Re: What happened with portaudit?

• Previous message: Jimmy Scott: "Re: What happened with portaudit?"
• In reply to: Jimmy Scott: "Re: What happened with portaudit?"
• Next in thread: Lupe Christoph: "Re: What happened with portaudit?"
• Reply: Lupe Christoph: "Re: What happened with portaudit?"
• Reply: jimmy_at_inet-solutions.be: "Re: What happened with portaudit?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sun, 6 Nov 2005 23:09:42 +0100
To: Jimmy Scott <jimmy@inet-solutions.be>

On 2005.11.06 21:48:52 +0100, Jimmy Scott wrote:
> On Sun, Nov 06, 2005 at 05:30:00PM +0100, Kövesdán Gábor wrote:
> > Hello,
> >
> > One of my machines I got a report about 3 vulnerable packages (php4,
> > ruby, openssl) in tomorrows security run output, but in today's security
> > run output all of them disappeared, but nobody upgraded or removed the
> > affected packages. I reinstalled portaudit, refreshd its database, but
> > now it reports 0 affected pakages. The pkg_info command lists that three
> > packages, so they are still installed. Does anybody suspect what's wrong?
>
> I noticed the same, but didn't had the time to look for a possible
> answer on that question.

It does seem to work for me now. Could people having this problem
please check the size of /var/db/portaudit/auditfile.tbz and try to
run portaudit -Fa to refetch the database and check again?

For reference:

[simon@zaphod:/tmp] ls -l /var/db/portaudit/auditfile.tbz
-r--r--r-- 1 root wheel 31762 6 Nov 22:40 /var/db/portaudit/auditfile.tbz

There have been one previous report where a problem with the portaudit
database build resulted in an incomplete auditfile which was then
fixed after the next portaudit database rebuild.

-- 
Simon L. Nielsen
FreeBSD Security Team

• application/pgp-signature attachment: stored

• Previous message: Jimmy Scott: "Re: What happened with portaudit?"
• In reply to: Jimmy Scott: "Re: What happened with portaudit?"
• Next in thread: Lupe Christoph: "Re: What happened with portaudit?"
• Reply: Lupe Christoph: "Re: What happened with portaudit?"
• Reply: jimmy_at_inet-solutions.be: "Re: What happened with portaudit?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: What happened with portaudit? ... >> ruby, openssl) in tomorrows security run output, but in today's security ... >> affected packages. ... run portaudit -Fa to refetch the database and check again? ... (freebsd-questions) Re: setting a password on a button on the switchboard ... Could you send me the sample database for the fourth option (4. ... > Security in an Access database can probably be broken down into two big ... > points about being easier than User Level Security, ... > What type of data are you trying to protect? ... (microsoft.public.access.forms) Re: access 2003 ... security in access 2003. ... The data will go on the server and the program database ... than the alternative of creating an mde file. ... MDW file from the written record. ... (microsoft.public.access.conversion) Re: access 2003 ... security in access 2003. ... The data will go on the server and the program database ... than the alternative of creating an mde file. ... MDW file from the written record. ... (microsoft.public.access.conversion) Re: Is this possible?? ... I understand Windows security but since I've not seen A2007 live, ... The backend is on the server in it's own file. ... database, but everyone does not need to have access to tblwage which is ... (microsoft.public.access.tablesdbdesign)