portaudit false positive
kerochan ii
kerochan2 at gmail.com
Tue Sep 7 17:40:45 PDT 2004
portaudit started warning me about a vulnerability in the cvs server
in the base system.
It reports that the affected package is FreeBSD-502010.
I realised that this is actually a vulnerability fixed months ago, and
because i'm tracking RELENG_5_2 and thus running 5.2.1-p9, it was
fixed on my system before portaudit even reported vulnerabilities in
base.
So please make it check if the base system is patched (uname -m) and
only let it report problems if they really exist.
Thank you in advance...
More information about the freebsd-audit
mailing list