cvs commit: ports/ports-mgmt/portaudit/files portaudit.pubkey

Simon L. Nielsen simon at
Sun Mar 11 22:05:39 UTC 2012

simon       2012-03-11 22:05:39 UTC

  FreeBSD ports repository

  Added files:
    ports-mgmt/portaudit/files portaudit.pubkey 
  Portaudit 0.6.0:
  Fix remote code execution which can occur with a specially crafted
  audit file.  The attacker would need to get the portaudit(1) to
  download the bad audit database, e.g. by performing a man in the
  middle attack.
  Add signature verification of the portaudit database.  The public key
  is for the database generated for is included
  in the distribution.
  (This parts add the portaudit public key missed in initial commit.)
  Submitted by:   Michael Gmelin <freebsd at>
  Reported by:    Michael Gmelin <freebsd at>, Joerg Scheinert
  Security:       Remote code execution
  Feature safe:   yes
  With hat:       so
  Revision  Changes    Path
  1.1       +14 -0     ports/ports-mgmt/portaudit/files/portaudit.pubkey (new)

More information about the cvs-all mailing list