From owner-freebsd-questions@FreeBSD.ORG Mon Oct 31 07:55:04 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 25E2016A41F for ; Mon, 31 Oct 2005 07:55:04 +0000 (GMT) (envelope-from ringworm01@gmail.com) Received: from zproxy.gmail.com (zproxy.gmail.com [64.233.162.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id AD96543D48 for ; Mon, 31 Oct 2005 07:55:03 +0000 (GMT) (envelope-from ringworm01@gmail.com) Received: by zproxy.gmail.com with SMTP id 40so782976nzk for ; Sun, 30 Oct 2005 23:55:03 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:from:to:subject:date:user-agent:references:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:message-id; b=G70+fNBEvnBuKcpQAxJtmzHvQm2nLciaLKNbOP3KpI0WpCHeTrP4nGWg6zNJDlmPpppYt5PblgilVYDt+ou+rzV9Ht2gHRDuY6kn3XdeOZNbLKmbxZEp3+AdUe2OACsGCqZ5VO7Z1InOWfzxpUbwCi0U0qg/Ttm5iBWJOBGRGyg= Received: by 10.36.221.33 with SMTP id t33mr3366019nzg; Sun, 30 Oct 2005 23:55:03 -0800 (PST) Received: from ?192.168.1.10? ( [71.102.14.129]) by mx.gmail.com with ESMTP id 39sm1162882nzk.2005.10.30.23.54.59; Sun, 30 Oct 2005 23:55:02 -0800 (PST) From: "Michael C. Shultz" To: Daniel Pittman , freebsd-questions@freebsd.org Date: Sun, 30 Oct 2005 23:48:06 -0800 User-Agent: KMail/1.8.2 References: <87oe56rxpi.fsf@rimspace.net> In-Reply-To: <87oe56rxpi.fsf@rimspace.net> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200510302348.07655.ringworm01@gmail.com> Cc: Subject: Re: portaudit reports: how to exclude a specific vulnerability X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Oct 2005 07:55:04 -0000 On Sunday 30 October 2005 22:45, you wrote: > G'day. I am relatively new to FreeBSD, but failed to find an answer to > this question in the handbook, manual pages, or other references about > portaudit: > > At the moment, portaudit is reporting one vulnerability on my system, > with the 'p5-Crypt-OpenPGP' package. > > There isn't, apparently, a release of this package available that > resolves the issue. > > I have checked the advisory and I am quite happy that the specific > problem is not going to hurt here, so I don't mind that the > theoretically vulnerable version is installed.[1] > > I can't work out how to tell portaudit to stop bothering me about this > particular vulnerability, though. > > Can I ask it to exclude a vulnerability, or (ever better) a > vulnerability/package combination, from reports? > I think this will do it, put it in /etc/make.conf .if ${.CURDIR:M*/security/p5-Crypt-OpenPGP} DISABLE_VULNERABILITIES="YES" .endif -Mike > > I specifically /don't/ want to exclude the package from auditing, > though, since I want to know if another security issue turns up for it. > > Thanks, > Daniel > > Footnotes: > [1] The specific issue is a cryptographic weakness that needs a > specific and particularly unlikely bit of code written by us before > it actually does anything. Not, as they say, going to happen. > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org"