Eygene Ryabinkin wrote:
Miroslav, good day.
Mon, Oct 06, 2008 at 12:41:05AM +0200, Miroslav Lachman wrote:
I am busy these days, but it is nice to read about your progress. I hope
I will get some time to test all of these large patches in a few days
and I will report back my experiences!
Hello,
On Monday 06 October 2008 07:23:37 Eygene Ryabinkin wrote:
But downloading the INDEX file from the central server seemed to be the
best way, since it almost always gives one the latest port versions, so
I had implemented this in a first place.
I've been following this, but I don't
Mel, good day.
Mon, Oct 06, 2008 at 11:24:54AM +0200, Mel wrote:
On Monday 06 October 2008 07:23:37 Eygene Ryabinkin wrote:
But downloading the INDEX file from the central server seemed to be the
best way, since it almost always gives one the latest port versions, so
I had implemented this
On Monday 06 October 2008 12:28:48 Eygene Ryabinkin wrote:
Mel, good day.
Mon, Oct 06, 2008 at 11:24:54AM +0200, Mel wrote:
On Monday 06 October 2008 07:23:37 Eygene Ryabinkin wrote:
But downloading the INDEX file from the central server seemed to be the
best way, since it almost always
Miroslav,
Mon, Oct 06, 2008 at 10:59:46AM +0200, Miroslav Lachman wrote:
I have '/usr/sbin/portsnap cron' and '/usr/sbin/portsnap -I update' in
my crontab, so I get INDEX updated every night before nightly security
e-mail is generated.
Ah, I see. Thanks!
But downloading the INDEX file
Mel,
Mon, Oct 06, 2008 at 01:07:51PM +0200, Mel wrote:
On Monday 06 October 2008 12:28:48 Eygene Ryabinkin wrote:
Once you have the origin of the port, you can:
- make -C $PORTSDIR/$origin -V PKGNAME
- get the matching origin(s) out of ${INDEXDIR}/${INDEXFILE}
- get the matching origin(s)
Mel,
Mon, Oct 06, 2008 at 02:40:48PM +0200, Mel wrote:
What I meant is the '-o' flag in pkg_audit, so I can figure out myself whether
it's new or not and my buildserver can prioritize it's builds based on
vulnerable packages it's clients have installed. The origin is the unique key
that
Mon, Oct 06, 2008 at 02:30:29PM +0400, Eygene Ryabinkin wrote:
OK, fine. I will implement the usage of the local INDEX file in some
days.
OK, I had implemented both '-o' option to pkg_audit and the usage of the
local INDEX file. I had reworked pkg_audit and portaudit a bit further,
mostly
Forgot to say:
Tue, Oct 07, 2008 at 12:30:58AM +0400, Eygene Ryabinkin wrote:
OK, I had implemented both '-o' option to pkg_audit and the usage of the
local INDEX file.
The latter can be activated by writing something like
-
portaudit_pkg_index=file:///usr/ports/INDEX-%d
-
to the
Miroslav, good day.
Sun, Sep 28, 2008 at 04:14:24PM +0400, Eygene Ryabinkin wrote:
If I read nightly security e-mail with for example 4 vulnerable
packages, then I need to log in to server and manualy try, if newer
(fixed) packages are available. It seems not so hard to check output of
Sun, Oct 05, 2008 at 11:03:17PM +0400, Eygene Ryabinkin wrote:
I had also changed the output format for pkg_audit, so I am attaching
another version of the second patch for the pkg_install bundle.
One neat about new pkg_audit utility: if you already have the build
directory for pkg_install in
Eygene Ryabinkin wrote:
Miroslav, good day.
Sun, Sep 28, 2008 at 04:14:24PM +0400, Eygene Ryabinkin wrote:
If I read nightly security e-mail with for example 4 vulnerable
packages, then I need to log in to server and manualy try, if newer
(fixed) packages are available. It seems not so hard
Miroslav, good day.
Mon, Oct 06, 2008 at 12:41:05AM +0200, Miroslav Lachman wrote:
I am busy these days, but it is nice to read about your progress. I hope
I will get some time to test all of these large patches in a few days
and I will report back my experiences!
Fine, thank you! I am
Roman, good day.
Sat, Sep 27, 2008 at 08:18:08PM +0400, Roman Kurakin wrote:
Have you also posted this to [EMAIL PROTECTED]
No, forgot to do it. CC'ing ports@
Thanks!
The original posting to hackers@ goes below. It will be double-posted
to the bug-followup@ -- sorry for this.
Eygene
Eygene Ryabinkin wrote:
Roman, good day.
Sat, Sep 27, 2008 at 08:18:08PM +0400, Roman Kurakin wrote:
Have you also posted this to [EMAIL PROTECTED]
No, forgot to do it. CC'ing ports@
Thanks!
The original posting to hackers@ goes below. It will be double-posted
to the bug-followup@ --
Miroslav, good day.
Sun, Sep 28, 2008 at 01:15:01PM +0200, Miroslav Lachman wrote:
Is there any possibility to cooperate portaudit / pkg_audit with
pkg_version to show vulnerable package with information if newer (not
vulnerable) package (or port) version is available for upgrade to?
If I
16 matches
Mail list logo
