From owner-freebsd-questions@FreeBSD.ORG Fri May 20 12:43:32 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2C8AC16A4CE for ; Fri, 20 May 2005 12:43:32 +0000 (GMT) Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.197]) by mx1.FreeBSD.org (Postfix) with ESMTP id 79DB343D76 for ; Fri, 20 May 2005 12:43:30 +0000 (GMT) (envelope-from chrcoluk@gmail.com) Received: by rproxy.gmail.com with SMTP id a41so458012rng for ; Fri, 20 May 2005 05:43:30 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=ZXGFE3zY8im9O8rJUATcftgqjMEpG49c4CSO+VTfEutyqNaxf3YGOCKXS3Gl8w/bkZ/9lDXaXtO0r4zM4DlSD33rOG8eg/p52P5gP6OqjC4SmnlC6fje1QUAB8cBglLqYGUOGGdRuM805P7VzrkP697Cf6PWWyHWinvqxI+g/+A= Received: by 10.38.9.14 with SMTP id 14mr631813rni; Fri, 20 May 2005 05:43:30 -0700 (PDT) Received: by 10.39.1.30 with HTTP; Fri, 20 May 2005 05:43:29 -0700 (PDT) Message-ID: <3aaaa3a05052005436414e0a3@mail.gmail.com> Date: Fri, 20 May 2005 13:43:29 +0100 From: Chris To: Tony Shadwick In-Reply-To: <20050517144200.T26182@mail.goinet.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <20050517144200.T26182@mail.goinet.com> cc: freebsd-questions@freebsd.org Subject: Re: portaudit is being stubborn X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Chris List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 May 2005 12:43:32 -0000 This annoys me as well, I expect portaudit to alert me when an update is available to fix an exploit, but wget has no update so what is the point of the warning, there also seems to be no way to shut it up. Chris On 5/17/05, Tony Shadwick wrote: > This is driving me nuts. I just downloaded the latest portaudit database > and ran it on my system: >=20 > mx02# portaudit -ad > Database created: Tue May 17 13:40:02 CDT 2005 > Affected package: wget-1.8.2_7 > Type of problem: wget -- multiple vulnerabilities. > Reference: > >=20 > 1 problem(s) in your installed packages found. >=20 > You are advised to update or deinstall the affected package(s) > immediately. >=20 >=20 > Okay....so, that vulnerability isn't of much concern to me, but just to b= e > sure I'm current: >=20 > mx02# portversion ftp/wget > wget =3D >=20 > So life is good there, so I got back and add this to my > /usr/local/etc/portaudit.conf file: >=20 > # Make portaudit ignore wget vulnerability (no shell users here anyway) > portaudit_fixed=3D"06f142ff-4df3-11d9-a9e7-0001020eed82" >=20 >=20 > I then re-ran portaudit....it gives me the same output. :( I want to hav= e > this cron'ed where I only get ouput when something that actually concerns > me comes up. Is the portaudit_fixed variable no longer supported? >=20 > Tony > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg" >