portaudit is being stubborn

Chris chrcoluk at gmail.com
Fri May 20 05:43:32 PDT 2005


This annoys me as well, I expect portaudit to alert me when an update
is available to fix an exploit, but wget has no update so what is the
point of the warning, there also seems to be no way to shut it up.

Chris

On 5/17/05, Tony Shadwick <tshadwick at goinet.com> wrote:
> This is driving me nuts.  I just downloaded the latest portaudit database
> and ran it on my system:
> 
> mx02# portaudit -ad
> Database created: Tue May 17 13:40:02 CDT 2005
> Affected package: wget-1.8.2_7
> Type of problem: wget -- multiple vulnerabilities.
> Reference:
> <http://www.FreeBSD.org/ports/portaudit/06f142ff-4df3-11d9-a9e7-0001020eed82.html>
> 
> 1 problem(s) in your installed packages found.
> 
> You are advised to update or deinstall the affected package(s)
> immediately.
> 
> 
> Okay....so, that vulnerability isn't of much concern to me, but just to be
> sure I'm current:
> 
> mx02# portversion ftp/wget
> wget                        =
> 
> So life is good there, so I got back and add this to my
> /usr/local/etc/portaudit.conf file:
> 
> # Make portaudit ignore wget vulnerability (no shell users here anyway)
> portaudit_fixed="06f142ff-4df3-11d9-a9e7-0001020eed82"
> 
> 
> I then re-ran portaudit....it gives me the same output. :(  I want to have
> this cron'ed where I only get ouput when something that actually concerns
> me comes up.  Is the portaudit_fixed variable no longer supported?
> 
> Tony
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>


More information about the freebsd-questions mailing list