From owner-freebsd-questions@FreeBSD.ORG Tue Oct 17 01:10:56 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4119B16A40F for ; Tue, 17 Oct 2006 01:10:56 +0000 (UTC) (envelope-from list@museum.rain.com) Received: from ns.museum.rain.com (gw-ipinc.museum.rain.com [65.75.192.74]) by mx1.FreeBSD.org (Postfix) with ESMTP id 63EC943D69 for ; Tue, 17 Oct 2006 01:10:55 +0000 (GMT) (envelope-from list@museum.rain.com) Received: from ns.museum.rain.com (localhost [127.0.0.1]) by ns.museum.rain.com (8.13.6/8.13.6) with ESMTP id k9H1AsKZ010481 (version=TLSv1/SSLv3 cipher=DHE-DSS-AES256-SHA bits=256 verify=NO) for ; Mon, 16 Oct 2006 18:10:54 -0700 (PDT) (envelope-from list@museum.rain.com) Received: (from james@localhost) by ns.museum.rain.com (8.13.6/8.13.6/Submit) id k9H1ArhO010480 for freebsd-questions@freebsd.org; Mon, 16 Oct 2006 18:10:53 -0700 (PDT) (envelope-from list@museum.rain.com) X-Authentication-Warning: ns.museum.rain.com: james set sender to list@museum.rain.com using -f Date: Mon, 16 Oct 2006 18:10:53 -0700 From: James Long To: freebsd-questions@freebsd.org Message-ID: <20061017011053.GA9364@ns.museum.rain.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.12-2006-07-14 X-Greylist: Sender is SPF-compliant, not delayed by milter-greylist-2.0.2 (ns.museum.rain.com [127.0.0.1]); Mon, 16 Oct 2006 18:10:54 -0700 (PDT) Subject: portaudit thinks a vulnerability just disappeared X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Oct 2006 01:10:56 -0000 I have a 4.11-RELEASE system. Prior to doing some minor portupdates, I had this portaudit report: Checking for packages with security vulnerabilities: Affected package: php4-4.4.1_3 Type of problem: php -- open_basedir Race Condition Vulnerability. Reference: Affected package: php4-4.4.1_3 Type of problem: php -- multiple vulnerabilities. Reference: Affected package: ruby-1.8.4_3,1 Type of problem: ruby - multiple vulnerabilities. Reference: Affected package: apache+mod_ssl-1.3.34+2.8.25_2 Type of problem: apache -- mod_rewrite buffer overflow vulnerability. Reference: Affected package: mutt-1.4.2.1_2 Type of problem: mutt -- Remote Buffer Overflow Vulnerability. Reference: 5 problem(s) in your installed packages found. I cvsup'ped my ports tree and portupgraded ruby, mutt and portaudit, but not any of their dependencies (since version number changes were minor). portaudit -aF now thinks: www : 17:59:17 /root# portaudit -aF auditfile.tbz 100% of 38 kB 138 kBps New database installed. Affected package: php4-4.4.1_3 Type of problem: php -- open_basedir Race Condition Vulnerability. Reference: Affected package: php4-4.4.1_3 Type of problem: php -- multiple vulnerabilities. Reference: 2 problem(s) in your installed packages found. Why does portaudit think the apache+mod_ssl problem went away? The installed version is still: apache+mod_ssl-1.3.34+2.8.25_2 The Apache 1.3 webserver with SSL/TLS functionality Thanks! Jim