Date: Sun, 11 Mar 2012 21:30:49 +0000 (UTC) From: "Simon L. Nielsen" <simon@FreeBSD.org> To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/Mk bsd.port.mk Message-ID: <201203112130.q2BLUn1c074333@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
simon 2012-03-11 21:30:49 UTC FreeBSD ports repository Modified files: Mk bsd.port.mk Log: Make bsd.port.mk not parse port audit's auditfile directly to check for vulnerabilities, but call portaudit instead. This fixes a remote command execution vulnerability for users who have portaudit installed. While changing the code anyway, remove the annoying and very verbose "Vulnerability check disabled, database not found" warning. Security: Remote code execution Security: http://vuxml.FreeBSD.org/6d329b64-6bbb-11e1-9166-001e4f0fb9b1.html Approved by: portmgr Feature safe: yes (or at least approved) With hat: so Revision Changes Path 1.707 +6 -15 ports/Mk/bsd.port.mk
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201203112130.q2BLUn1c074333>