What happened with portaudit?

jimmy at inet-solutions.be jimmy at inet-solutions.be
Sun Nov 6 23:44:07 PST 2005 

Quoting "Simon L. Nielsen" <simon at FreeBSD.org>:

> On 2005.11.06 21:48:52 +0100, Jimmy Scott wrote:
> > On Sun, Nov 06, 2005 at 05:30:00PM +0100, Kövesdán Gábor wrote:
> > > Hello,
> > >
> > > One of my machines I got a report about 3 vulnerable packages (php4,
> > > ruby, openssl) in tomorrows security run output, but in today's security
> > > run output all of them disappeared, but nobody upgraded or removed the
> > > affected packages. I reinstalled portaudit, refreshd its database, but
> > > now it reports 0 affected pakages. The pkg_info command lists that three
> > > packages, so they are still installed. Does anybody suspect what's wrong?
> >
> > I noticed the same, but didn't had the time to look for a possible
> > answer on that question.
>
> It does seem to work for me now.  Could people having this problem
> please check the size of /var/db/portaudit/auditfile.tbz and try to
> run portaudit -Fa to refetch the database and check again?
>
> For reference:
>
> [simon at zaphod:/tmp] ls -l /var/db/portaudit/auditfile.tbz
> -r--r--r--  1 root  wheel  31762  6 Nov 22:40 /var/db/portaudit/auditfile.tbz
>
> There have been one previous report where a problem with the portaudit
> database build resulted in an incomplete auditfile which was then
> fixed after the next portaudit database rebuild.
>
> --
> Simon L. Nielsen
> FreeBSD Security Team
>

Everything seems fine today, I can't check the size of the file from
then since it's being run every night by periodic/security.

If you are really interrested in the file I could restore it from a
backup somehow, but it will be a lot of work. I should have checked
it from the moment I noticed in the emails.

Kind regards,
Jimmy Scott

----------------------------------------------------------------
This message has been sent through ihosting.be
To report spamming or other unaccepted behavior
by a iHosting customer, please send a message 
to abuse at ihosting.be
----------------------------------------------------------------

More information about the freebsd-security mailing list