From owner-freebsd-security@FreeBSD.ORG  Wed Sep  7 11:34:38 2005
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A964616A41F
	for <freebsd-security@freebsd.org>;
	Wed,  7 Sep 2005 11:34:38 +0000 (GMT)
	(envelope-from simon@eddie.nitro.dk)
Received: from eddie.nitro.dk (port324.ds1-khk.adsl.cybercity.dk
	[212.242.113.79])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 3AE8143D68
	for <freebsd-security@freebsd.org>;
	Wed,  7 Sep 2005 11:34:37 +0000 (GMT)
	(envelope-from simon@eddie.nitro.dk)
Received: by eddie.nitro.dk (Postfix, from userid 1000)
	id 3ED8511A31A; Wed,  7 Sep 2005 13:34:36 +0200 (CEST)
Date: Wed, 7 Sep 2005 13:34:36 +0200
From: "Simon L. Nielsen" <simon@FreeBSD.org>
To: Dmitry Pryanishnikov <dmitry@atlantis.dp.ua>
Message-ID: <20050907113435.GC68197@eddie.nitro.dk>
References: <20050907102833.J79716@atlantis.atlantis.dp.ua>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="s/l3CgOIzMHHjg/5"
Content-Disposition: inline
In-Reply-To: <20050907102833.J79716@atlantis.atlantis.dp.ua>
User-Agent: Mutt/1.5.10i
Cc: freebsd-security@freebsd.org
Subject: Re: Problem with portaudit's database
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Sep 2005 11:34:38 -0000


--s/l3CgOIzMHHjg/5
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On 2005.09.07 10:35:21 +0300, Dmitry Pryanishnikov wrote:

>  Yesterday portaudit notified me about squid's vulnerability, but today it
> didn't (despite I haven't upgraded squid). This has attracted my attentio=
n,
> so I've compared yesterday's and today's auditfile.tbz:
>=20
> -r--r--r--  1 root  wheel   29875 Sep  6 15:40 auditfile.tbz
>=20
> vs.
>=20
> -r--r--r--  1 root  wheel    5685 Sep  7 10:11 auditfile.tbz
>=20
> I don't see commits to vuln.xml during this time, so I suspect auditfile
> generation error. Most known vulnerabilities are now unlisted. Please che=
ck=20
> this issue.

Hmm, I just ran portaudit -F and got:

-r--r--r--  1 root  wheel  29857  7 Sep 13:10 auditfile.tbz

Could you try forcing a new download (portaudit -F) to see if it fixes
the problem?

--=20
Simon L. Nielsen
FreeBSD Security Team

--s/l3CgOIzMHHjg/5
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)

iD8DBQFDHtBLh9pcDSc1mlERAmGLAKCz2EHQ6nMBnY3RamCHxsKBOx1BUgCgmEz5
N79AYjKKwhVGFHD/ZjF9/fU=
=t+XS
-----END PGP SIGNATURE-----

--s/l3CgOIzMHHjg/5--