Skip site navigation (1)Skip section navigation (2) 
Date:      Wed,  6 Sep 2006 19:56:56 +0200 (CEST)
From:      Gabor Kovesdan <gabor@FreeBSD.org>
To:        FreeBSD-gnats-submit@FreeBSD.org
Cc:        Gabor Kovesdan <gabor@FreeBSD.org>
Subject:   ports/102946: [patch] security/portaudit
Message-ID:  <20060906175656.8404B99C87C@server.t-hosting.hu>
Resent-Message-ID: <200609061800.k86I0S8p019241@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         102946
>Category:       ports
>Synopsis:       [patch] security/portaudit
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Wed Sep 06 18:00:28 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator:     Gabor Kovesdan
>Release:        FreeBSD 6.1-RELEASE-p3 amd64
>Organization:
n/a
>Environment:
System: FreeBSD server.t-hosting.hu 6.1-RELEASE-p3 FreeBSD 6.1-RELEASE-p3 #0: Sat Aug 19 11:08:15 CEST 2006 root@server.t-hosting.hu:/usr/src/sys/amd64/compile/FREEBSD amd64

>Description:

The periodic script of portaudit looks for the vulnerable packages daily, but doesn't ever
fetches the new vulnerability database.  The end-user might be deceived everything is done
automatically, but the check itself is not very useful without updating the database regularly.
Currently, this has to be done manually or from cron.  My patch adds an another block to
portaudit's periodic script to automatically update the database as well, before looking for
vulnerable packgages, and bumps PORTREVISION.

>How-To-Repeat:
>Fix:

--- portaudit.diff begins here ---
Index: Makefile
===================================================================
RCS file: /usr/cvs/ports/security/portaudit/Makefile,v
retrieving revision 1.21
diff -u -r1.21 Makefile
--- Makefile	16 Apr 2006 13:32:27 -0000	1.21
+++ Makefile	6 Sep 2006 17:50:25 -0000
@@ -7,6 +7,7 @@
 
 PORTNAME=	portaudit
 PORTVERSION=	0.5.11
+PORTREVISION=	1
 CATEGORIES=	security
 DISTFILES=
 
Index: files/portaudit.sh
===================================================================
RCS file: /usr/cvs/ports/security/portaudit/files/portaudit.sh,v
retrieving revision 1.3
diff -u -r1.3 portaudit.sh
--- files/portaudit.sh	1 Jul 2004 10:59:48 -0000	1.3
+++ files/portaudit.sh	6 Sep 2006 17:47:59 -0000
@@ -39,6 +39,18 @@
 fi
 
 rc=0
+
+case "${daily_status_security_portaudit_update_enable:-YES}" in
+	[Nn][Oo])
+		;;
+	*)
+		echo
+		echo "Updating the package vulnerability database:"
+		echo
+		%%PREFIX%%/sbin/portaudit -F
+		;;
+esac
+
 case "${daily_status_security_portaudit_enable:-YES}" in
 	[Nn][Oo])
 		;;
--- portaudit.diff ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060906175656.8404B99C87C>