notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Port details
portaudit Checks installed ports against a list of security vulnerabilities
0.6.2 ports-mgmt Deleted on this many watch lists=117 search for ports that depend on this port An older version of this port was marked as vulnerable. Find issues related to this port Report an issue related to this port View this port on Repology. pkg-fallout 0.6.2Version of this port present on the latest quarterly branch.
Maintainer: ports-secteam@FreeBSD.org search for ports maintained by this maintainer
Port Added: 2007-02-05 01:09:12
Last Update: 2014-10-13 15:45:03
SVN Revision: 370789
People watching this port, also watch:: gettext, gmake, libiconv, pcre, m4
Also Listed In: security
License: not specified in port
Description:
SVNWeb : git : Homepage
pkg-plist: as obtained via: make generate-plist
There is no configure plist information for this port.
Dependency lines:
  • portaudit>0:ports-mgmt/portaudit
No installation instructions:
This port has been deleted.
PKGNAME: portaudit
Flavors: there is no flavor information for this port.
distinfo:
There is no distinfo for this port.
No package information for this port in our database
Sometimes this happens. Not all ports have packages.

NOTE: dependencies for deleted ports are notoriously suspect
This port is required by:
for Run

Deleted ports which required this port:

Expand this list of 7 deleted ports
  1. net-mgmt/check_snmp_pkgvuln*
  2. net-mgmt/nagios-portaudit*
  3. ports-mgmt/kports*
  4. ports-mgmt/kports-qt4*
  5. ports-mgmt/pkgfe*
  6. ports-mgmt/portcheck*
  7. sysutils/desktopbsd-tools*
  8. Collapse this list of deleted ports.
* - deleted ports are only shown under the This port is required by section. It was harder to do for the Required section. Perhaps later...

Configuration Options:
Options name:
FreshPorts was unable to extract/find any pkg message
Master Sites:
Expand this list (1 items)
Collapse this list.
  1. http://distcache.FreeBSD.org/ports-distfiles/
Collapse this list.
Port Moves
  • port deleted on 2014-10-13
    REASON: portaudit expired when pkg_tools did, use pkg audit

Number of commits found: 20

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
13 Oct 2014 15:45:03
Original commit files touched by this commit Revision:370789  0.6.2
mat search for other commits by this committer
Retire ports-mgmt/portaudit, it stopped working a month ago when pkg_tools
support was removed.  Also retire three ports requiring it, and a few optionnal
dependencies.

With hat:	portmgr
Noticed by:	ak
Sponsored by:	Absolight
24 Jul 2014 08:16:55
Original commit files touched by this commit Revision:362769  0.6.2
delphij search for other commits by this committer
Remove unnecessary quotation.

PR:		ports/192081
Submitted by:	<takefu airport fm>
23 Dec 2013 22:26:43
Original commit files touched by this commit Revision:337303  0.6.2
delphij search for other commits by this committer
Detect pkgNG.  When pkgNG is present and there is packages managed by pkgNG,
give user a warning and run pkg audit -F instead.

PR:		ports/185147
Submitted by:	ohauer
17 Nov 2013 02:00:30
Original commit files touched by this commit Revision:334044  0.6.1
eadler search for other commits by this committer
Clean up the portaudit port
- let the ports-secteam maintain this port instead of secteam.  This should
assign PRs to the appropriate place. [1]
- recent freebsd versions should use pkg audit instead of portaudit
- stagify
- remove mention of preference file format changes which changed in 2004

PR:		ports/184004 (partial
Discussed with:	simon (many months ago) [1]
12 Nov 2013 13:09:18
Original commit files touched by this commit Revision:333567  0.6.1
zi search for other commits by this committer
- Set MAINTAINER to ports-secteam

Requested by:	des@
With hat:	ports-secteam@
20 Sep 2013 22:36:49
Original commit files touched by this commit Revision:327762  0.6.1
bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
ports-mgmt)
01 Aug 2013 20:41:31
Original commit files touched by this commit Revision:324124  0.6.1
remko (src,doc committer) search for other commits by this committer
Forgot to bump the version in the previous commit.  Eventhough
this is a minor change, it's still new and should tell people
that they can upgrade to this version.

Hat:	    secteam
01 Aug 2013 19:03:41
Original commit files touched by this commit Revision:324119  0.6.0
remko (src,doc committer) search for other commits by this committer
Add support for an alternative openssl location, for example when installed
via the Ports Collection.

PR:		166561
Submitted by:	Eugene Grosbein <eugen@grosbein.pp.ru>
11 Mar 2012 22:05:39
Original commit files touched by this commit   0.6.0
simon search for other commits by this committer
Portaudit 0.6.0:

Fix remote code execution which can occur with a specially crafted
audit file.  The attacker would need to get the portaudit(1) to
download the bad audit database, e.g. by performing a man in the
middle attack.

Add signature verification of the portaudit database.  The public key
is for the database generated for portaudit.FreeBSD.org is included
in the distribution.

(This parts add the portaudit public key missed in initial commit.)

Submitted by:   Michael Gmelin <freebsd@grem.de>
Reported by:    Michael Gmelin <freebsd@grem.de>, Joerg Scheinert
Security:       Remote code execution
Security:      
http://vuxml.FreeBSD.org/6d329b64-6bbb-11e1-9166-001e4f0fb9b1.html
Feature safe:   yes
With hat:       so
11 Mar 2012 21:32:58
Original commit files touched by this commit   0.6.0
simon search for other commits by this committer
Portaudit 0.6.0:

Fix remote code execution which can occur with a specially crafted
audit file.  The attacker would need to get the portaudit(1) to
download the bad audit database, e.g. by performing a man in the
middle attack.

Add signature verification of the portaudit database.  The public key
is for the database generated for portaudit.FreeBSD.org is included
in the distribution.

Submitted by:   Michael Gmelin <freebsd@grem.de>
Reported by:    Michael Gmelin <freebsd@grem.de>, Joerg Scheinert
Security:       Remote code execution
Security:      
http://vuxml.FreeBSD.org/6d329b64-6bbb-11e1-9166-001e4f0fb9b1.html
Feature safe:   yes
With hat:       so
05 Feb 2011 08:37:06
Original commit files touched by this commit   0.5.17 This port version is marked as vulnerable.
remko search for other commits by this committer
Add some improvements via Doug:

This patch changes the order in which the conf file is read vs.
when the default variable assignments are made in order to provide
the ability to override them in the conf file. It also adds the
ability to include a conf file in the same directory as the script.

The patch also changes some of the = assignments to := where
having a null setting by mistake would be fatal.

The use case for these changes is the ability to "package" all
of the elements together in one place for use on multiple systems
that can all mount the same central location.

PR:             154518
Submitted by:   dougb
Hat:            secteam
Feature safe:   yes
31 Jan 2011 20:17:04
Original commit files touched by this commit   0.5.16 This port version is marked as vulnerable.
uqs search for other commits by this committer
Don't enclose URLs in <>, it makes them harder to copy&paste and URLs are
not email addresses.

PR:             ports/127214 (first half)
Reviewed by:    simon
Feature safe:   yes
03 May 2010 21:02:21
Original commit files touched by this commit   0.5.15 This port version is marked as vulnerable.
delphij search for other commits by this committer
Prefer using base system binaries.

Reported by:    Paul Hoffman <phoffman proper com>
With hat:       secteam
26 Oct 2009 09:17:28
Original commit files touched by this commit   0.5.14 This port version is marked as vulnerable.
remko search for other commits by this committer
Forgot to bump version.

Prodded by:     antoine
21 Oct 2009 08:30:57
Original commit files touched by this commit   0.5.13 This port version is marked as vulnerable.
remko search for other commits by this committer
Fix unmatched quote.

PR:             ports/139810
Submitted by:   bf <bf1783 at gmail dot com>
21 Jun 2009 15:45:18
Original commit files touched by this commit   0.5.13 This port version is marked as vulnerable.
simon search for other commits by this committer
Download portaudit database from http://portaudit.FreeBSD.org/ instead
of http://www.FreeBSD.org/ports/portaudit/.

This is primarily done to work around bug in lighttpd on www.FreeBSD.org
where If-Modified-Since isn't handled correctly possibly resulting in
users behind web proxies getting an outdated version of the portaudit
database.

Bump portaudit version number.

Big thanks to the reporter for the detailed PR with good information
about reproducing the issue.

PR:             www/134505
Reported by:    Christian Ullrich <chris@chrullrich.net>
Prodding by:    remko, Christian Ullrich
27 Dec 2007 09:54:23
Original commit files touched by this commit   0.5.12 This port version is marked as vulnerable.
simon search for other commits by this committer
- Fix portaudit -Fq to actually be quiet. [1]
- Remove support for FreeBSD older than 4.11 and 5.3.
- Remove conditional dependency on bzip2 which I can't really see how
  could be activated automatically.

Reported by:    "J. Martin Petersen" <jmp@alvorlig.dk> [1]
PR:             ports/117845 [1]
With hat:       maintainer / secteam
02 Apr 2007 12:40:32
Original commit files touched by this commit   0.5.11 This port version is marked as vulnerable.
erwin search for other commits by this committer
Add security to CATEGORIES

"Sounds like a good idea":      simon
15 Mar 2007 07:14:35
Original commit files touched by this commit   0.5.11 This port version is marked as vulnerable.
remko search for other commits by this committer
Correct URL to the VuXML pages for FreeBSD. Also bump modification date.

PR:             ports/104813
Submitted by:   Alan Amesbury <amesbury at umn dot edu>
05 Feb 2007 01:08:46
Original commit files touched by this commit   0.5.11 This port version is marked as vulnerable.
pav search for other commits by this committer
Populate a new ports-mgmt category. List of moved ports:

  devel/portcheckout -> ports-mgmt/portcheckout
  devel/portlint -> ports-mgmt/portlint
  devel/portmk -> ports-mgmt/portmk
  devel/porttools -> ports-mgmt/porttools
  misc/instant-tinderbox -> ports-mgmt/instant-tinderbox
  misc/porteasy -> ports-mgmt/porteasy
  misc/portell -> ports-mgmt/portell
  misc/portless -> ports-mgmt/portless
  misc/tinderbox -> ports-mgmt/tinderbox
  security/jailaudit -> ports-mgmt/jailaudit
  security/portaudit -> ports-mgmt/portaudit
  security/portaudit-db -> ports-mgmt/portaudit-db
  security/vulnerability-test-port -> ports-mgmt/vulnerability-test-port
(Only the first 15 lines of the commit message are shown above View all of this commit message)

Number of commits found: 20