FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

I am looking for an LTO tape library. Do you have one to spare?
Port details
portaudit 0.5.11 security Deleted on this many watch lists=145 search for ports that depend on this port This port version is marked as vulnerable.
Checks installed ports against a list of security vulnerabilities
Was Maintained by: secteam@FreeBSD.org search for ports maintained by this maintainer
Port Added: 27 Jan 2004 19:26:48
License: not specified in port


portaudit provides a system to check if installed ports are listed in a 
database of published security vulnerabilities.

After installation it will update this security database automatically and 
include its reports in the output of the daily security run.

If you have found a vulnerability not listed in the database, please contact 
the FreeBSD Security Officer <security-officer@FreeBSD.org>. Refer to

  http://www.freebsd.org/security/#sec

for more information.

WWW: http://people.freebsd.org/~eik/portaudit/

Oliver Eikemeier <eik@FreeBSD.org>
SVNWeb : Main Web Site : Distfiles Availability : PortsMonThere are no ports dependent upon this port

No installation instructions: this port has been deleted.

The package name of this deleted port was: portaudit


Configuration Options
     No options to configure

Master Sites:
  1. ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/

Number of commits found: 41

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
05 Feb 2007 01:08:46
Original commit files touched by this commit  0.5.11
 This port version is marked as vulnerable.
pav search for other commits by this committer
Populate a new ports-mgmt category. List of moved ports:

  devel/portcheckout -> ports-mgmt/portcheckout
  devel/portlint -> ports-mgmt/portlint
  devel/portmk -> ports-mgmt/portmk
  devel/porttools -> ports-mgmt/porttools
  misc/instant-tinderbox -> ports-mgmt/instant-tinderbox
  misc/porteasy -> ports-mgmt/porteasy
  misc/portell -> ports-mgmt/portell
  misc/portless -> ports-mgmt/portless
  misc/tinderbox -> ports-mgmt/tinderbox
  security/jailaudit -> ports-mgmt/jailaudit
  security/portaudit -> ports-mgmt/portaudit
  security/portaudit-db -> ports-mgmt/portaudit-db
  security/vulnerability-test-port -> ports-mgmt/vulnerability-test-port
(Only the first 15 lines of the commit message are shown above View all of this commit message)
16 Apr 2006 13:32:28
Original commit files touched by this commit  0.5.11
 This port version is marked as vulnerable.
simon search for other commits by this committer
Avoid unnecessary invocations of pkg_info by checking whether the
package is installed or not using a precalculated regex.

This speeds up "portaudit -a" with around a factor of 10.

The change is slightly modified from the one from the PR by using
pkg_info -aE instead of ls /var/db/pkg for determining installed
packages.

Submitted by:   Kuang-che Wu <kcwu@csie.org>
PR:             ports/92942
22 Jan 2006 02:50:55
Original commit files touched by this commit  0.5.10
 This port version is marked as vulnerable.
edwin search for other commits by this committer
Replace ugly "@unexec rmdir %D... 2>/dev/null || true" with @dirrmtry

Approved by:    krion@
PR:             ports/88711 (related)
30 Jul 2005 19:13:10
Original commit files touched by this commit  0.5.10
 This port version is marked as vulnerable.
simon search for other commits by this committer
Change MAINTAINER address for ports maintained by the Security Team to
secteam@ instead of security@ to make it more clear that the ports are
not maintained by the freebsd-security@ mailing list.  Both addresses
go to the same people.
03 Jul 2005 20:31:01
Original commit files touched by this commit  0.5.10
 This port version is marked as vulnerable.
simon search for other commits by this committer
portaudit 0.5.10:

- Unbreak portaudit -vF.
- Sync usage with reality.
- Document the q, v, and V options.
- Markup fixes for the portaudit(1) manual page.
- Make quiet mode output even less "redundant" text [1].
- Set maintainership to security@. [2]

Suggested by:   Phil Kernick philk at rotfl dot com dot au [1]
Suggested by:   nectar, remko [2]
14 Jun 2005 22:04:55
Original commit files touched by this commit  0.5.9
 This port version is marked as vulnerable.
simon search for other commits by this committer
Grab maintainer-ship of portaudit.  While I do not currently have any
plans for improvements (though I have ideas) I feel that portaudit is
too important to not have an active maintainer.

Approved by:    portmgr (linimon)
09 Sep 2004 13:15:25
Original commit files touched by this commit  0.5.9
 This port version is marked as vulnerable.
brueffer search for other commits by this committer
Typo-fix in a comment

Approved by:    portmgr (krion)
03 Sep 2004 20:30:54
Original commit files touched by this commit  0.5.9
 This port version is marked as vulnerable.
eik search for other commits by this committer
- update to version 0.5.9
  (first attempts to check the base system for vulnerabilities)
23 Aug 2004 17:39:12
Original commit files touched by this commit  0.5.4
 This port version is marked as vulnerable.
eik search for other commits by this committer
fix "too many open files" error when using the -r flag

Noted by:       nectar
16 Aug 2004 02:24:06
Original commit files touched by this commit  0.5.3
 This port version is marked as vulnerable.
eik search for other commits by this committer
Don't check the base system when PACKAGE_BUILDING
15 Aug 2004 12:26:16
Original commit files touched by this commit  0.5.3
 This port version is marked as vulnerable.
eik search for other commits by this committer
Remove -a from the default fetch(1) flags, so that the daily security
report is not delayed when the distribution site is down.

Submitted by:   kuriyama
13 Aug 2004 17:07:05
Original commit files touched by this commit  0.5.2
 This port version is marked as vulnerable.
eik search for other commits by this committer
fix man page nits,
modify the vulnerability report depending on -q/-v (experimental)

PR:             69935, 68942
Submitted by:   Chris Pepper <pepper@reppep.com>, Johan Karlsson
<k@numeri.campus.luth.se>
24 Jul 2004 13:34:52
Original commit files touched by this commit  0.5.1
 This port version is marked as vulnerable.
eik search for other commits by this committer
New option -r: restrict listed entries to selected references.
Useful for testing new entries.
13 Jul 2004 19:32:09
Original commit files touched by this commit  0.5
 This port version is marked as vulnerable.
eik search for other commits by this committer
check for a working tr(1).
02 Jul 2004 00:31:18
Original commit files touched by this commit  0.5
 This port version is marked as vulnerable.
eik search for other commits by this committer
Test OSVERSION instead of pkg_info -P to enable cross-version builds

Requested by:   kris
01 Jul 2004 10:59:48
Original commit files touched by this commit  0.5
 This port version is marked as vulnerable.
eik search for other commits by this committer
- update to version 0.5

*** NOTE ***

The preferences file format has changed, as have the periodic.conf(5) names.
Normally the default settings should be adequate, except when you need to
configure a proxy. Use $PREFIX/etc/portaudit.conf.sample as an example.

- moved portaudit to sbin
- clean up, merging stuff into the portaudit script
- better return codes and errors to stderr
- -f can check stdin now
- dropped ports tree auditing
- merged the periodic(8) scripts into one
- run daily auditing as `nobody'
25 Jun 2004 01:21:20
Original commit files touched by this commit  0.4.1
 This port version is marked as vulnerable.
eik search for other commits by this committer
update to version 0.4.1

Use
  portaudit [packagename ...]
to check if package is listed as vulnerable
23 Jun 2004 16:02:23
Original commit files touched by this commit  0.4
 This port version is marked as vulnerable.
eik search for other commits by this committer
Add pkg-req file which was forgotten in the last commit.
23 Jun 2004 16:01:38
Original commit files touched by this commit  0.4
 This port version is marked as vulnerable.
eik search for other commits by this committer
Update to version 0.4, with a new `-f' option.

To check which of the current ports have known vulnerabilities, do

  portaudit -f /usr/ports/INDEX

This port requires pkg_install(-devel)>=20040623
21 Jun 2004 16:04:27
Original commit files touched by this commit  0.3.3
 This port version is marked as vulnerable.
eik search for other commits by this committer
make expiry date customizable via daily_status_portaudit_expiry
18 Jun 2004 08:07:29
Original commit files touched by this commit  0.3.2
 This port version is marked as vulnerable.
eik search for other commits by this committer
Fetch the database from http://www.FreeBSD.org/ports/ first.

Thanks to:      kuriyama
31 Mar 2004 22:52:02
Original commit files touched by this commit  0.3.1
 This port version is marked as vulnerable.
eik search for other commits by this committer
update to 0.3.1:

- use passive ftp by default, don't retry on failure [1]
- add a -C flag, portlint style
- don't keep databases that are tool old [2]

Requested by:   hubs [1]
Noticed by:     Nicolas Rachinsky <nicolas@rachinsky.de> [2]
11 Mar 2004 11:11:59
Original commit files touched by this commit  0.3
 This port version is marked as vulnerable.
eik search for other commits by this committer
Update to 0.3.
Since we are using the official VuXML database
the auditing should be pretty complete.

- mention web page
- add more mirrors, disabling .ru mirror (too much lag)
- allow combined options in portaudit shell script
- add sample configuration file
- use absolute paths for binaries, to ease use in crontab scripts [1]
- correct type in man page [2]

PR:             64005 [2]
Submitted by:   Tomasz Pilat <poncki@axelspringer.com.pl> [1]
                Nathan Dove <njdove@wafer.sandia.gov> [2]
25 Feb 2004 14:12:03
Original commit files touched by this commit  0.2.1
 This port version is marked as vulnerable.
eik search for other commits by this committer
grammar

Submitted by:   will, nectar
25 Feb 2004 12:47:13
Original commit files touched by this commit  0.2.1
 This port version is marked as vulnerable.
eik search for other commits by this committer
add a security contact
25 Feb 2004 09:46:26
Original commit files touched by this commit  0.2.1
 This port version is marked as vulnerable.
eik search for other commits by this committer
- bugfix: awk in -CURRENT accepts no regexes in RS, causing the database
  update to fail

- add an install & deinstall message

Submitted by:   nectar & Ion-Mihai Tetcu <itetcu@apropo.ro>
21 Feb 2004 21:19:41
Original commit files touched by this commit  0.2
 This port version is marked as vulnerable.
eik search for other commits by this committer
update to 0.2:
- new command line tool
- new man page
- reworked database update code, incorporating feedback from
  Max Khon <fjoe>, Radim Kolar <hsn@netmag.cz> (PR 63066) and
  Ion-Mihai Tetcu <itetcu@apropo.ro> (PR 62655)
19 Feb 2004 02:19:33
Original commit files touched by this commit  0.1
 This port version is marked as vulnerable.
eik search for other commits by this committer
Disable auditfile.txt until we decide on a database format,
two databases cause more confusion than it is worth.

portaudit uses ports/security/vuxml/vuln.xml in the meantime,
please commit your changes there and send feedback wich format
you prefer.

Currently we have to migrate gnats, mailman, monkey and some
apache versions.
17 Feb 2004 12:28:13
Original commit files touched by this commit  0.1
 This port version is marked as vulnerable.
eik search for other commits by this committer
add bind, pine, samba 3.x
16 Feb 2004 20:19:53
Original commit files touched by this commit  0.1
 This port version is marked as vulnerable.
eik search for other commits by this committer
remove duplicate mutt entry, sorry.
16 Feb 2004 19:14:24
Original commit files touched by this commit  0.1
 This port version is marked as vulnerable.
eik search for other commits by this committer
add mutt and mailman
16 Feb 2004 18:41:05
Original commit files touched by this commit  0.1
 This port version is marked as vulnerable.
eik search for other commits by this committer
XFree86-Server font file buffer overflows
16 Feb 2004 15:02:04
Original commit files touched by this commit  0.1
 This port version is marked as vulnerable.
eik search for other commits by this committer
add GNATS3
13 Feb 2004 14:20:15
Original commit files touched by this commit  0.1
 This port version is marked as vulnerable.
eik search for other commits by this committer
require gaim version 0.75_6, since the vulnerability has been re-introduced
add libtool symlink vulnerability
13 Feb 2004 01:22:49
Original commit files touched by this commit  0.1
 This port version is marked as vulnerable.
eik search for other commits by this committer
add fspd <= 2.8.1.3

PR:             62747
Submitted by:   Radim Kolar <hsn@netmag.cz>
11 Feb 2004 18:28:18
Original commit files touched by this commit  0.1
 This port version is marked as vulnerable.
clement search for other commits by this committer
Add mutt < 1.4.2 vulnerabilty.
11 Feb 2004 11:54:29
Original commit files touched by this commit  0.1
 This port version is marked as vulnerable.
eik search for other commits by this committer
add an URL where at least somek kind of advisory for monkeyd can be found...
11 Feb 2004 00:07:29
Original commit files touched by this commit  0.1
 This port version is marked as vulnerable.
clement search for other commits by this committer
Add entries for:
        - www/apache13-ssl<1.3.29.1.53
        - www/monkey < 0.8.2
10 Feb 2004 14:11:14
Original commit files touched by this commit  0.1
 This port version is marked as vulnerable.
eik search for other commits by this committer
add clamav<0.65_7

PR:             62586
28 Jan 2004 16:19:08
Original commit files touched by this commit  0.1
 This port version is marked as vulnerable.
eik search for other commits by this committer
Add some more examples (inn, apache) to test combined >= & < relations
27 Jan 2004 19:24:53
Original commit files touched by this commit  0.1
 This port version is marked as vulnerable.
eik search for other commits by this committer
portaudit provides a list of published security vulnerabilities
of FreeBSD ports and tools to check if installed ports are listed.

Since this is a prerelease version, it is mostly usable for
committers that want to contribute to the project, and can currently
not be relied upon as an extensive security auditing tool.

Number of commits found: 41

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
kdelibs3Jul 31
kdelibs4Jul 31
torJul 30
torJul 30
tor-develJul 30
i2pJul 28
i2pJul 28
i2pJul 28
bugzilla44Jul 25
apache22Jul 24
apache22-event-mpmJul 24
apache22-itk-mpmJul 24
apache22-peruser-mpmJul 24
apache22-worker-mpmJul 24
firefoxJul 23

11 vulnerabilities affecting 36 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds


Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 24400
Broken 180
Deprecated 813
Ignore 515
Forbidden 16
Restricted 263
No CDROM 101
Vulnerable 27
Expired 5
Set to expire 800
Interactive 13
new 24 hours 7
new 48 hours9
new 7 days24
new fortnight43
new month111

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.