non port: ports-mgmt/portaudit/files/portaudit-cmd.sh |
Number of commits found: 9 |
Monday, 23 Dec 2013
|
22:26 delphij
Detect pkgNG. When pkgNG is present and there is packages managed by pkgNG,
give user a warning and run pkg audit -F instead.
PR: ports/185147
Submitted by: ohauer
|
Thursday, 1 Aug 2013
|
19:03 remko (src,doc committer)
Add support for an alternative openssl location, for example when installed
via the Ports Collection.
PR: 166561
Submitted by: Eugene Grosbein <eugen@grosbein.pp.ru>
|
Sunday, 11 Mar 2012
|
21:32 simon
Portaudit 0.6.0:
Fix remote code execution which can occur with a specially crafted
audit file. The attacker would need to get the portaudit(1) to
download the bad audit database, e.g. by performing a man in the
middle attack.
Add signature verification of the portaudit database. The public key
is for the database generated for portaudit.FreeBSD.org is included
in the distribution.
Submitted by: Michael Gmelin <freebsd@grem.de>
Reported by: Michael Gmelin <freebsd@grem.de>, Joerg Scheinert
Security: Remote code execution
Security:
http://vuxml.FreeBSD.org/6d329b64-6bbb-11e1-9166-001e4f0fb9b1.html
Feature safe: yes
With hat: so
|
Saturday, 5 Feb 2011
|
08:37 remko
Add some improvements via Doug:
This patch changes the order in which the conf file is read vs.
when the default variable assignments are made in order to provide
the ability to override them in the conf file. It also adds the
ability to include a conf file in the same directory as the script.
The patch also changes some of the = assignments to := where
having a null setting by mistake would be fatal.
The use case for these changes is the ability to "package" all
of the elements together in one place for use on multiple systems
that can all mount the same central location.
PR: 154518
Submitted by: dougb
Hat: secteam
Feature safe: yes
|
Monday, 31 Jan 2011
|
20:17 uqs
Don't enclose URLs in <>, it makes them harder to copy&paste and URLs are
not email addresses.
PR: ports/127214 (first half)
Reviewed by: simon
Feature safe: yes
|
Monday, 3 May 2010
|
21:02 delphij
Prefer using base system binaries.
Reported by: Paul Hoffman <phoffman proper com>
With hat: secteam
|
Wednesday, 21 Oct 2009
|
08:30 remko
Fix unmatched quote.
PR: ports/139810
Submitted by: bf <bf1783 at gmail dot com>
|
Sunday, 21 Jun 2009
|
15:45 simon
Download portaudit database from http://portaudit.FreeBSD.org/ instead
of http://www.FreeBSD.org/ports/portaudit/.
This is primarily done to work around bug in lighttpd on www.FreeBSD.org
where If-Modified-Since isn't handled correctly possibly resulting in
users behind web proxies getting an outdated version of the portaudit
database.
Bump portaudit version number.
Big thanks to the reporter for the detailed PR with good information
about reproducing the issue.
PR: www/134505
Reported by: Christian Ullrich <chris@chrullrich.net>
Prodding by: remko, Christian Ullrich
|
Thursday, 27 Dec 2007
|
09:54 simon
- Fix portaudit -Fq to actually be quiet. [1]
- Remove support for FreeBSD older than 4.11 and 5.3.
- Remove conditional dependency on bzip2 which I can't really see how
could be activated automatically.
Reported by: "J. Martin Petersen" <jmp@alvorlig.dk> [1]
PR: ports/117845 [1]
With hat: maintainer / secteam
|
Number of commits found: 9 |