From owner-freebsd-questions@FreeBSD.ORG Sat Dec 11 02:02:16 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DA7B316A4CE for ; Sat, 11 Dec 2004 02:02:16 +0000 (GMT) Received: from britersen.co.uk (britersen.co.uk [212.159.80.154]) by mx1.FreeBSD.org (Postfix) with ESMTP id BD5B943D66 for ; Sat, 11 Dec 2004 02:02:14 +0000 (GMT) (envelope-from petersen@britersen.co.uk) Received: from petersen (petersen@petersen.petenet.britersen.co.uk [192.168.1.1]) (authenticated bits=0) by britersen.co.uk (8.13.1/8.13.1) with ESMTP id iBB21kYM024486 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NO); Sat, 11 Dec 2004 02:01:48 GMT (envelope-from petersen@britersen.co.uk) Message-Id: <200412110201.iBB21kYM024486@britersen.co.uk> From: "Petersen" To: "'Thomas S. Crum - AAA Web Solution, Inc.'" Date: Sat, 11 Dec 2004 02:01:47 -0000 MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.6353 In-Reply-To: <005601c4dec3$3db30d30$0200a8c0@wolf> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441 Thread-Index: AcTew0TzZhg4qIeKTUGlKOSOh62DTwAYN0cw X-Spam-Status: No, hits=0.0 required=5.0 tests=none autolearn=no version=2.64 X-Spam-Checker-Version: SpamAssassin 2.64 (2004-01-11) on britersen.co.uk cc: 'FreeBSD Question' Subject: RE: portaudit question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Dec 2004 02:02:17 -0000 Thomas S. Crum wrote: > Is there something that I am not updating that portaudit > would like to see > done or is this just a generic warning. Either way, please provide > examples of what I might due to have it stop complaining. I > can find no > examples googling the portaudit "note" below. > > # Here's what I did. > > > # Here's what I get. > > beta# /usr/local/sbin/portaudit -Fda > auditfile.tbz 100% of 15 kB 33 > kBps New database installed. > Database created: Fri Dec 10 08:40:32 EST 2004 > Affected package: FreeBSD-491000 ^^^^^^^^^^^^^^ Portaudit is complaining that FreeBSD-491000 itself has a vulnerability. Specifically within the cvs code as it tells you. > Type of problem: multiple vulnerabilities in the cvs server code. > Reference: > 0-000347a4fa 7d.html> Note: To disable this check add the uuid to > `portaudit_fixed' in /usr/local/etc/portaudit.conf 0 problem(s) in > your installed packages found. > As you can patch the system cvs without bumping the kernel version number, portupgrade tells you that you can disable the check for this uuid in portaudit.conf. This of course assumes you actually have patched the cvs code in the base system (see the multiple security advisories issued on the cvs vulnerabilities for details on how to patch them manually, or upgrade to a more recent version/patchlevel of the 4.x tree). Petersen