From root@server.t-hosting.hu  Wed Sep  6 17:56:59 2006
Return-Path: <root@server.t-hosting.hu>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3B7B516A4DE;
	Wed,  6 Sep 2006 17:56:59 +0000 (UTC)
	(envelope-from root@server.t-hosting.hu)
Received: from server.t-hosting.hu (server.t-hosting.hu [217.20.133.7])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 860E043D45;
	Wed,  6 Sep 2006 17:56:58 +0000 (GMT)
	(envelope-from root@server.t-hosting.hu)
Received: from localhost (localhost [127.0.0.1])
	by server.t-hosting.hu (Postfix) with ESMTP id 6167499C880;
	Wed,  6 Sep 2006 19:56:57 +0200 (CEST)
Received: from server.t-hosting.hu ([127.0.0.1])
	by localhost (server.t-hosting.hu [127.0.0.1]) (amavisd-new, port 10024)
	with LMTP id BNHGygGPkfBg; Wed,  6 Sep 2006 19:56:56 +0200 (CEST)
Received: by server.t-hosting.hu (Postfix, from userid 0)
	id 8404B99C87C; Wed,  6 Sep 2006 19:56:56 +0200 (CEST)
Message-Id: <20060906175656.8404B99C87C@server.t-hosting.hu>
Date: Wed,  6 Sep 2006 19:56:56 +0200 (CEST)
From: Gabor Kovesdan <gabor@FreeBSD.org>
Reply-To: Gabor Kovesdan <gabor@FreeBSD.org>
To: FreeBSD-gnats-submit@freebsd.org
Cc: Gabor Kovesdan <gabor@FreeBSD.org>
Subject: [patch] security/portaudit
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         102946
>Category:       ports
>Synopsis:       [patch] ports-mgmt/portaudit
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    secteam
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Wed Sep 06 18:00:28 GMT 2006
>Closed-Date:    Tue Feb 05 03:38:53 UTC 2013
>Last-Modified:  Tue Feb 05 03:38:53 UTC 2013
>Originator:     Gabor Kovesdan
>Release:        FreeBSD 6.1-RELEASE-p3 amd64
>Organization:
n/a
>Environment:
System: FreeBSD server.t-hosting.hu 6.1-RELEASE-p3 FreeBSD 6.1-RELEASE-p3 #0: Sat Aug 19 11:08:15 CEST 2006 root@server.t-hosting.hu:/usr/src/sys/amd64/compile/FREEBSD amd64

>Description:

The periodic script of portaudit looks for the vulnerable packages daily, but doesn't ever
fetches the new vulnerability database.  The end-user might be deceived everything is done
automatically, but the check itself is not very useful without updating the database regularly.
Currently, this has to be done manually or from cron.  My patch adds an another block to
portaudit's periodic script to automatically update the database as well, before looking for
vulnerable packgages, and bumps PORTREVISION.

>How-To-Repeat:
>Fix:

--- portaudit.diff begins here ---
Index: Makefile
===================================================================
RCS file: /usr/cvs/ports/security/portaudit/Makefile,v
retrieving revision 1.21
diff -u -r1.21 Makefile
--- Makefile	16 Apr 2006 13:32:27 -0000	1.21
+++ Makefile	6 Sep 2006 17:50:25 -0000
@@ -7,6 +7,7 @@
 
 PORTNAME=	portaudit
 PORTVERSION=	0.5.11
+PORTREVISION=	1
 CATEGORIES=	security
 DISTFILES=
 
Index: files/portaudit.sh
===================================================================
RCS file: /usr/cvs/ports/security/portaudit/files/portaudit.sh,v
retrieving revision 1.3
diff -u -r1.3 portaudit.sh
--- files/portaudit.sh	1 Jul 2004 10:59:48 -0000	1.3
+++ files/portaudit.sh	6 Sep 2006 17:47:59 -0000
@@ -39,6 +39,18 @@
 fi
 
 rc=0
+
+case "${daily_status_security_portaudit_update_enable:-YES}" in
+	[Nn][Oo])
+		;;
+	*)
+		echo
+		echo "Updating the package vulnerability database:"
+		echo
+		%%PREFIX%%/sbin/portaudit -F
+		;;
+esac
+
 case "${daily_status_security_portaudit_enable:-YES}" in
 	[Nn][Oo])
 		;;
--- portaudit.diff ends here ---


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->secteam 
Responsible-Changed-By: edwin 
Responsible-Changed-When: Wed Sep 6 18:00:47 UTC 2006 
Responsible-Changed-Why:  
Over to maintainer 

http://www.freebsd.org/cgi/query-pr.cgi?pr=102946 

From: "Simon L. Nielsen" <simon@FreeBSD.org>
To: Gabor Kovesdan <gabor@FreeBSD.org>
Cc: FreeBSD-gnats-submit@FreeBSD.org
Subject: Re: ports/102946: [patch] security/portaudit
Date: Wed, 6 Sep 2006 20:49:17 +0200

 On 2006.09.06 19:56:56 +0200, Gabor Kovesdan wrote:
 
 > The periodic script of portaudit looks for the vulnerable packages daily, but doesn't ever
 > fetches the new vulnerability database.
 
 [For the "records"]
 
 The current script does in fact update the database, it just uses the
 -X parameter to only fetch the database once every 2 days (by
 default).  This should probably be changed so it's downloaded every
 day, so I keep this PR open as a reminder of that (I need to test
 before updating).
 
 -- 
 Simon L. Nielsen

From: Gabor Kovesdan <gabor@FreeBSD.org>
To: bug-followup@FreeBSD.org,  gabor@FreeBSD.org
Cc:  
Subject: Re: ports/102946: [patch] security/portaudit
Date: Mon, 25 Dec 2006 23:33:54 +0100

 As discussed with simon@ on IRC, here's the new patch:
 
 http://gabor.t-hosting.hu/patches/security-portaudit.diff
 
 Cheers,
 Gabor
State-Changed-From-To: open->closed 
State-Changed-By: eadler 
State-Changed-When: Tue Feb 5 03:38:52 UTC 2013 
State-Changed-Why:  
new patch no longer exists; likely OBE 

http://www.freebsd.org/cgi/query-pr.cgi?pr=102946 
>Unformatted:
