From owner-freebsd-questions@FreeBSD.ORG Sun Feb 27 01:05:59 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AB3FB16A4CE for ; Sun, 27 Feb 2005 01:05:59 +0000 (GMT) Received: from vms042pub.verizon.net (vms042pub.verizon.net [206.46.252.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4369C43D54 for ; Sun, 27 Feb 2005 01:05:59 +0000 (GMT) (envelope-from leblanc@keyslapper.net) Received: from keyslapper.net ([68.163.161.42])0.04 <0ICJ0058JPPYCSA1@vms042.mailsrvcs.net> for freebsd-questions@freebsd.org; Sat, 26 Feb 2005 19:05:59 -0600 (CST) Received: from localhost (localhost [127.0.0.1]) by keyslapper.net (Postfix) with ESMTP id 35BFC1150F for ; Sat, 26 Feb 2005 20:05:58 -0500 (EST) Received: from keyslapper.net ([127.0.0.1]) by localhost (keyslapper.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 71399-02 for ; Sat, 26 Feb 2005 20:05:58 -0500 (EST) Received: by keyslapper.net (Postfix, from userid 1001) id 012EA11484; Sat, 26 Feb 2005 20:05:57 -0500 (EST) Date: Sat, 26 Feb 2005 20:05:57 -0500 From: Louis LeBlanc In-reply-to: <20050226152514.1a3f9676@localhost> To: freebsd-questions@freebsd.org Mail-Followup-To: freebsd-questions@freebsd.org Message-id: <20050227010557.GA76225@keyslapper.net> MIME-version: 1.0 Content-type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary=HlL+5n6rz5pIUxbD Content-disposition: inline X-PGP-Key: http://www.keyslapper.net/~leblanc/leblanc-at-keyslapper-net.asc X-Virus-Scanned: amavisd-new at keyslapper.net References: <200502261642.04144.georgek@intense-illusions.com> <20050226181700.GA1044@keyslapper.net> <20050226152514.1a3f9676@localhost> User-Agent: Mutt/1.5.8i Subject: Re: Portupgrading - portauditing X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: freebsd-questions@FreeBSD.org List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Feb 2005 01:05:59 -0000 --HlL+5n6rz5pIUxbD Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 02/26/05 03:25 PM, epilogue sat at the `puter and typed: >=20 > > I finally gave up and deleted the db at > > /var/db/portaudit/auditfile.tbz and then did the upgrade. > >=20 > > It still flags firefox as a vulnerability, even though the problem it > > references is supposed to be explicitly fixed in the version I have > > installed (window injection vulnerability). > >=20 > > Of course, you can the method described by another poster to get that > > list, but I haven't been able to get portaudit to actually let me > > upgrade. Even the portupgrade -f flag won't work and simply building > > the port manually is also disabled for flagged ports. > >=20 > > Portaudit seems more a hard lockdown than a warning system. I think > > either I am not understanding how to manage it yet, or it has a couple > > issues that have not been hammered out yet. Manpages don't have much > > detail about this issue. I haven't had a chance to check on the > > existence of a bug report yet, because I want to hunt down all the > > docs I can first. >=20 > no need to fiddle with portaudit, as these can be fed directly to make > or to portupgrade (with the -m flag). >=20 > building ports despite vulnerabilities: > -DDISABLE_VULNERABILITIES >=20 > building ports despite ignore: > -DNO_IGNORE >=20 > to my knowledge, these are not yet documented anywhere but here in the > mailing lists. i believe that the doc project is already looking to > integrate this info into the ports manpage (or somewhere else equally > sensible). >=20 > on the off chance that they lost sight of this target, i'm adding them > to cc. (: thank you docs team :) >=20 > hth. Definitely. Thanks for the primer. Lou --=20 Louis LeBlanc FreeBSD-at-keyslapper-DOT-net Fully Funded Hobbyist, KeySlapper Extrordinaire :) Please send off-list email to: leblanc at keyslapper d.t net Key fingerprint =3D C5E7 4762 F071 CE3B ED51 4FB8 AF85 A2FE 80C8 D9A2 Too much is just enough. -- Mark Twain, on whiskey --HlL+5n6rz5pIUxbD Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCIRz1r4Wi/oDI2aIRAuWyAJ9SCJq9tfq6yOk8gLwxXEwyPnqCrwCfSH2k cfJRAjtXkQL0zhpTnfda4x0= =d+rO -----END PGP SIGNATURE----- --HlL+5n6rz5pIUxbD--