tags: RELEASE_7_2_0, RELEASE_7_1_0, RELEASE_6_4_0, RELEASE_5_EOL
Diff to: previous 1.23: preferred, colored
Changes since revision 1.23: +2 -18 lines
- Fix portaudit -Fq to actually be quiet. [1] - Remove support for FreeBSD older than 4.11 and 5.3. - Remove conditional dependency on bzip2 which I can't really see how could be activated automatically. Reported by: "J. Martin Petersen" <jmp@alvorlig.dk> [1] PR: ports/117845 [1] With hat: maintainer / secteam
Revision 1.23: download - view: text, markup, annotated - select for diffs
Mon Apr 2 12:40:31 2007 UTC (6 years, 1 month ago) by erwin
Branches: MAIN
CVS tags: RELEASE_7_0_0, RELEASE_6_3_0, PRE_XORG_7
Diff to: previous 1.22: preferred, colored
Changes since revision 1.22: +1 -1 lines
Add security to CATEGORIES "Sounds like a good idea": simon
Revision 1.22: download - view: text, markup, annotated - select for diffs
Mon Feb 5 01:08:29 2007 UTC (6 years, 3 months ago) by pav
Branches: MAIN
Diff to: previous 1.21: preferred, colored
Changes since revision 1.21: +3 -3 lines
Populate a new ports-mgmt category. List of moved ports: devel/portcheckout -> ports-mgmt/portcheckout devel/portlint -> ports-mgmt/portlint devel/portmk -> ports-mgmt/portmk devel/porttools -> ports-mgmt/porttools misc/instant-tinderbox -> ports-mgmt/instant-tinderbox misc/porteasy -> ports-mgmt/porteasy misc/portell -> ports-mgmt/portell misc/portless -> ports-mgmt/portless misc/tinderbox -> ports-mgmt/tinderbox security/jailaudit -> ports-mgmt/jailaudit security/portaudit -> ports-mgmt/portaudit security/portaudit-db -> ports-mgmt/portaudit-db security/vulnerability-test-port -> ports-mgmt/vulnerability-test-port sysutils/barry -> ports-mgmt/barry sysutils/bpm -> ports-mgmt/bpm sysutils/kports -> ports-mgmt/kports sysutils/managepkg -> ports-mgmt/managepkg sysutils/newportsversioncheck -> ports-mgmt/newportsversioncheck sysutils/pib -> ports-mgmt/pib sysutils/pkgfe -> ports-mgmt/pkgfe sysutils/pkg-orphan -> ports-mgmt/pkg-orphan sysutils/pkg_cutleaves -> ports-mgmt/pkg_cutleaves sysutils/pkg_install -> ports-mgmt/pkg_install sysutils/pkg_install-devel -> ports-mgmt/pkg_install-devel sysutils/pkg_remove -> ports-mgmt/pkg_remove sysutils/pkg_rmleaves -> ports-mgmt/pkg_rmleaves sysutils/pkg_trackinst -> ports-mgmt/pkg_trackinst sysutils/pkg_tree -> ports-mgmt/pkg_tree sysutils/portbrowser -> ports-mgmt/portbrowser sysutils/portconf -> ports-mgmt/portconf sysutils/portdowngrade -> ports-mgmt/portdowngrade sysutils/portcheck -> ports-mgmt/portcheck sysutils/portmanager -> ports-mgmt/portmanager sysutils/portmaster -> ports-mgmt/portmaster sysutils/portscout -> ports-mgmt/portscout sysutils/portsearch -> ports-mgmt/portsearch sysutils/portsman -> ports-mgmt/portsman sysutils/portsnap -> ports-mgmt/portsnap sysutils/portsopt -> ports-mgmt/portsopt sysutils/portupgrade -> ports-mgmt/portupgrade sysutils/portupgrade-devel -> ports-mgmt/portupgrade-devel sysutils/port-authoring-tools -> ports-mgmt/port-authoring-tools sysutils/port-maintenance-tools -> ports-mgmt/port-maintenance-tools sysutils/psearch -> ports-mgmt/psearch sysutils/p5-FreeBSD-Portindex -> ports-mgmt/p5-FreeBSD-Portindex sysutils/qtpkg -> ports-mgmt/qtpkg textproc/p5-FreeBSD-Ports -> ports-mgmt/p5-FreeBSD-Ports Repocopies by: marcus
Revision 1.21: download - view: text, markup, annotated - select for diffs
Sun Apr 16 13:32:27 2006 UTC (7 years, 1 month ago) by simon
Branches: MAIN
CVS tags: old_RELEASE_6_2_0, old_RELEASE_4_EOL
Diff to: previous 1.20: preferred, colored
Changes since revision 1.20: +1 -1 lines
Avoid unnecessary invocations of pkg_info by checking whether the package is installed or not using a precalculated regex. This speeds up "portaudit -a" with around a factor of 10. The change is slightly modified from the one from the PR by using pkg_info -aE instead of ls /var/db/pkg for determining installed packages. Submitted by: Kuang-che Wu <kcwu@csie.org> PR: ports/92942
Revision 1.20: download - view: text, markup, annotated - select for diffs
Sat Jul 30 19:13:10 2005 UTC (7 years, 9 months ago) by simon
Branches: MAIN
CVS tags: old_RELEASE_6_1_0, old_RELEASE_6_0_0, old_RELEASE_5_5_0
Diff to: previous 1.19: preferred, colored
Changes since revision 1.19: +1 -1 lines
Change MAINTAINER address for ports maintained by the Security Team to secteam@ instead of security@ to make it more clear that the ports are not maintained by the freebsd-security@ mailing list. Both addresses go to the same people.
Revision 1.19: download - view: text, markup, annotated - select for diffs
Sun Jul 3 20:31:00 2005 UTC (7 years, 10 months ago) by simon
Branches: MAIN
Diff to: previous 1.18: preferred, colored
Changes since revision 1.18: +2 -2 lines
portaudit 0.5.10: - Unbreak portaudit -vF. - Sync usage with reality. - Document the q, v, and V options. - Markup fixes for the portaudit(1) manual page. - Make quiet mode output even less "redundant" text [1]. - Set maintainership to security@. [2] Suggested by: Phil Kernick philk at rotfl dot com dot au [1] Suggested by: nectar, remko [2]
Revision 1.18: download - view: text, markup, annotated - select for diffs
Tue Jun 14 22:04:55 2005 UTC (7 years, 11 months ago) by simon
Branches: MAIN
Diff to: previous 1.17: preferred, colored
Changes since revision 1.17: +1 -1 lines
Grab maintainer-ship of portaudit. While I do not currently have any plans for improvements (though I have ideas) I feel that portaudit is too important to not have an active maintainer. Approved by: portmgr (linimon)
Revision 1.17: download - view: text, markup, annotated - select for diffs
Fri Sep 3 20:30:53 2004 UTC (8 years, 8 months ago) by eik
Branches: MAIN
CVS tags: old_RELEASE_5_4_0, old_RELEASE_5_3_0, old_RELEASE_4_11_0
Diff to: previous 1.16: preferred, colored
Changes since revision 1.16: +1 -1 lines
- update to version 0.5.9 (first attempts to check the base system for vulnerabilities)
Revision 1.16: download - view: text, markup, annotated - select for diffs
Mon Aug 23 17:39:12 2004 UTC (8 years, 9 months ago) by eik
Branches: MAIN
Diff to: previous 1.15: preferred, colored
Changes since revision 1.15: +1 -1 lines
fix "too many open files" error when using the -r flag Noted by: nectar
Revision 1.15: download - view: text, markup, annotated - select for diffs
Mon Aug 16 02:24:06 2004 UTC (8 years, 9 months ago) by eik
Branches: MAIN
Diff to: previous 1.14: preferred, colored
Changes since revision 1.14: +2 -0 lines
Don't check the base system when PACKAGE_BUILDING
Revision 1.14: download - view: text, markup, annotated - select for diffs
Sun Aug 15 12:26:16 2004 UTC (8 years, 9 months ago) by eik
Branches: MAIN
Diff to: previous 1.13: preferred, colored
Changes since revision 1.13: +1 -1 lines
Remove -a from the default fetch(1) flags, so that the daily security report is not delayed when the distribution site is down. Submitted by: kuriyama
Revision 1.13: download - view: text, markup, annotated - select for diffs
Fri Aug 13 17:07:05 2004 UTC (8 years, 9 months ago) by eik
Branches: MAIN
Diff to: previous 1.12: preferred, colored
Changes since revision 1.12: +8 -2 lines
fix man page nits, modify the vulnerability report depending on -q/-v (experimental) PR: 69935, 68942 Submitted by: Chris Pepper <pepper@reppep.com>, Johan Karlsson <k@numeri.campus.luth.se>
Revision 1.12: download - view: text, markup, annotated - select for diffs
Sat Jul 24 13:34:52 2004 UTC (8 years, 10 months ago) by eik
Branches: MAIN
Diff to: previous 1.11: preferred, colored
Changes since revision 1.11: +1 -1 lines
New option -r: restrict listed entries to selected references. Useful for testing new entries.
Revision 1.11: download - view: text, markup, annotated - select for diffs
Fri Jul 2 00:31:18 2004 UTC (8 years, 10 months ago) by eik
Branches: MAIN
Diff to: previous 1.10: preferred, colored
Changes since revision 1.10: +2 -5 lines
Test OSVERSION instead of pkg_info -P to enable cross-version builds Requested by: kris
Revision 1.10: download - view: text, markup, annotated - select for diffs
Thu Jul 1 10:59:47 2004 UTC (8 years, 10 months ago) by eik
Branches: MAIN
Diff to: previous 1.9: preferred, colored
Changes since revision 1.9: +13 -24 lines
- update to version 0.5 *** NOTE *** The preferences file format has changed, as have the periodic.conf(5) names. Normally the default settings should be adequate, except when you need to configure a proxy. Use $PREFIX/etc/portaudit.conf.sample as an example. - moved portaudit to sbin - clean up, merging stuff into the portaudit script - better return codes and errors to stderr - -f can check stdin now - dropped ports tree auditing - merged the periodic(8) scripts into one - run daily auditing as `nobody'
Revision 1.9: download - view: text, markup, annotated - select for diffs
Fri Jun 25 01:21:20 2004 UTC (8 years, 10 months ago) by eik
Branches: MAIN
Diff to: previous 1.8: preferred, colored
Changes since revision 1.8: +1 -1 lines
update to version 0.4.1 Use portaudit [packagename ...] to check if package is listed as vulnerable
Revision 1.8: download - view: text, markup, annotated - select for diffs
Wed Jun 23 16:01:37 2004 UTC (8 years, 11 months ago) by eik
Branches: MAIN
Diff to: previous 1.7: preferred, colored
Changes since revision 1.7: +22 -12 lines
Update to version 0.4, with a new `-f' option. To check which of the current ports have known vulnerabilities, do portaudit -f /usr/ports/INDEX This port requires pkg_install(-devel)>=20040623
Revision 1.7: download - view: text, markup, annotated - select for diffs
Mon Jun 21 16:04:26 2004 UTC (8 years, 11 months ago) by eik
Branches: MAIN
Diff to: previous 1.6: preferred, colored
Changes since revision 1.6: +1 -1 lines
make expiry date customizable via daily_status_portaudit_expiry
Revision 1.6: download - view: text, markup, annotated - select for diffs
Fri Jun 18 08:07:29 2004 UTC (8 years, 11 months ago) by eik
Branches: MAIN
Diff to: previous 1.5: preferred, colored
Changes since revision 1.5: +1 -1 lines
Fetch the database from http://www.FreeBSD.org/ports/ first. Thanks to: kuriyama
Revision 1.5: download - view: text, markup, annotated - select for diffs
Wed Mar 31 22:52:01 2004 UTC (9 years, 1 month ago) by eik
Branches: MAIN
CVS tags: old_RELEASE_4_10_0
Diff to: previous 1.4: preferred, colored
Changes since revision 1.4: +2 -2 lines
update to 0.3.1: - use passive ftp by default, don't retry on failure [1] - add a -C flag, portlint style - don't keep databases that are tool old [2] Requested by: hubs [1] Noticed by: Nicolas Rachinsky <nicolas@rachinsky.de> [2]
Revision 1.4: download - view: text, markup, annotated - select for diffs
Thu Mar 11 11:11:59 2004 UTC (9 years, 2 months ago) by eik
Branches: MAIN
Diff to: previous 1.3: preferred, colored
Changes since revision 1.3: +6 -4 lines
Update to 0.3. Since we are using the official VuXML database the auditing should be pretty complete. - mention web page - add more mirrors, disabling .ru mirror (too much lag) - allow combined options in portaudit shell script - add sample configuration file - use absolute paths for binaries, to ease use in crontab scripts [1] - correct type in man page [2] PR: 64005 [2] Submitted by: Tomasz Pilat <poncki@axelspringer.com.pl> [1] Nathan Dove <njdove@wafer.sandia.gov> [2]
Revision 1.3: download - view: text, markup, annotated - select for diffs
Wed Feb 25 09:46:26 2004 UTC (9 years, 2 months ago) by eik
Branches: MAIN
Diff to: previous 1.2: preferred, colored
Changes since revision 1.2: +19 -1 lines
- bugfix: awk in -CURRENT accepts no regexes in RS, causing the database update to fail - add an install & deinstall message Submitted by: nectar & Ion-Mihai Tetcu <itetcu@apropo.ro>
Revision 1.2: download - view: text, markup, annotated - select for diffs
Sat Feb 21 21:19:41 2004 UTC (9 years, 3 months ago) by eik
Branches: MAIN
Diff to: previous 1.1: preferred, colored
Changes since revision 1.1: +9 -2 lines
update to 0.2: - new command line tool - new man page - reworked database update code, incorporating feedback from Max Khon <fjoe>, Radim Kolar <hsn@netmag.cz> (PR 63066) and Ion-Mihai Tetcu <itetcu@apropo.ro> (PR 62655)
Revision 1.1: download - view: text, markup, annotated - select for diffs
Tue Jan 27 19:24:52 2004 UTC (9 years, 3 months ago) by eik
Branches: MAIN
portaudit provides a list of published security vulnerabilities of FreeBSD ports and tools to check if installed ports are listed. Since this is a prerelease version, it is mostly usable for committers that want to contribute to the project, and can currently not be relied upon as an extensive security auditing tool.