What happened with portaudit?
Simon L. Nielsen
simon at FreeBSD.org
Sun Nov 6 14:09:44 PST 2005
On 2005.11.06 21:48:52 +0100, Jimmy Scott wrote:
> On Sun, Nov 06, 2005 at 05:30:00PM +0100, Kövesdán Gábor wrote:
> > Hello,
> >
> > One of my machines I got a report about 3 vulnerable packages (php4,
> > ruby, openssl) in tomorrows security run output, but in today's security
> > run output all of them disappeared, but nobody upgraded or removed the
> > affected packages. I reinstalled portaudit, refreshd its database, but
> > now it reports 0 affected pakages. The pkg_info command lists that three
> > packages, so they are still installed. Does anybody suspect what's wrong?
>
> I noticed the same, but didn't had the time to look for a possible
> answer on that question.
It does seem to work for me now. Could people having this problem
please check the size of /var/db/portaudit/auditfile.tbz and try to
run portaudit -Fa to refetch the database and check again?
For reference:
[simon at zaphod:/tmp] ls -l /var/db/portaudit/auditfile.tbz
-r--r--r-- 1 root wheel 31762 6 Nov 22:40 /var/db/portaudit/auditfile.tbz
There have been one previous report where a problem with the portaudit
database build resulted in an incomplete auditfile which was then
fixed after the next portaudit database rebuild.
--
Simon L. Nielsen
FreeBSD Security Team
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20051106/99e8c00b/attachment.bin
More information about the freebsd-security
mailing list