From owner-freebsd-questions@FreeBSD.ORG Wed Sep 28 20:57:14 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 748C016A41F for ; Wed, 28 Sep 2005 20:57:14 +0000 (GMT) (envelope-from freebsduser@comcast.net) Received: from sccrmhc11.comcast.net (sccrmhc11.comcast.net [63.240.76.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0CB9D43D48 for ; Wed, 28 Sep 2005 20:57:13 +0000 (GMT) (envelope-from freebsduser@comcast.net) Received: from opteron (c-67-171-212-242.hsd1.or.comcast.net[67.171.212.242]) by comcast.net (sccrmhc11) with SMTP id <2005092820571201100lr3jae>; Wed, 28 Sep 2005 20:57:12 +0000 Message-ID: <006901c5c46f$33daabf0$0c64a8c0@opteron> From: "K Anderson" To: "Wright Jim Contractor 14MDSS/SGSI" , References: <200509282011.j8SKBKsQ004138@blaze.columbus.af.mil> Date: Wed, 28 Sep 2005 13:57:12 -0700 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2180 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 X-RFC2646: Format=Flowed; Original Cc: Subject: Re: portaudit question..... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Sep 2005 20:57:14 -0000 ----- Original Message ----- From: "Wright Jim Contractor 14MDSS/SGSI" To: Sent: Wednesday, September 28, 2005 1:07 PM Subject: portaudit question..... > To keep the story short: > > > > I'm using version FreeBSD 5.4-RELEASE #6: Thu Aug 25 09:12:43 CDT 2005; > pasted from the dmesg.boot file. > > To the best of my knowledge, I'm using CVSup, pkgdb -F, and portupgrade > commands correctly. > > But, I'm pretty sure I'm still overlooking and/or leaving something out. > > > > I just discovered the portaudit command and ran it against my system. > > It comes up with 15 items that need to be upgraded or deinstalled. > > For this question I'll use Mozilla. > > The version it reports is Mozilla-1.7.7,2. I'll take a stab at this one. Portaudit is a tool that takes your installed ports then goes out and finds any known vulnerabilities (man portaudit says -- portaudit -- system to check installed packages for known vulnerabilities.) In your example Mozilla. There are times that a vulnerable port does not have an update to it (pkg_version | grep "<") so all the updating you do may or may not make a difference. Keep your ports tree up to date and check with pkg_version | grep "<" to see if there are changes. One other thing to note, they give you a URL to the issue they are talking about so you could potentially find more information that may guide you to getting an update or what's involved in the issue. Hope that helps.