Disable auditfile.txt until we decide on a database format,

two databases cause more confusion than it is worth.

portaudit uses ports/security/vuxml/vuln.xml in the meantime,
please commit your changes there and send feedback wich format
you prefer.

Currently we have to migrate gnats, mailman, monkey and some
apache versions.

ports-mgmt/portaudit/database/auditfile.txt

@@ -1,53 +0,0 @@
-#
-# auditfile.txt - FreeBSD ports vulnerabilities database
-#
-# $FreeBSD$
-#
-# MAINTAINER=ports@FreeBSD.org
-#
-# Each entry consists of a single line containing the following three
-# fields in the order named, separated with the pipe (`|') character:
-#
-#     Package:    A pattern that matches the name of the vulnurable
-#                 package, see `man -M /usr/local/man pkg_info'.
-#     Reference:  An URL where an advisory can be found
-#     Reason:     The type of vulnurability found
-#
-# Keep this list sorted in the chronological order.  New entries must
-# be added at the end, old entries shouldn't be removed; this should
-# document *all* known package vulnerabilities. 
-#
-# This file does not have any designated maintainer, so feel free to
-# commit to it yourself.  However, it is generally a good idea to
-# notify the maintainer of the affected package(s)
-#
-
-gnupg>1.0.2<1.2.3_4|http://lists.gnupg.org/pipermail/gnupg-devel/2003-November/020570.html|ElGamal signing keys compromised
-rsync<2.5.7|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0962|Buffer overflow in server
-gaim<0.75_6|http://security.e-matters.de/advisories/012004.txt|12 vulnerabilities that allow remote compromise
-proftpd<1.2.8_1|http://xforce.iss.net/xforce/alerts/id/154|ProFTPD ASCII File Remote Compromise Vulnerability
-inn>=2.4<2.4.1|http://lists.litech.org/pipermail/inn-workers/2004q1/002763.html|Buffer overflow in control message handling
-inn-stable>=2.4<20031022_1|http://lists.litech.org/pipermail/inn-workers/2004q1/002763.html|Buffer overflow in control message handling
-apache>=2.0.35<2.0.48|http://www.apacheweek.com/features/security-20|Multiple security vulnerabilities
-apache>=1.3<1.3.29|http://www.apacheweek.com/features/security-13|Multiple security vulnerabilities
-apache+mod_ssl>=1.3<1.3.29|http://www.apacheweek.com/features/security-13|Multiple security vulnerabilities
-apache+ipv6>=1.3<1.3.29|http://www.apacheweek.com/features/security-13|Multiple security vulnerabilities
-ru-apache>=1.3<1.3.29|http://www.apacheweek.com/features/security-13|Multiple security vulnerabilities
-ru-apache+mod_ssl>=1.3<1.3.29|http://www.apacheweek.com/features/security-13|Multiple security vulnerabilities
-clamav<0.65_7|http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/62586|remote exploitable DOS vulnerability
-apache+ssl>=1.3<1.3.29.1.53|http://www.apache-ssl.org/advisory-20040206.txt|optional client certificate vulnerability
-monkey<0.8.2|http://monkeyd.sourceforge.net/|DoS bug caused by get_real_string()
-mutt<1.4.2|http://www.securityfocus.com/archive/1/353428/2004-02-08/2004-02-14/0|buffer overflow that can be triggered by incoming messages
-fspd<=2.8.1.3|http://fsp.sourceforge.net/|buffer overflow (CAN-2004-0011) and directory traversal (CAN-2003-1022) bugs
-libtool>=1.3<1.3.5_2|http://www.securityfocus.com/archive/1/352519|symlink vulnerability
-libtool>=1.4<1.4.3_3|http://www.securityfocus.com/archive/1/352519|symlink vulnerability
-libtool>=1.5<1.5.2|http://www.securityfocus.com/archive/1/352333|symlink vulnerability
-gnats<=3.113.1_9|http://www.securityfocus.com/archive/1/326337|Local privilege elevation
-XFree86-Server>=4.1.0<4.3.0_14|http://www.xfree86.org/security/|Font file buffer overflows
-XFree86-Server>=4.3.99<4.3.99.15_2|http://www.xfree86.org/security/|Font file buffer overflows
-mailman<2.1.4|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0965|Cross-site scripting (XSS) vulnerability
-bind<8.3.7|http://www.kb.cert.org/vuls/id/734644|negative cache poisoning
-pine<4.58|http://www.idefense.com/application/poi/display?id=5&type=vulnerabilities|remote exploitable buffer overflow
-zh-pine<4.58|http://www.idefense.com/application/poi/display?id=5&type=vulnerabilities|remote exploitable buffer overflow
-iw-pine<4.58|http://www.idefense.com/application/poi/display?id=5&type=vulnerabilities|remote exploitable buffer overflow
-samba>=3.0<3.0.1_2,1|http://www.samba.org/samba/whatsnew/samba-3.0.2.html|password initialization bug

security/portaudit/database/auditfile.txt

@@ -1,53 +0,0 @@
-#
-# auditfile.txt - FreeBSD ports vulnerabilities database
-#
-# $FreeBSD$
-#
-# MAINTAINER=ports@FreeBSD.org
-#
-# Each entry consists of a single line containing the following three
-# fields in the order named, separated with the pipe (`|') character:
-#
-#     Package:    A pattern that matches the name of the vulnurable
-#                 package, see `man -M /usr/local/man pkg_info'.
-#     Reference:  An URL where an advisory can be found
-#     Reason:     The type of vulnurability found
-#
-# Keep this list sorted in the chronological order.  New entries must
-# be added at the end, old entries shouldn't be removed; this should
-# document *all* known package vulnerabilities. 
-#
-# This file does not have any designated maintainer, so feel free to
-# commit to it yourself.  However, it is generally a good idea to
-# notify the maintainer of the affected package(s)
-#
-
-gnupg>1.0.2<1.2.3_4|http://lists.gnupg.org/pipermail/gnupg-devel/2003-November/020570.html|ElGamal signing keys compromised
-rsync<2.5.7|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0962|Buffer overflow in server
-gaim<0.75_6|http://security.e-matters.de/advisories/012004.txt|12 vulnerabilities that allow remote compromise
-proftpd<1.2.8_1|http://xforce.iss.net/xforce/alerts/id/154|ProFTPD ASCII File Remote Compromise Vulnerability
-inn>=2.4<2.4.1|http://lists.litech.org/pipermail/inn-workers/2004q1/002763.html|Buffer overflow in control message handling
-inn-stable>=2.4<20031022_1|http://lists.litech.org/pipermail/inn-workers/2004q1/002763.html|Buffer overflow in control message handling
-apache>=2.0.35<2.0.48|http://www.apacheweek.com/features/security-20|Multiple security vulnerabilities
-apache>=1.3<1.3.29|http://www.apacheweek.com/features/security-13|Multiple security vulnerabilities
-apache+mod_ssl>=1.3<1.3.29|http://www.apacheweek.com/features/security-13|Multiple security vulnerabilities
-apache+ipv6>=1.3<1.3.29|http://www.apacheweek.com/features/security-13|Multiple security vulnerabilities
-ru-apache>=1.3<1.3.29|http://www.apacheweek.com/features/security-13|Multiple security vulnerabilities
-ru-apache+mod_ssl>=1.3<1.3.29|http://www.apacheweek.com/features/security-13|Multiple security vulnerabilities
-clamav<0.65_7|http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/62586|remote exploitable DOS vulnerability
-apache+ssl>=1.3<1.3.29.1.53|http://www.apache-ssl.org/advisory-20040206.txt|optional client certificate vulnerability
-monkey<0.8.2|http://monkeyd.sourceforge.net/|DoS bug caused by get_real_string()
-mutt<1.4.2|http://www.securityfocus.com/archive/1/353428/2004-02-08/2004-02-14/0|buffer overflow that can be triggered by incoming messages
-fspd<=2.8.1.3|http://fsp.sourceforge.net/|buffer overflow (CAN-2004-0011) and directory traversal (CAN-2003-1022) bugs
-libtool>=1.3<1.3.5_2|http://www.securityfocus.com/archive/1/352519|symlink vulnerability
-libtool>=1.4<1.4.3_3|http://www.securityfocus.com/archive/1/352519|symlink vulnerability
-libtool>=1.5<1.5.2|http://www.securityfocus.com/archive/1/352333|symlink vulnerability
-gnats<=3.113.1_9|http://www.securityfocus.com/archive/1/326337|Local privilege elevation
-XFree86-Server>=4.1.0<4.3.0_14|http://www.xfree86.org/security/|Font file buffer overflows
-XFree86-Server>=4.3.99<4.3.99.15_2|http://www.xfree86.org/security/|Font file buffer overflows
-mailman<2.1.4|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0965|Cross-site scripting (XSS) vulnerability
-bind<8.3.7|http://www.kb.cert.org/vuls/id/734644|negative cache poisoning
-pine<4.58|http://www.idefense.com/application/poi/display?id=5&type=vulnerabilities|remote exploitable buffer overflow
-zh-pine<4.58|http://www.idefense.com/application/poi/display?id=5&type=vulnerabilities|remote exploitable buffer overflow
-iw-pine<4.58|http://www.idefense.com/application/poi/display?id=5&type=vulnerabilities|remote exploitable buffer overflow
-samba>=3.0<3.0.1_2,1|http://www.samba.org/samba/whatsnew/samba-3.0.2.html|password initialization bug