Date: Sat, 26 Feb 2005 20:05:57 -0500 From: Louis LeBlanc <FreeBSD@keyslapper.net> To: freebsd-questions@freebsd.org Subject: Re: Portupgrading - portauditing Message-ID: <20050227010557.GA76225@keyslapper.net> In-Reply-To: <20050226152514.1a3f9676@localhost> References: <200502261642.04144.georgek@intense-illusions.com> <20050226181700.GA1044@keyslapper.net> <20050226152514.1a3f9676@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
--HlL+5n6rz5pIUxbD
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On 02/26/05 03:25 PM, epilogue sat at the `puter and typed:
>=20
> > I finally gave up and deleted the db at
> > /var/db/portaudit/auditfile.tbz and then did the upgrade.
> >=20
> > It still flags firefox as a vulnerability, even though the problem it
> > references is supposed to be explicitly fixed in the version I have
> > installed (window injection vulnerability).
> >=20
> > Of course, you can the method described by another poster to get that
> > list, but I haven't been able to get portaudit to actually let me
> > upgrade. Even the portupgrade -f flag won't work and simply building
> > the port manually is also disabled for flagged ports.
> >=20
> > Portaudit seems more a hard lockdown than a warning system. I think
> > either I am not understanding how to manage it yet, or it has a couple
> > issues that have not been hammered out yet. Manpages don't have much
> > detail about this issue. I haven't had a chance to check on the
> > existence of a bug report yet, because I want to hunt down all the
> > docs I can first.
>=20
> no need to fiddle with portaudit, as these can be fed directly to make
> or to portupgrade (with the -m flag).
>=20
> building ports despite vulnerabilities:
> -DDISABLE_VULNERABILITIES
>=20
> building ports despite ignore:
> -DNO_IGNORE
>=20
> to my knowledge, these are not yet documented anywhere but here in the
> mailing lists. i believe that the doc project is already looking to
> integrate this info into the ports manpage (or somewhere else equally
> sensible).
>=20
> on the off chance that they lost sight of this target, i'm adding them
> to cc. (: thank you docs team :)
>=20
> hth.
Definitely. Thanks for the primer.
Lou
--=20
Louis LeBlanc FreeBSD-at-keyslapper-DOT-net
Fully Funded Hobbyist, KeySlapper Extrordinaire :)
Please send off-list email to: leblanc at keyslapper d.t net
Key fingerprint =3D C5E7 4762 F071 CE3B ED51 4FB8 AF85 A2FE 80C8 D9A2
Too much is just enough.
-- Mark Twain, on whiskey
--HlL+5n6rz5pIUxbD
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (FreeBSD)
iD8DBQFCIRz1r4Wi/oDI2aIRAuWyAJ9SCJq9tfq6yOk8gLwxXEwyPnqCrwCfSH2k
cfJRAjtXkQL0zhpTnfda4x0=
=d+rO
-----END PGP SIGNATURE-----
--HlL+5n6rz5pIUxbD--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050227010557.GA76225>