simon 2012-03-11 22:05:39 UTC
FreeBSD ports repository
Added files:
ports-mgmt/portaudit/files portaudit.pubkey
Log:
Portaudit 0.6.0:
Fix remote code execution which can occur with a specially crafted
audit file. The attacker would need to get the portaudit(1) to
download the bad audit database, e.g. by performing a man in the
middle attack.
Add signature verification of the portaudit database. The public key
is for the database generated for portaudit.FreeBSD.org is included
in the distribution.
(This parts add the portaudit public key missed in initial commit.)
Submitted by: Michael Gmelin <[email protected]>
Reported by: Michael Gmelin <[email protected]>, Joerg Scheinert
Security: Remote code execution
Security:
http://vuxml.FreeBSD.org/6d329b64-6bbb-11e1-9166-001e4f0fb9b1.html
Feature safe: yes
With hat: so
Revision Changes Path
1.1 +14 -0 ports/ports-mgmt/portaudit/files/portaudit.pubkey (new)
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "[email protected]"
