On 2005.06.24 10:58:36 +0100, Dick Davies wrote:>
> I just manually patched up my ruby18 install and tried to tell
> portaudit that the local port is now clean, but it doesn't want to
> know:
>
> root@eris rasputnik # portaudit
> Affected package: ruby-1.8.2_3
> Type of problem: ruby -- arbitrary command execution on XMLRPC server.
> Reference:
<http://www.FreeBSD.org/ports/portaudit/594eb447-e398-11d9-a8bd-000cf18bbe54.html>
>
> ^C
> root@eris rasputnik # cat /usr/local/etc/portaudit.conf
> portaudit_fixed="594eb447-e398-11d9-a8bd-000cf18bbe54"
> root@eris rasputnik #
>
> what did I miss?
It seems like portaudit_fixed only works for "system" entries,
ie. base system vulnerabilities and is ignored package entries.
I think it would be useful to be able to suppress the certain package
vulnerabilities like you are trying to, but I don't think I will get
around to looking at implementing it any time soon.
Of cause the real solution to this particular problem would be for
someone to submit a patch for the port :-).
--
Simon L. Nielsen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url :
http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20050627/b24989ee/attachment.bin