similar to: portaudit

Displaying 20 results from an estimated 1000 matches similar to: "portaudit"

2004 Mar 29
1
cvs commit: ports/multimedia/xine Makefile
Jacques A. Vidrine wrote: > On Mon, Mar 29, 2004 at 08:14:29PM +0200, Oliver Eikemeier wrote: > >>Jacques A. Vidrine wrote: >> >>>On Sun, Mar 28, 2004 at 03:44:06PM -0800, Oliver Eikemeier wrote: >>> >>>>eik 2004/03/28 15:44:06 PST >>>> >>>>FreeBSD ports repository >>>> >>>>Modified files:
2004 May 03
1
Bad VuXML check on PNG port ?
Hello, The current png-1.2.5_4 port has no more vulnerability. It has been corrected by ache@FreeBSD.org yesterday. But when i try to install the updated port to remplace the vulnerable one this is what i am told : # make install ===> png-1.2.5_4 has known vulnerabilities: >> libpng denial-of-service. Reference:
2007 Dec 18
1
Portaudit database truncated?
December 18, 2007 Dear Madam, dear Sir, the portaudit database is very small: >portaudit -F auditfile.tbz 100% of 5688 B 9737 Bps New database installed. > In addition, portaudit does not complain about what it did complain a few days ago. It seems to me that the database is truncated. By the way: How do I post to a mailing list without being later spammed by the
2005 Aug 28
1
Arcoread7 secutiry vulnerability
Hi! cc'd to freebsd-security@ as somebody there may correct me, cc'd to secteam@ as maintaner of security/portaudit. On Sun, 28 Aug 2005 10:14:21 +0930 Ian Moore wrote: > I've just updated my acroread port to 7.0.1 & was surprised when portaudit > still listed it as a vulnerability. I think it is portaudit problem. > According to
2005 Jul 30
1
ports/84312: security/portaudit doesn't report about all security bugs
Old Synopsis: portaudit doesn't report about all security bugs New Synopsis: security/portaudit doesn't report about all security bugs Responsible-Changed-From-To: freebsd-ports-bugs->freebsd-security Responsible-Changed-By: linimon Responsible-Changed-When: Fri Jul 29 21:37:38 GMT 2005 Responsible-Changed-Why: Over to maintainer(s). http://www.freebsd.org/cgi/query-pr.cgi?pr=84312
2004 Dec 27
4
Found security expliot in port phpBB 2.0.8 FreeBSD4.10
I think, there is a neat exploit in the phpbb2.0.8 because I found my home page defaced one dark morning. The patch for phpBB is here. http://www.phpbb.com/downloads.php The excerpt of the log is attached. I believe the link to the described exploit is here. http://secunia.com/advisories/13239 The defacement braggen page is here filter to show the exploited FreeBSD machines that aneurysm.inc
2004 Jun 13
0
FYI: new port security/portaudit-db
Dear porters and port users, I've added a new port security/portaudit-db that complements security/portaudit for users that have a current ports tree and want to generate the portaudit database themselves, possibly distributing it over their local network. This will save you the traffic downloading information that is already on your local machine and avoid the lag that is currently
2005 Nov 06
2
What happened with portaudit?
Hello, One of my machines I got a report about 3 vulnerable packages (php4, ruby, openssl) in tomorrows security run output, but in today's security run output all of them disappeared, but nobody upgraded or removed the affected packages. I reinstalled portaudit, refreshd its database, but now it reports 0 affected pakages. The pkg_info command lists that three packages, so they are
2005 Sep 07
2
Problem with portaudit's database
Hello! Yesterday portaudit notified me about squid's vulnerability, but today it didn't (despite I haven't upgraded squid). This has attracted my attention, so I've compared yesterday's and today's auditfile.tbz: -r--r--r-- 1 root wheel 29875 Sep 6 15:40 auditfile.tbz vs. -r--r--r-- 1 root wheel 5685 Sep 7 10:11 auditfile.tbz I don't see commits to
2004 May 16
1
Way to ignore portaudit results?
Hello, The mysql40-client port currently reports a security problem when I try to install it: neely:/usr/ports/databases/mysql40-client$ make ===> mysql-client-4.0.18_1 has known vulnerabilities: >> MySQL insecure temporary file creation (mysqlbug). Reference: <http://people.freebsd.org/~eik/portaudit/2e129846-8fbb-11d8-8b29-0020ed76ef5a.html> >> Please update your ports
2004 Sep 13
2
Kerberos 5 Security Alert?
Why wasn't there a FreeBSD security alert for Kerberos 5? Does FreeBSD use the MIT implementation? I got an email from CERT about this. See the attached message below. -- Daniel Rudy >From - Sat Sep 04 03:22:15 2004 X-UIDL: a8f31551eb03ca144862bddc8ccce266 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 X-Apparently-To: dcrudy@pacbell.net via 206.190.37.79; Fri, 03 Sep 2004
2006 Jul 28
2
Ruby vulnerability?
Hi, FYI, Red Hat released an advisory today about a vulnerability in Ruby. So far it doesn't appear in the VuXML, but am I correct in presuming it will soon? https://rhn.redhat.com/errata/RHSA-2006-0604.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3694 cheers, -- Joel Hatton -- Infrastructure Manager | Hotline: +61 7 3365 4417 AusCERT - Australia's national
2004 Apr 19
0
VuXML and FreeBSD
Hello All, I'd like to bring to your attention the Vulnerabilities and eXposures Markup Language (VuXML) and associated resources. VuXML is a markup language designed for the documentation of security issues within a single package collection. Since about February of this year, we have been diligently documenting vulnerabilities in FreeBSD and the FreeBSD Ports Collection using VuXML. The
2006 Apr 10
1
[RFC] Ideas and Questions in security updates ( portaudit, freebsd-update)
Hi all, I use FreeBSD for severals years and this Project now have a possibility the full security update (src) with freebsd-update, is really great for Release users but is break for Stable user. Ok !!! Exist a possibility for apply manual patch and compile issue, but for me problem existe in fix kernel issue in stable branch because is require a update for last stable and this
2004 May 02
1
What's our current policy on ports FORBIDDEN knob?
Greetings, I'm a little curious about the way FORBIDDEN knob is used in ports system. Traditionally, we use it to mark a port which have known security issue, with the new vuxml mechanism, are we still doing the same thing when necessary? Or, only the "critical" ones, for example, remote exploitable buffer overruns, etc? If the second assumption (only critical ones are marked
2004 Feb 18
1
[Fwd: [gentoo-announce] [ GLSA 200402-07 ] Clamav 0.65 DoS vulnerability]
Attached is a security alert from Gentoo pertaining to clam antivirus. It seems that as of this morning, FreeBSD's ports still contain the affected version. Thank in advance, Tom Veldhouse -------------- next part -------------- An embedded message was scrubbed... From: Tim Yamin <plasmaroo@gentoo.org> Subject: [gentoo-announce] [ GLSA 200402-07 ] Clamav 0.65 DoS vulnerability Date:
2014 Aug 18
2
CentOS 6, Postfix, and Procmail -- how do I get it to work?
What is the trick to get Postfix's local command to pipe mail through procmail? I have: -bash-4.1$ grep allow_mail_to_commands /etc/postfix/main.cf allow_mail_to_commands = alias, forward and -bash-4.1$ cat .forward |/usr/bin/procmail and a .procmailrc file: -bash-4.1$ cat .procmailrc PATH=/usr/bsd:/bin:/usr/bin:/exp/rcf/share/bin MAILDIR=/var/lib/amanda/Mail #you'd better
2004 Sep 14
1
multiple vulnerabilities in the cvs server code
Hello! Port security/portaudit reports the following problem: Affected package: FreeBSD-491000 Type of problem: multiple vulnerabilities in the cvs server code. Reference: <http://www.FreeBSD.org/ports/portaudit/d2102505-f03d-11d8-81b0-000347a4fa7d.htm l> Note: To disable this check add the uuid to `portaudit_fixed' in /usr/local/etc/portaudit.conf I have 2 related questions: 1)
2004 Oct 26
5
please test: Secure ports tree updating
CVSup is slow, insecure, and a memory hog. However, until now it's been the only option for keeping an up-to-date ports tree, and (thanks to all of the recent work on vuxml and portaudit) it has become quite obvious that keeping an up-to-date ports tree is very important. To provide a secure, lightweight, and fast alternative to CVSup, I've written portsnap. As the name suggests, this
2010 Feb 17
1
CentOS 5.3 host not seeing storage device
Maybe one of you has experienced something like this before. I have a host running CentOS5.3, x86_64 version with the standard qla2xxx driver. Both ports are recognized and show output in dmesg but they never find my storage device: qla2xxx 0000:07:00.1: LIP reset occured (f700). qla2xxx 0000:07:00.1: LIP occured (f700). qla2xxx 0000:07:00.1: LIP reset occured (f7f7). qla2xxx 0000:07:00.0: LOOP