Re: What happened with portaudit?

jimmy_at_inet-solutions.be
Date: 11/07/05

  • Next message: Carlos Silva aka|Danger_Man|: "Security updates without rebooting"
    Date: Mon,  7 Nov 2005 08:47:03 +0100
    To: "Simon L. Nielsen" <simon@FreeBSD.org>
    
    

    Quoting "Simon L. Nielsen" <simon@FreeBSD.org>:

    > On 2005.11.06 21:48:52 +0100, Jimmy Scott wrote:
    > > On Sun, Nov 06, 2005 at 05:30:00PM +0100, Kövesdán Gábor wrote:
    > > > Hello,
    > > >
    > > > One of my machines I got a report about 3 vulnerable packages (php4,
    > > > ruby, openssl) in tomorrows security run output, but in today's security
    > > > run output all of them disappeared, but nobody upgraded or removed the
    > > > affected packages. I reinstalled portaudit, refreshd its database, but
    > > > now it reports 0 affected pakages. The pkg_info command lists that three
    > > > packages, so they are still installed. Does anybody suspect what's wrong?
    > >
    > > I noticed the same, but didn't had the time to look for a possible
    > > answer on that question.
    >
    > It does seem to work for me now. Could people having this problem
    > please check the size of /var/db/portaudit/auditfile.tbz and try to
    > run portaudit -Fa to refetch the database and check again?
    >
    > For reference:
    >
    > [simon@zaphod:/tmp] ls -l /var/db/portaudit/auditfile.tbz
    > -r--r--r-- 1 root wheel 31762 6 Nov 22:40 /var/db/portaudit/auditfile.tbz
    >
    > There have been one previous report where a problem with the portaudit
    > database build resulted in an incomplete auditfile which was then
    > fixed after the next portaudit database rebuild.
    >
    > --
    > Simon L. Nielsen
    > FreeBSD Security Team
    >

    Everything seems fine today, I can't check the size of the file from
    then since it's being run every night by periodic/security.

    If you are really interrested in the file I could restore it from a
    backup somehow, but it will be a lot of work. I should have checked
    it from the moment I noticed in the emails.

    Kind regards,
    Jimmy Scott

    ----------------------------------------------------------------
    This message has been sent through ihosting.be
    To report spamming or other unaccepted behavior
    by a iHosting customer, please send a message
    to abuse@ihosting.be
    ----------------------------------------------------------------
    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"


  • Next message: Carlos Silva aka|Danger_Man|: "Security updates without rebooting"