package is installed or not using a precalculated regex.
This speeds up "portaudit -a" with around a factor of 10.
The change is slightly modified from the one from the PR by using
pkg_info -aE instead of ls /var/db/pkg for determining installed
packages.
Submitted by: Kuang-che Wu <kcwu@csie.org>
PR: ports/92942
secteam@ instead of security@ to make it more clear that the ports are
not maintained by the freebsd-security@ mailing list. Both addresses
go to the same people.
- Unbreak portaudit -vF.
- Sync usage with reality.
- Document the q, v, and V options.
- Markup fixes for the portaudit(1) manual page.
- Make quiet mode output even less "redundant" text [1].
- Set maintainership to security@. [2]
Suggested by: Phil Kernick philk at rotfl dot com dot au [1]
Suggested by: nectar, remko [2]
modify the vulnerability report depending on -q/-v (experimental)
PR: 69935, 68942
Submitted by: Chris Pepper <pepper@reppep.com>, Johan Karlsson <k@numeri.campus.luth.se>
*** NOTE ***
The preferences file format has changed, as have the periodic.conf(5) names.
Normally the default settings should be adequate, except when you need to
configure a proxy. Use $PREFIX/etc/portaudit.conf.sample as an example.
- moved portaudit to sbin
- clean up, merging stuff into the portaudit script
- better return codes and errors to stderr
- -f can check stdin now
- dropped ports tree auditing
- merged the periodic(8) scripts into one
- run daily auditing as `nobody'
- use passive ftp by default, don't retry on failure [1]
- add a -C flag, portlint style
- don't keep databases that are tool old [2]
Requested by: hubs [1]
Noticed by: Nicolas Rachinsky <nicolas@rachinsky.de> [2]
Since we are using the official VuXML database
the auditing should be pretty complete.
- mention web page
- add more mirrors, disabling .ru mirror (too much lag)
- allow combined options in portaudit shell script
- add sample configuration file
- use absolute paths for binaries, to ease use in crontab scripts [1]
- correct type in man page [2]
PR: 64005 [2]
Submitted by: Tomasz Pilat <poncki@axelspringer.com.pl> [1]
Nathan Dove <njdove@wafer.sandia.gov> [2]
- new command line tool
- new man page
- reworked database update code, incorporating feedback from
Max Khon <fjoe>, Radim Kolar <hsn@netmag.cz> (PR 63066) and
Ion-Mihai Tetcu <itetcu@apropo.ro> (PR 62655)
two databases cause more confusion than it is worth.
portaudit uses ports/security/vuxml/vuln.xml in the meantime,
please commit your changes there and send feedback wich format
you prefer.
Currently we have to migrate gnats, mailman, monkey and some
apache versions.
of FreeBSD ports and tools to check if installed ports are listed.
Since this is a prerelease version, it is mostly usable for
committers that want to contribute to the project, and can currently
not be relied upon as an extensive security auditing tool.