From owner-svn-ports-all@freebsd.org Tue Oct 17 13:38:35 2017 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BCAEAE3AC45; Tue, 17 Oct 2017 13:38:35 +0000 (UTC) (envelope-from se@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 973496D463; Tue, 17 Oct 2017 13:38:35 +0000 (UTC) (envelope-from se@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v9HDcYvZ052311; Tue, 17 Oct 2017 13:38:34 GMT (envelope-from se@FreeBSD.org) Received: (from se@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id v9HDcYAj052309; Tue, 17 Oct 2017 13:38:34 GMT (envelope-from se@FreeBSD.org) Message-Id: <201710171338.v9HDcYAj052309@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: se set sender to se@FreeBSD.org using -f From: Stefan Esser Date: Tue, 17 Oct 2017 13:38:34 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r452276 - in head/security/cvechecker: . files X-SVN-Group: ports-head X-SVN-Commit-Author: se X-SVN-Commit-Paths: in head/security/cvechecker: . files X-SVN-Commit-Revision: 452276 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Oct 2017 13:38:35 -0000 Author: se Date: Tue Oct 17 13:38:34 2017 New Revision: 452276 URL: https://svnweb.freebsd.org/changeset/ports/452276 Log: Use "fetch" instead of "wget" to download CVE information. Reported by: Lars Engels (lars.engels at 0x20.net) Added: head/security/cvechecker/files/patch-scripts_pullcves (contents, props changed) Modified: head/security/cvechecker/Makefile Modified: head/security/cvechecker/Makefile ============================================================================== --- head/security/cvechecker/Makefile Tue Oct 17 13:09:18 2017 (r452275) +++ head/security/cvechecker/Makefile Tue Oct 17 13:38:34 2017 (r452276) @@ -4,6 +4,7 @@ PORTNAME= cvechecker DISTVERSIONPREFIX= v DISTVERSION= 3.8 +PORTREVISION= 1 CATEGORIES= security MAINTAINER= se@FreeBSD.org Added: head/security/cvechecker/files/patch-scripts_pullcves ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/cvechecker/files/patch-scripts_pullcves Tue Oct 17 13:38:34 2017 (r452276) @@ -0,0 +1,48 @@ +--- scripts/pullcves.orig 2017-03-27 16:42:38 UTC ++++ scripts/pullcves +@@ -44,17 +44,11 @@ then + exit 1; + fi + +-wget -V > /dev/null 2>&1; +-if [ $? -ne 0 ]; +-then +- echo "This script requires wget to be available on the system and reachable in a directory mentioned in the PATH variable." +- exit 1; +-fi + + DATADIR=$(awk -F'=' '/^datadir/ {print $2}' ${CONFFILE} | awk -F'"' '{print $2}'); + CVECACHE=$(awk -F'=' '/^cvecache/ {print $2}' ${CONFFILE} | awk -F'"' '{print $2}'); + DLLOCATION=$(awk -F'=' '/^version_url/ {print $2}' ${CONFFILE} | awk -F'"' '{print $2}'); +-WGETCMD="wget --no-check-certificate"; ++FETCHCMD="fetch -q" + DLCVE=0; + DLDAT=0; + COMMAND=$1; +@@ -68,7 +69,7 @@ do + if [ ! -f ${CVECACHE}/nvdcve-2.0-20${YEAR}.xml ]; + then + printf "Downloading nvdcve-2.0-20${YEAR}.xml... "; +- ${WGETCMD} -q -O ${CVECACHE}/nvdcve-2.0-20${YEAR}.xml.gz http://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-20${YEAR}.xml.gz; ++ ${FETCHCMD} -o ${CVECACHE}/nvdcve-2.0-20${YEAR}.xml.gz http://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-20${YEAR}.xml.gz; + gunzip -c ${CVECACHE}/nvdcve-2.0-20${YEAR}.xml.gz > ${CVECACHE}/nvdcve-2.0-20${YEAR}.xml && rm ${CVECACHE}/nvdcve-2.0-20${YEAR}.xml.gz; + printf "ok\nConverting nvdcve-2.0-20${YEAR}.xml to CSV... "; + xsltproc ${DATADIR}/nvdcve2simple.xsl ${CVECACHE}/nvdcve-2.0-20${YEAR}.xml > ${CVECACHE}/nvdcve-2.0-20${YEAR}.csv; +@@ -85,7 +86,7 @@ else + CKSUM=$(cksum nvdcve-2.0-Modified.xml 2>/dev/null); + fi + printf "Downloading nvdcve-2.0-Modified.xml... "; +-${WGETCMD} -q -N http://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-Modified.xml.gz; ++${FETCHCMD} -i nvdcve-2.0-Modified.xml http://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-Modified.xml.gz; + gunzip -c nvdcve-2.0-Modified.xml.gz > nvdcve-2.0-Modified.xml && rm nvdcve-2.0-Modified.xml.gz; + CKSUM2=$(cksum nvdcve-2.0-Modified.xml 2>/dev/null); + if [ "${CKSUM2}" != "${CKSUM}" ] || [ -f nvdcve-2.0-Modified.xml.1 ]; +@@ -113,7 +114,7 @@ fi + + CKSUM=$(cksum versions.dat 2>/dev/null); + printf "Downloading versions.dat... "; +-${WGETCMD} -q -N ${DLLOCATION}; ++${FETCHCMD} -i versions.dat ${DLLOCATION}; + CKSUM2=$(cksum versions.dat 2>/dev/null); + if [ "${CKSUM}" != "${CKSUM2}" ] || [ -f versions.dat.1 ]; + then