pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security/audit-packages Require pkg_info with ranges s...
details: https://anonhg.NetBSD.org/pkgsrc/rev/a6bba94890ff
branches: trunk
changeset: 495429:a6bba94890ff
user: dillo <dillo%pkgsrc.org@localhost>
date: Thu Jun 09 15:34:52 2005 +0000
description:
Require pkg_info with ranges support, bump version to 1.36.
Reviewed by wiz.
diffstat:
security/audit-packages/Makefile | 4 +-
security/audit-packages/files/audit-packages | 18 +++++-
security/audit-packages/files/audit-packages.0 | 76 +++++++++++++------------
security/audit-packages/files/audit-packages.8 | 13 +++-
4 files changed, 67 insertions(+), 44 deletions(-)
diffs (189 lines):
diff -r 4294f5ddce84 -r a6bba94890ff security/audit-packages/Makefile
--- a/security/audit-packages/Makefile Thu Jun 09 15:22:09 2005 +0000
+++ b/security/audit-packages/Makefile Thu Jun 09 15:34:52 2005 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.55 2005/06/07 19:17:01 dillo Exp $
+# $NetBSD: Makefile,v 1.56 2005/06/09 15:34:52 dillo Exp $
-DISTNAME= audit-packages-1.35
+DISTNAME= audit-packages-1.36
CATEGORIES= security pkgtools
MASTER_SITES= # empty
DISTFILES= # empty
diff -r 4294f5ddce84 -r a6bba94890ff security/audit-packages/files/audit-packages
--- a/security/audit-packages/files/audit-packages Thu Jun 09 15:22:09 2005 +0000
+++ b/security/audit-packages/files/audit-packages Thu Jun 09 15:34:52 2005 +0000
@@ -1,6 +1,6 @@
#! @SH@
#
-# $NetBSD: audit-packages,v 1.19 2005/06/07 19:17:01 dillo Exp $
+# $NetBSD: audit-packages,v 1.20 2005/06/09 15:34:52 dillo Exp $
#
# Copyright (c) 2000-2003 Alistair Crooks. All rights reserved.
#
@@ -33,13 +33,15 @@
# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#
-ERR_DOWNLOAD="Please run download-vulnerability-list"
-ERR_UPGRADE="Please upgrade audit-packages to the newest version"
+ERR_DOWNLOAD="Please run download-vulnerability-list."
+ERR_UPGRADE="Please upgrade security/audit-packages to the newest version."
+ERR_PKGINSTALL="Please upgrade pkgtools/pkg_install to the newest version."
: ${PKGVULNDIR=@PKGVULNDIR@}
FORMAT_MAJOR=1
FORMAT_MINOR=0
+PKG_INSTALL_REQUIRED=20050530
if [ -r @PKG_SYSCONFDIR@/audit-packages.conf ]; then
echo "Reading settings from @PKG_SYSCONFDIR@/audit-packages.conf"
@@ -75,6 +77,16 @@
esac
case "$errmsg" in
+"") # check that pkg_info is new enough (supports ranges)
+ if [ `@PKG_TOOLS_BIN@/pkg_info -V` -lt "$PKG_INSTALL_REQUIRED" ]
+ then
+ errmsg='Installed pkg_info is too old.'
+ errsolution="$ERR_PKGINSTALL"
+ fi
+ ;;
+esac
+
+case "$errmsg" in
"") # check format version of vulnerabilities file
file_major=`@AWK@ '$1 == "#FORMAT" { split($2, a, "\\."); print a[1] }' "$vuls"`
file_minor=`@AWK@ '$1 == "#FORMAT" { split($2, a, "\\."); print a[2] }' "$vuls"`
diff -r 4294f5ddce84 -r a6bba94890ff security/audit-packages/files/audit-packages.0
--- a/security/audit-packages/files/audit-packages.0 Thu Jun 09 15:22:09 2005 +0000
+++ b/security/audit-packages/files/audit-packages.0 Thu Jun 09 15:34:52 2005 +0000
@@ -25,40 +25,40 @@
Each line lists the package and vulnerable versions, the type of exploit,
and an Internet address for further information. The type of exploit can
be any text, although some common types of exploits listed are:
- +�+�o�o cross-site-html
- +�+�o�o cross-site-scripting
- +�+�o�o denial-of-service
- +�+�o�o file-permissions
- +�+�o�o local-access
- +�+�o�o local-code-execution
- +�+�o�o local-file-read
- +�+�o�o local-file-removal
- +�+�o�o local-file-write
- +�+�o�o local-root-file-view
- +�+�o�o local-root-shell
- +�+�o�o local-symlink-race
- +�+�o�o local-user-file-view
- +�+�o�o local-user-shell
- +�+�o�o privacy-leak
- +�+�o�o remote-code-execution
- +�+�o�o remote-command-inject
- +�+�o�o remote-file-creation
- +�+�o�o remote-file-read
- +�+�o�o remote-file-view
- +�+�o�o remote-file-write
- +�+�o�o remote-key-theft
- +�+�o�o remote-root-access
- +�+�o�o remote-root-shell
- +�+�o�o remote-script-inject
- +�+�o�o remote-server-admin
- +�+�o�o remote-use-of-secret
- +�+�o�o remote-user-access
- +�+�o�o remote-user-file-view
- +�+�o�o remote-user-shell
- +�+�o�o unknown
- +�+�o�o weak-authentication
- +�+�o�o weak-encryption
- +�+�o�o weak-ssl-authentication
+ ·�· cross-site-html
+ ·�· cross-site-scripting
+ ·�· denial-of-service
+ ·�· file-permissions
+ ·�· local-access
+ ·�· local-code-execution
+ ·�· local-file-read
+ ·�· local-file-removal
+ ·�· local-file-write
+ ·�· local-root-file-view
+ ·�· local-root-shell
+ ·�· local-symlink-race
+ ·�· local-user-file-view
+ ·�· local-user-shell
+ ·�· privacy-leak
+ ·�· remote-code-execution
+ ·�· remote-command-inject
+ ·�· remote-file-creation
+ ·�· remote-file-read
+ ·�· remote-file-view
+ ·�· remote-file-write
+ ·�· remote-key-theft
+ ·�· remote-root-access
+ ·�· remote-root-shell
+ ·�· remote-script-inject
+ ·�· remote-server-admin
+ ·�· remote-use-of-secret
+ ·�· remote-user-access
+ ·�· remote-user-file-view
+ ·�· remote-user-shell
+ ·�· unknown
+ ·�· weak-authentication
+ ·�· weak-encryption
+ ·�· weak-ssl-authentication
By default, the vulnerabilities file is stored in the @PKGVULNDIR@ direc-
tory. This can be changed by defining the environment variable
@@ -116,7 +116,11 @@
Unsupported file format version
The vulnerabilities file is too old or too new. If it's too
old, run d�do�ow�wn�nl�lo�oa�ad�d-�-v�vu�ul�ln�ne�er�ra�ab�bi�il�li�it�ty�y-�-l�li�is�st�t. If it's too new,
- update the a�au�ud�di�it�t-�-p�pa�ac�ck�ka�ag�ge�es�s package.
+ update the _�s_�e_�c_�u_�r_�i_�t_�y_�/_�a_�u_�d_�i_�t_�-_�p_�a_�c_�k_�a_�g_�e_�s package.
+
+ Installed pkg_info too old
+ a�au�ud�di�it�t-�-p�pa�ac�ck�ka�ag�ge�es�s requires a newer version of pkg_info(1).
+ Update the _�p_�k_�g_�t_�o_�o_�l_�s_�/_�p_�k_�g_�__�i_�n_�s_�t_�a_�l_�l package.
S�SE�EE�E A�AL�LS�SO�O
pkg_info(1), mk.conf(5), packages(7), @PKGSRCDIR@/mk/bsd.pkg.defaults.mk
@@ -130,4 +134,4 @@
September 19, 2000. The original idea came from Roland Dowdeswell and
Bill Sommerfeld.
-NetBSD 2.0 May 27, 2005 NetBSD 2.0
+NetBSD 2.0.2 June 9, 2005 NetBSD 2.0.2
diff -r 4294f5ddce84 -r a6bba94890ff security/audit-packages/files/audit-packages.8
--- a/security/audit-packages/files/audit-packages.8 Thu Jun 09 15:22:09 2005 +0000
+++ b/security/audit-packages/files/audit-packages.8 Thu Jun 09 15:34:52 2005 +0000
@@ -1,4 +1,4 @@
-.\" $NetBSD: audit-packages.8,v 1.12 2005/06/09 08:14:08 wiz Exp $
+.\" $NetBSD: audit-packages.8,v 1.13 2005/06/09 15:34:52 dillo Exp $
.\"
.\" Copyright (c) 2003 Jeremy C. Reed. All rights reserved.
.\"
@@ -30,7 +30,7 @@
.\" NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
.\" SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd May 27, 2005
+.Dd June 9, 2005
.Os
.Dt AUDIT-PACKAGES 8
.Sh NAME
@@ -221,7 +221,14 @@
If it's too old, run
.Nm download-vulnerability-list .
If it's too new, update the
-.Nm audit-packages
+.Pa security/audit-packages
+package.
+.It Installed pkg_info too old
+.Nm
+requires a newer version of
+.Xr pkg_info 1 .
+Update the
+.Pa pkgtools/pkg_install
package.
.El
.Sh SEE ALSO
Home |
Main Index |
Thread Index |
Old Index