pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2006Q1]: pkgsrc/security/audit-packages Pullup ticket 1389 - r...
details: https://anonhg.NetBSD.org/pkgsrc/rev/a7c9d89bfb5e
branches: pkgsrc-2006Q1
changeset: 510218:a7c9d89bfb5e
user: snj <snj%pkgsrc.org@localhost>
date: Tue Apr 18 22:52:44 2006 +0000
description:
Pullup ticket 1389 - requested by salo
sync audit-packages with HEAD
Revisions pulled up:
- pkgsrc/security/audit-packages/Makefile 1.65-1.66
- pkgsrc/security/audit-packages/files/audit-packages 1.27
- pkgsrc/security/audit-packages/files/audit-packages.0 1.13
- pkgsrc/security/audit-packages/files/audit-packages.8 1.18
Module Name: pkgsrc
Committed By: salo
Date: Sat Apr 15 15:02:10 UTC 2006
Modified Files:
pkgsrc/security/audit-packages: Makefile
pkgsrc/security/audit-packages/files: audit-packages audit-packages.0
audit-packages.8
Log Message:
Version 1.42
- Remove the "ignore vulnerabilities" stuff which was backed out from pkgsrc
infrastructure months ago. We are back at format 1.0.0.
---
Module Name: pkgsrc
Committed By: salo
Date: Sun Apr 16 16:15:01 UTC 2006
Modified Files:
pkgsrc/security/audit-packages: Makefile
Log Message:
Remove unused variable, SKIP_AUDIT_PACKAGES.
diffstat:
security/audit-packages/Makefile | 6 +-
security/audit-packages/files/audit-packages | 58 +------------------------
security/audit-packages/files/audit-packages.0 | 13 +----
security/audit-packages/files/audit-packages.8 | 14 +----
4 files changed, 12 insertions(+), 79 deletions(-)
diffs (226 lines):
diff -r 76601a004bc9 -r a7c9d89bfb5e security/audit-packages/Makefile
--- a/security/audit-packages/Makefile Mon Apr 17 21:59:52 2006 +0000
+++ b/security/audit-packages/Makefile Tue Apr 18 22:52:44 2006 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.64 2005/12/29 23:47:55 agc Exp $
+# $NetBSD: Makefile,v 1.64.2.1 2006/04/18 22:52:44 snj Exp $
-DISTNAME= audit-packages-1.41
+DISTNAME= audit-packages-1.42
CATEGORIES= security pkgtools
MASTER_SITES= # empty
DISTFILES= # empty
@@ -20,8 +20,6 @@
OWN_DIRS= ${PKGVULNDIR}
INSTALLATION_DIRS= man/cat8 man/man8 sbin
-SKIP_AUDIT_PACKAGES= yes
-
.include "../../mk/bsd.prefs.mk"
.if ${OPSYS} == "DragonFly"
diff -r 76601a004bc9 -r a7c9d89bfb5e security/audit-packages/files/audit-packages
--- a/security/audit-packages/files/audit-packages Mon Apr 17 21:59:52 2006 +0000
+++ b/security/audit-packages/files/audit-packages Tue Apr 18 22:52:44 2006 +0000
@@ -1,6 +1,6 @@
#! @SH@
#
-# $NetBSD: audit-packages,v 1.26 2005/11/21 10:39:50 agc Exp $
+# $NetBSD: audit-packages,v 1.26.4.1 2006/04/18 22:52:44 snj Exp $
#
# Copyright (c) 2000-2003 Alistair Crooks. All rights reserved.
#
@@ -41,19 +41,15 @@
FORMAT_MAJOR=1
FORMAT_MINOR=0
-FORMAT_TEENY=1
+FORMAT_TEENY=0
PKG_INSTALL_REQUIRED=20050530
usage() {
argv0="${1##*/}"
cat <<EOF
$2
-Usage: $argv0 [-dv] [-i vulnid:id|pkgpat:pattern]
- [-K pkg_dbdir] [-p package]
+Usage: $argv0 [-dv] [-K pkg_dbdir] [-p package]
-d : Run download-vulnerability-list before anything else.
- -i : Ignore packages matching one of the specified vulnerabilities,
- or matching one of the provided patterns.
- Repeated -i options add to the ignore list.
-K : Use pkg_dbdir as PKG_DBDIR.
-p : Check a specific package for vulnerabilities.
-v : Verbose mode
@@ -71,18 +67,11 @@
download=no
verbose=no
-ignore_list=
-pkg_patterns=
-vulnids=
one_package=
while [ $# -gt 0 ]; do
case "$1" in
-d) download=yes ;;
-v) verbose=yes ;;
- -i)
- ignore_list="$ignore_list $2"
- shift
- ;;
-p)
one_package="$2"
shift
@@ -106,18 +95,6 @@
;;
esac
-for ign in $ignore_list ; do
- case "$ign" in
- pkgpat:*)
- ign="${ign#*:}"
- pkg_patterns="$pkg_patterns $ign"
- ;;
- *)
- vulnids="$vulnids $ign"
- ;;
- esac
-done
-
# try to download vulnerability list, as requested
# the integrity of the list is checked below
# so just issue a warning if there was a failure
@@ -215,22 +192,6 @@
\#*|'') continue;;
esac
- vulnid=unknown
- if [ $file_teeny -gt 0 ] ; then
- vulnid=${type%%,*}
- type=${type#*,}
-
- skipit=0
- for ign in $vulnids; do
- if [ "$ign" = "$vulnid" ] ; then
- skipit=1
- fi
- done
- if [ $skipit -eq 1 ] ; then
- continue;
- fi
- fi
-
if [ -z "$one_package" ] ; then
vulnpkgs=`@PKG_TOOLS_BIN@/pkg_info -e "$pat"`
else
@@ -240,19 +201,8 @@
fi
fi
for pkg in $vulnpkgs ; do
- skipit=0
- for ign in $pkg_patterns; do
- ign="${ign#*:}"
- if @PKG_TOOLS_BIN@/pkg_admin pmatch "${ign}" "$pkg" ; then
- skipit=1
- break
- fi
- done
- if [ $skipit -eq 1 ] ; then
- continue
- fi
echo "Package $pkg has a" \
- "$type vulnerability (vulnid:$vulnid), see $url"
+ "$type vulnerability, see $url"
done
done < "$vuls"
diff -r 76601a004bc9 -r a7c9d89bfb5e security/audit-packages/files/audit-packages.0
--- a/security/audit-packages/files/audit-packages.0 Mon Apr 17 21:59:52 2006 +0000
+++ b/security/audit-packages/files/audit-packages.0 Tue Apr 18 22:52:44 2006 +0000
@@ -5,7 +5,7 @@
installed packages
S�SY�YN�NO�OP�PS�SI�IS�S
- a�au�ud�di�it�t-�-p�pa�ac�ck�ka�ag�ge�es�s [-�-d�dv�v] [-�-i�i _�i_�g_�n_�o_�r_�e_�-_�l_�i_�s_�t] [-�-K�K _�p_�k_�g_�__�d_�b_�d_�i_�r] [-�-p�p _�p_�a_�c_�k_�a_�g_�e]
+ a�au�ud�di�it�t-�-p�pa�ac�ck�ka�ag�ge�es�s [-�-d�dv�v] [-�-K�K _�p_�k_�g_�__�d_�b_�d_�i_�r] [-�-p�p _�p_�a_�c_�k_�a_�g_�e]
d�do�ow�wn�nl�lo�oa�ad�d-�-v�vu�ul�ln�ne�er�ra�ab�bi�il�li�it�ty�y-�-l�li�is�st�t
D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
@@ -21,13 +21,6 @@
file before scanning the installed packages for vulnerabil-
ities.
- -�-i�i [v�vu�ul�ln�ni�id�d:�:_�v_�u_�l_�n_�i_�d|p�pk�kg�gp�pa�at�t:�:_�p_�a_�t_�t_�e_�r_�n]
- Specify a list of vulnerabilities or packages to ignore.
- Packages can be specified using package wildcards (see
- pkg_info(1)). Vulnerabilities can be specified with the
- form v�vu�ul�ln�ni�id�d:�:_�v_�u_�l_�n_�i_�d. Vulnerability ids are only present in
- file format 1.0.1 or higher.
-
-�-K�K _�p_�k_�g_�__�d_�b_�d_�i_�r Use package database directory _�p_�k_�g_�__�d_�b_�d_�i_�r.
-�-p�p _�p_�a_�c_�k_�a_�g_�e Check only the package _�p_�a_�c_�k_�a_�g_�e for vulnerabilities.
@@ -44,7 +37,7 @@
Each line lists the package and vulnerable versions, the type of exploit,
and an Internet address for further information:
- <package pattern> <vulnid>,<type> <url>
+ <package pattern> <type> <url>
The type of exploit can be any text, although some common types of
exploits listed are:
@@ -157,4 +150,4 @@
September 19, 2000. The original idea came from Roland Dowdeswell and
Bill Sommerfeld.
-NetBSD 3.0 November 16, 2005 NetBSD 3.0
+NetBSD 3.0 April 15, 2006 NetBSD 3.0
diff -r 76601a004bc9 -r a7c9d89bfb5e security/audit-packages/files/audit-packages.8
--- a/security/audit-packages/files/audit-packages.8 Mon Apr 17 21:59:52 2006 +0000
+++ b/security/audit-packages/files/audit-packages.8 Tue Apr 18 22:52:44 2006 +0000
@@ -1,4 +1,4 @@
-.\" $NetBSD: audit-packages.8,v 1.17 2005/11/16 22:54:58 wiz Exp $
+.\" $NetBSD: audit-packages.8,v 1.17.4.1 2006/04/18 22:52:44 snj Exp $
.\"
.\" Copyright (c) 2003 Jeremy C. Reed. All rights reserved.
.\"
@@ -30,7 +30,7 @@
.\" NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
.\" SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd November 16, 2005
+.Dd April 15, 2006
.Os
.Dt AUDIT-PACKAGES 8
.Sh NAME
@@ -40,7 +40,6 @@
.Sh SYNOPSIS
.Nm
.Op Fl dv
-.Op Fl i Ar ignore-list
.Op Fl K Ar pkg_dbdir
.Op Fl p Ar package
.Nm download-vulnerability-list
@@ -61,13 +60,6 @@
will attempt to download the vulnerabilities
file before scanning
the installed packages for vulnerabilities.
-.It Fl i Oo Cm vulnid: Ns Ar vulnid Ns | Ns Cm pkgpat: Ns Ar pattern Oc
-Specify a list of vulnerabilities or packages to ignore.
-Packages can be specified using package wildcards (see
-.Xr pkg_info 1 ) .
-Vulnerabilities can be specified with the form
-.Cm vulnid: Ns Ar vulnid .
-Vulnerability ids are only present in file format 1.0.1 or higher.
.It Fl K Ar pkg_dbdir
Use package database directory
.Ar pkg_dbdir .
@@ -97,7 +89,7 @@
.Bl -item
.It
.Aq package pattern
-.Ao vulnid Ac Ns , Ns Aq type
+.Aq type
.Aq url
.El
.Pp
Home |
Main Index |
Thread Index |
Old Index