Module Name:	pkgsrc
Committed By:	agc
Date:		Thu Apr 17 12:36:57 UTC 2003

Modified Files:
	pkgsrc/mk: bsd.pkg.mk

Log Message:
Add a check at fetch time to see if there are any known vulnerabilities
in a package - should keep some admins' blood pressure a bit lower.

Inspired by PR 19479.

Output where there is a vulnerability looks like:
	[13:30:05] agc@sys1 ...pkgsrc/net/samba 28 > make fetch
	===> do-fetch [samba-2.2.8] ===> Checking for vulnerabilities in samba-2.2.8
	*** WARNING - remote-root-access vulnerability in samba-2.2.8 - see http://lists.samba.org/pipermail/samba-announce/2003-April/000065.html for more information ***
	*** Error code 1

	Stop.
	make: stopped in /usr/pkgsrc/net/samba
	*** Error code 1

	Stop.
	make: stopped in /usr/pkgsrc/net/samba

whilst output where there is no vulnerability looks like:
	[13:30:28] agc@sys1 ...pkgsrc/net/ethereal 30 > make fetch
	===> do-fetch [ethereal-0.9.11] ===> Checking for vulnerabilities in ethereal-0.9.11
	=> ethereal-0.9.11.tar.gz doesn't seem to exist on this system.
	=> Attempting to fetch ethereal-0.9.11.tar.gz from ftp://ftp.sunet.se/pub/network/monitoring/ethereal/.
	=> [4457475 bytes]
	Trying 194.71.11.40...
	Connected to ftp.sunet.se.
	220-####################################################################


To generate a diff of this commit:
cvs rdiff -r1.1168 -r1.1169 pkgsrc/mk/bsd.pkg.mk

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.