From owner-freebsd-questions@FreeBSD.ORG Sat Feb 26 18:17:03 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4F22216A4CE; Sat, 26 Feb 2005 18:17:03 +0000 (GMT) Received: from vms048pub.verizon.net (vms048pub.verizon.net [206.46.252.48]) by mx1.FreeBSD.org (Postfix) with ESMTP id C5DBE43D60; Sat, 26 Feb 2005 18:17:02 +0000 (GMT) (envelope-from leblanc@keyslapper.net) Received: from keyslapper.net ([68.163.161.42]) by vms048.mailsrvcs.net (Sun Java System Messaging Server 6.2 HotFix 0.04 (built Dec 24 2004)) with ESMTPA id <0ICJ001DX6SDKQC1@vms048.mailsrvcs.net>; Sat, 26 Feb 2005 12:17:02 -0600 (CST) Received: from localhost (localhost [127.0.0.1]) by keyslapper.net (Postfix) with ESMTP id 73F731152F; Sat, 26 Feb 2005 13:17:01 -0500 (EST) Received: from keyslapper.net ([127.0.0.1]) by localhost (keyslapper.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 48854-08; Sat, 26 Feb 2005 13:17:01 -0500 (EST) Received: by keyslapper.net (Postfix, from userid 1001) id 39A901150F; Sat, 26 Feb 2005 13:17:01 -0500 (EST) Date: Sat, 26 Feb 2005 13:17:01 -0500 From: Louis LeBlanc In-reply-to: <200502261642.04144.georgek@intense-illusions.com> To: freebsd-questions@freebsd.org, questions@freebsd.org Mail-Followup-To: freebsd-questions@freebsd.org, questions@freebsd.org Message-id: <20050226181700.GA1044@keyslapper.net> MIME-version: 1.0 Content-type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary=qDbXVdCdHGoSgWSk Content-disposition: inline X-PGP-Key: http://www.keyslapper.net/~leblanc/leblanc-at-keyslapper-net.asc X-Virus-Scanned: amavisd-new at keyslapper.net References: <200502261642.04144.georgek@intense-illusions.com> User-Agent: Mutt/1.5.8i Subject: Re: Portupgrading - portauditing X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: freebsd-questions@FreeBSD.org List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Feb 2005 18:17:03 -0000 --qDbXVdCdHGoSgWSk Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable I wouldn't bother trying it like straight out if you're trying to get the Firefox update. It still lists firefox as a vulnerability for some reason. I had 1.7.5_1,2, which is the version it listed, but it wouldn't let me upgrade to 1.0.1,1. I even tried listing the vulnerability listed in portaudit.conf, but no change. I finally gave up and deleted the db at /var/db/portaudit/auditfile.tbz and then did the upgrade. It still flags firefox as a vulnerability, even though the problem it references is supposed to be explicitly fixed in the version I have installed (window injection vulnerability). Of course, you can the method described by another poster to get that list, but I haven't been able to get portaudit to actually let me upgrade. Even the portupgrade -f flag won't work and simply building the port manually is also disabled for flagged ports. Portaudit seems more a hard lockdown than a warning system. I think either I am not understanding how to manage it yet, or it has a couple issues that have not been hammered out yet. Manpages don't have much detail about this issue. I haven't had a chance to check on the existence of a bug report yet, because I want to hunt down all the docs I can first. Not that I don't think it's a great security tool! :) Lou On 02/26/05 04:42 PM, George Katsanos sat at the `puter and typed: >=20 >=20 > Hello, >=20 > Your team is ALWAYS very helpful . It's the best support i've ever dealt = with. >=20 > Question : How do i portupgrade , just the pkgs/ports that portaudit -a s= ais=20 > have vulnerabilities,and not the whole thing? >=20 > Thank you >=20 >=20 > G.K. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg" >=20 --=20 Louis LeBlanc FreeBSD-at-keyslapper-DOT-net Fully Funded Hobbyist, KeySlapper Extrordinaire :) Please send off-list email to: leblanc at keyslapper d.t net Key fingerprint =3D C5E7 4762 F071 CE3B ED51 4FB8 AF85 A2FE 80C8 D9A2 Too much is just enough. -- Mark Twain, on whiskey --qDbXVdCdHGoSgWSk Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCIL0cr4Wi/oDI2aIRArazAKCQcm8SRpQzAEtY6I4yXuPyUndEqQCgiP5t 2jD9M6nd+Y9zB6jLsAbMcZc= =mWHN -----END PGP SIGNATURE----- --qDbXVdCdHGoSgWSk--