On 2005.06.24 10:58:36 +0100, Dick Davies wrote: > > I just manually patched up my ruby18 install and tried to tell > portaudit that the local port is now clean, but it doesn't want to > know: > > [EMAIL PROTECTED] rasputnik # portaudit > Affected package: ruby-1.8.2_3 > Type of problem: ruby -- arbitrary command execution on XMLRPC server. > Reference: > <http://www.FreeBSD.org/ports/portaudit/594eb447-e398-11d9-a8bd-000cf18bbe54.html> > > ^C > [EMAIL PROTECTED] rasputnik # cat /usr/local/etc/portaudit.conf > portaudit_fixed="594eb447-e398-11d9-a8bd-000cf18bbe54" > [EMAIL PROTECTED] rasputnik # > > what did I miss?
It seems like portaudit_fixed only works for "system" entries, ie. base system vulnerabilities and is ignored package entries. I think it would be useful to be able to suppress the certain package vulnerabilities like you are trying to, but I don't think I will get around to looking at implementing it any time soon. Of cause the real solution to this particular problem would be for someone to submit a patch for the port :-). -- Simon L. Nielsen
pgpyTk4WFAGNc.pgp
Description: PGP signature
