Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 2 Sep 2015 13:01:13 -0700
From:      Kevin Oberman <rkoberman@gmail.com>
To:        Rob Belics <robbelics@gmail.com>
Cc:        Kimmo Paasiala <kpaasial@gmail.com>, FreeBSD Ports ML <freebsd-ports@freebsd.org>
Subject:   Re: lang/go security problem on one but not the other
Message-ID:  <CAN6yY1smqccoRa4tGx-qJRSsq9=3Vr%2BWOuBfS_M_NBW_aY8S8Q@mail.gmail.com>
In-Reply-To: <CAPu-kW-SK6Pv9BM8R-pxJZnwMbqbiQmLDZYh2RY0xd6zZXXFvQ@mail.gmail.com>
References:  <CAPu-kW_jsUvfAW-_FzK-sr_e-PF0n0=3Z%2B%2Bu8vcWUjhp4jm_Ew@mail.gmail.com> <CA%2B7WWScn2F6%2BkG3YctMQ6c_QiF8grh8rfQBMYQ6fGc4WdwxiWA@mail.gmail.com> <CAPu-kW-SK6Pv9BM8R-pxJZnwMbqbiQmLDZYh2RY0xd6zZXXFvQ@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Sep 2, 2015 at 11:30 AM, Rob Belics <robbelics@gmail.com> wrote:

> On Wed, Sep 2, 2015 at 1:12 PM, Kimmo Paasiala <kpaasial@gmail.com> wrote:
>
> > On Wed, Sep 2, 2015 at 8:13 PM, Rob Belics <robbelics@gmail.com> wrote:
> > > I found an updated vuln.xml in /usr/ports/security/vuxml/ dated today.
> I
> > > will copy that over to /var/db/pkg/ but still question why that file
> was
> > > not updated.
> > >
> >
> > It's not updated by portsnap(8) but pkg-updating(8). Portmaster won't
> > update it either. There's a periodic(8) job that should update it
> > daily at /usr/local/etc/periodic/security/410.pkg-audit, controlled by
> > daily_status_security_pkgaudit_enable periodic.conf(5) setting that
> > defaults to YES.
> >
> > -Kimmo
> >
>
> Neither periodic.conf have anything in them but the one system I'm having
> trouble with was upgraded from FreeBSD 9.3, perhaps around the date
> vuln.xml now shows.
>
> periodic.conf is always empty by default. The default configuration is in
/etc/defaults/periodic.conf which, like all files in /etc/defaults, should
never be edited. Any changes from the default configuration go in
/etc/periodic.conf.  Since periodic.conf is empty, the 410.pkg-audit script
should be running and the vuln.xml file should be getting updated. But it
is not.
--
Kevin Oberman, Network Engineer, Retired
E-mail: rkoberman@gmail.com
PGP Fingerprint: D03FB98AFA78E3B78C1694B318AB39EF1B055683



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAN6yY1smqccoRa4tGx-qJRSsq9=3Vr%2BWOuBfS_M_NBW_aY8S8Q>