From owner-freebsd-security@FreeBSD.ORG  Thu Oct 30 00:00:01 2014
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 80F1FC8D
 for <freebsd-security@freebsd.org>; Thu, 30 Oct 2014 00:00:01 +0000 (UTC)
Received: from smtp.des.no (smtp.des.no [194.63.250.102])
 by mx1.freebsd.org (Postfix) with ESMTP id 454EFCE9
 for <freebsd-security@freebsd.org>; Thu, 30 Oct 2014 00:00:00 +0000 (UTC)
Received: from nine.des.no (smtp.des.no [194.63.250.102])
 by smtp-int.des.no (Postfix) with ESMTP id 3825BA956
 for <freebsd-security@freebsd.org>; Thu, 30 Oct 2014 00:00:00 +0000 (UTC)
Received: by nine.des.no (Postfix, from userid 1001)
 id D558D1080D; Thu, 30 Oct 2014 01:00:00 +0100 (CET)
From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no>
To: freebsd-security@freebsd.org
Subject: Re: broken portaudit !!
References: <20141029204203.GA1265@itcom245.staff.itd.umich.edu>
Date: Thu, 30 Oct 2014 01:00:00 +0100
In-Reply-To: <20141029204203.GA1265@itcom245.staff.itd.umich.edu> (William
 Bulley's message of "Wed, 29 Oct 2014 16:42:03 -0400")
Message-ID: <86vbn2bf5r.fsf@nine.des.no>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Oct 2014 00:00:01 -0000

William Bulley <web@umich.edu> writes:
> Thinking that I might wish to upgrade my 9.2-STABLE system (to 9.3-STABLE=
),
> I decided to run "# /usr/local/sbin/portaudit -Fda" only to find that som=
eone
> at FreeBSD.org has borked the system:

We didn't "bork the system".  The old pkg_* tools were removed over a
month ago after a six-month deprecation period, at which point portaudit
also stopped working, although it wasn't removed from ports until two
weeks ago.  The new package system has equivalent functionality built-in
with the "audit" command:

des@nine ~% sudo pkg audit -F
Password:
Fetching vuln.xml.bz2: 100%  455 kB 466.3k/s    00:01=20=20=20=20
0 problem(s) in the installed packages found.

> [[Note: portaudit.FreeBSD.org resolves to vuxml.freebsd.org/freebsd/]]

You mean redirects.  They already resolved to the same IP address(es),
which, as far as I know, is a reverse proxy that handles most of the
project's web sites.

DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@des.no