From owner-freebsd-questions@FreeBSD.ORG Fri Dec 10 19:54:07 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B9FC116A4CE for ; Fri, 10 Dec 2004 19:54:07 +0000 (GMT) Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.193]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6204F43D62 for ; Fri, 10 Dec 2004 19:54:07 +0000 (GMT) (envelope-from joshua.lokken@gmail.com) Received: by wproxy.gmail.com with SMTP id 55so70655wri for ; Fri, 10 Dec 2004 11:54:06 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=gMBFu/ZPzczdQxhgFwHADQryInnM3dEn2HoI8uhZ9/NTyixPxghZDNT3arG/Lu5PShwTscnPOE796KsOFQmRtkV7ANO6wEcH8PvJU4XG04Lx60ZU9uj/BcQ+AxP/XpPqEHPG9kVCjXbjzTv2uyfjWAvqKuwUKwljkwbA3AbXMY8= Received: by 10.54.47.62 with SMTP id u62mr200225wru; Fri, 10 Dec 2004 11:54:06 -0800 (PST) Received: by 10.54.11.34 with HTTP; Fri, 10 Dec 2004 11:54:06 -0800 (PST) Message-ID: Date: Fri, 10 Dec 2004 13:54:06 -0600 From: Joshua Lokken To: "Thomas S. Crum - AAA Web Solution, Inc." In-Reply-To: <005601c4dec3$3db30d30$0200a8c0@wolf> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit References: <005601c4dec3$3db30d30$0200a8c0@wolf> cc: FreeBSD Question Subject: Re: portaudit question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Joshua Lokken List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2004 19:54:07 -0000 On Fri, 10 Dec 2004 09:19:15 -0500, Thomas S. Crum - AAA Web Solution, Inc. wrote: > Is there something that I am not updating that portaudit would like to see > done or is this just a generic warning. Either way, please provide > examples of what I might due to have it stop complaining. [snip] > Type of problem: multiple vulnerabilities in the cvs server code. > Reference: > 7d.html> > Note: To disable this check add the uuid to `portaudit_fixed' in > /usr/local/etc/portaudit.conf > 0 problem(s) in your installed packages found. I haven't used portaudit, but it appears from the message that you can safely follow the instructions, which are to add the uuid (I assume that means the long id number on the url) to the 'portaudit-fixed' variable in /usr/local/etc/portaudit.conf ;) > # Here's what I did next. > > man portaudit > no help > pkg_delete cvsup-without-gui-16.1h > cd /usr/ports/net/cvsup-without-gui > make install clean > /usr/local/sbin/portaudit -Fda > and get same output as above. Which wouldn't help; there does not appear to be a problem with cvsup your system, so reinstalling that wouldn't effect portaudit. I suspect you were correct, that it's a 'generic' warning, and can be worked around. HTH, -- Joshua Lokken Open Source Advocate