Hello! Yesterday portaudit notified me about squid's vulnerability, but today it didn't (despite I haven't upgraded squid). This has attracted my attention, so I've compared yesterday's and today's auditfile.tbz: -r--r--r-- 1 root wheel 29875 Sep 6 15:40 auditfile.tbz vs. -r--r--r-- 1 root wheel 5685 Sep 7 10:11 auditfile.tbz I don't see commits to vuln.xml during this time, so I suspect auditfile generation error. Most known vulnerabilities are now unlisted. Please check this issue. Sincerely, Dmitry -- Atlantis ISP, System Administrator e-mail: dmitry@atlantis.dp.ua nic-hdl: LYNX-RIPE
On 2005.09.07 10:35:21 +0300, Dmitry Pryanishnikov wrote:> Yesterday portaudit notified me about squid's vulnerability, but today it > didn't (despite I haven't upgraded squid). This has attracted my attention, > so I've compared yesterday's and today's auditfile.tbz: > > -r--r--r-- 1 root wheel 29875 Sep 6 15:40 auditfile.tbz > > vs. > > -r--r--r-- 1 root wheel 5685 Sep 7 10:11 auditfile.tbz > > I don't see commits to vuln.xml during this time, so I suspect auditfile > generation error. Most known vulnerabilities are now unlisted. Please check > this issue.Hmm, I just ran portaudit -F and got: -r--r--r-- 1 root wheel 29857 7 Sep 13:10 auditfile.tbz Could you try forcing a new download (portaudit -F) to see if it fixes the problem? -- Simon L. Nielsen FreeBSD Security Team -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20050907/3d830809/attachment.bin
> -----Original Message----- > From: owner-freebsd-security@freebsd.org > [mailto:owner-freebsd-security@freebsd.org] On Behalf Of > Simon L. Nielsen > Sent: Wednesday, September 07, 2005 7:35 AM > To: Dmitry Pryanishnikov > Cc: freebsd-security@freebsd.org > Subject: Re: Problem with portaudit's database > On 2005.09.07 10:35:21 +0300, Dmitry Pryanishnikov wrote: > > > Yesterday portaudit notified me about squid's vulnerability, but > > today it didn't (despite I haven't upgraded squid). This > has attracted > > my attention, so I've compared yesterday's and today's > auditfile.tbz: > > > > -r--r--r-- 1 root wheel 29875 Sep 6 15:40 auditfile.tbz > > > > vs. > > > > -r--r--r-- 1 root wheel 5685 Sep 7 10:11 auditfile.tbzI had a similar problem (which was fixed with portaudit -F) so, I assume that for a short time, the audit db was corrupted.