* Simon L. Nielsen <[EMAIL PROTECTED]> [0652 20:52]: > On 2005.06.24 10:58:36 +0100, Dick Davies wrote: > > > > I just manually patched up my ruby18 install and tried to tell > > portaudit that the local port is now clean, but it doesn't want to > > know: > > > > [EMAIL PROTECTED] rasputnik # portaudit > > Affected package: ruby-1.8.2_3 > > Type of problem: ruby -- arbitrary command execution on XMLRPC server. > > Reference: > > <http://www.FreeBSD.org/ports/portaudit/594eb447-e398-11d9-a8bd-000cf18bbe54.html> > > > > ^C > > [EMAIL PROTECTED] rasputnik # cat /usr/local/etc/portaudit.conf > > portaudit_fixed="594eb447-e398-11d9-a8bd-000cf18bbe54" > > [EMAIL PROTECTED] rasputnik # > > > > what did I miss? > > It seems like portaudit_fixed only works for "system" entries, > ie. base system vulnerabilities and is ignored package entries.
Oh, OK. I thought portaudit only audited, well, ports :)
> I think it would be useful to be able to suppress the certain package
> vulnerabilities like you are trying to, but I don't think I will get
> around to looking at implementing it any time soon.
That's fine, I'll have another look at it when I get half an hour.
--
'INCREASE the life of your carpets by rolling them up and keeping them in the
garage.'
-- Top Tips
Rasputin :: Jack of All Trades - Master of Nuns
pgpHKMXLoCBNo.pgp
Description: PGP signature
