From owner-freebsd-stable Tue Apr 24 12: 0:57 2001 Delivered-To: freebsd-stable@freebsd.org Received: from obsecurity.dyndns.org (adsl-63-207-60-27.dsl.lsan03.pacbell.net [63.207.60.27]) by hub.freebsd.org (Postfix) with ESMTP id DB61837B423; Tue, 24 Apr 2001 12:00:52 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 5022C66DF6; Tue, 24 Apr 2001 12:00:52 -0700 (PDT) Date: Tue, 24 Apr 2001 12:00:52 -0700 From: Kris Kennaway To: Sean Chittenden Cc: Calvin NG , Sean Chittenden , Jeff Kletsky , freebsd-stable@FreeBSD.ORG, bmah@FreeBSD.ORG Subject: pkg_version perl hacker project Message-ID: <20010424120052.H89156@xor.obsecurity.org> References: <20010423231827.A19530@rand.tgd.net> <20010424142340.E5216@brel.com> <20010424014833.B19530@rand.tgd.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="JI+G0+mN8WmwPnOn" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010424014833.B19530@rand.tgd.net>; from sean@chittenden.org on Tue, Apr 24, 2001 at 01:48:33AM -0700 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --JI+G0+mN8WmwPnOn Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Tue, Apr 24, 2001 at 01:48:33AM -0700, Sean Chittenden wrote: > Man I'm glad I only sunk in a few minutes worth of work. > Thanks! I was looking for something with the word ports in it, but it > didn't dawn on me to look for something with pkg. At anyrate, thanks > again. -sc At least it was a learning experience, right? :-) If you're still in pkg_* perl script hacking mode, we could use a utility which does the following: Parses a set of ports security advisories, extracts a list of vulnerable package versions described in some form (regex/glob expression/etc) and checks for any vulnerable packages installed. We'd need to agree on a standard form to use in the advisories to aid in parsing. This could be done as an extension to pkg_version, since much of the code you will need to manage versions is already there, and it's a logical extension of that program's function. NetBSD have a port called audit-packages which does something similar, but not quite the same as the above (last I checked) -- it might still be useful as a starting point. Interested? Kris --JI+G0+mN8WmwPnOn Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE65c1jWry0BWjoQKURApDAAJ42zS0sAE7uNYe8slwQ3bFEJmxiQwCggGbk TYIWehqp2cNxp1tLyUQ2ohY= =7RGx -----END PGP SIGNATURE----- --JI+G0+mN8WmwPnOn-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message