From owner-freebsd-questions@FreeBSD.ORG Sun Nov 6 22:09:44 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CE24916A41F; Sun, 6 Nov 2005 22:09:44 +0000 (GMT) (envelope-from simon@zaphod.nitro.dk) Received: from zaphod.nitro.dk (zarniwoop.nitro.dk [83.92.207.38]) by mx1.FreeBSD.org (Postfix) with ESMTP id 571D943D46; Sun, 6 Nov 2005 22:09:44 +0000 (GMT) (envelope-from simon@zaphod.nitro.dk) Received: by zaphod.nitro.dk (Postfix, from userid 3000) id 01D65114AF; Sun, 6 Nov 2005 23:09:42 +0100 (CET) Date: Sun, 6 Nov 2005 23:09:42 +0100 From: "Simon L. Nielsen" To: Jimmy Scott Message-ID: <20051106220942.GC904@zaphod.nitro.dk> References: <436E2F88.3010300@t-hosting.hu> <20051106204852.GB25399@ada.devbox.be> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="ctP54qlpMx3WjD+/" Content-Disposition: inline In-Reply-To: <20051106204852.GB25399@ada.devbox.be> User-Agent: Mutt/1.5.11 Cc: freebsd-security@freebsd.org, =?iso-8859-1?Q?K=F6vesd=E1n_G=E1bor?= , freebsd-questions@freebsd.org Subject: Re: What happened with portaudit? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Nov 2005 22:09:44 -0000 --ctP54qlpMx3WjD+/ Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2005.11.06 21:48:52 +0100, Jimmy Scott wrote: > On Sun, Nov 06, 2005 at 05:30:00PM +0100, K=F6vesd=E1n G=E1bor wrote: > > Hello, > >=20 > > One of my machines I got a report about 3 vulnerable packages (php4,=20 > > ruby, openssl) in tomorrows security run output, but in today's securit= y=20 > > run output all of them disappeared, but nobody upgraded or removed the= =20 > > affected packages. I reinstalled portaudit, refreshd its database, but= =20 > > now it reports 0 affected pakages. The pkg_info command lists that thre= e=20 > > packages, so they are still installed. Does anybody suspect what's wron= g? >=20 > I noticed the same, but didn't had the time to look for a possible > answer on that question. It does seem to work for me now. Could people having this problem please check the size of /var/db/portaudit/auditfile.tbz and try to run portaudit -Fa to refetch the database and check again? For reference: [simon@zaphod:/tmp] ls -l /var/db/portaudit/auditfile.tbz -r--r--r-- 1 root wheel 31762 6 Nov 22:40 /var/db/portaudit/auditfile.t= bz There have been one previous report where a problem with the portaudit database build resulted in an incomplete auditfile which was then fixed after the next portaudit database rebuild. --=20 Simon L. Nielsen FreeBSD Security Team --ctP54qlpMx3WjD+/ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFDbn8mh9pcDSc1mlERAl5IAKCQ77kHqIeqJYnB1Uyr4KwvX5VtGgCffJ18 R9GPir8f9fy6YT5QitjgLcU= =oN+t -----END PGP SIGNATURE----- --ctP54qlpMx3WjD+/--