pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/security/audit-packages/files regen.



details:   https://anonhg.NetBSD.org/pkgsrc/rev/27a90d5d9d60
branches:  trunk
changeset: 503247:27a90d5d9d60
user:      wiz <wiz%pkgsrc.org@localhost>
date:      Wed Nov 16 22:57:43 2005 +0000

description:
regen.

diffstat:

 security/audit-packages/files/audit-packages.0 |  112 ++++++++++++++----------
 1 files changed, 67 insertions(+), 45 deletions(-)

diffs (152 lines):

diff -r fdb76f58fcaf -r 27a90d5d9d60 security/audit-packages/files/audit-packages.0
--- a/security/audit-packages/files/audit-packages.0    Wed Nov 16 22:57:24 2005 +0000
+++ b/security/audit-packages/files/audit-packages.0    Wed Nov 16 22:57:43 2005 +0000
@@ -5,7 +5,7 @@
      installed packages
 
 SSYYNNOOPPSSIISS
-     aauuddiitt--ppaacckkaaggeess [--ddvv]
+     aauuddiitt--ppaacckkaaggeess [--ddvv] [--ii _i_g_n_o_r_e_-_l_i_s_t] [--KK _p_k_g___d_b_d_i_r] [--pp _p_a_c_k_a_g_e]
      ddoowwnnllooaadd--vvuullnneerraabbiilliittyy--lliisstt
 
 DDEESSCCRRIIPPTTIIOONN
@@ -13,59 +13,83 @@
      _p_k_g_-_v_u_l_n_e_r_a_b_i_l_i_t_i_e_s file and reports any known security issues to stan-
      dard output.  This output contains the name and version of the package,
      the type of vulnerability, and an URL for further information for each
-     vulnerable package.  If the --vv option is specified, aauuddiitt--ppaacckkaaggeess will
-     warn when the vulnerabilities file is more than a week old.  The --dd
-     option will attempt to download this vulnerabilities file before scanning
-     the installed packages for vulnerabilities.
+     vulnerable package.
+
+     The following flags are supported:
+
+     --dd            aauuddiitt--ppaacckkaaggeess will attempt to download the vulnerabilities
+                   file before scanning the installed packages for vulnerabil-
+                   ities.
+
+     --ii [vvuullnniidd::_v_u_l_n_i_d|ppkkggppaatt::_p_a_t_t_e_r_n]
+                   Specify a list of vulnerabilities or packages to ignore.
+                   Packages can be specified using package wildcards (see
+                   pkg_info(1)).  Vulnerabilities can be specified with the
+                   form vvuullnniidd::_v_u_l_n_i_d.  Vulnerability ids are only present in
+                   file format 1.0.1 or higher.
+
+     --KK _p_k_g___d_b_d_i_r  Use package database directory _p_k_g___d_b_d_i_r.
+
+     --pp _p_a_c_k_a_g_e    Check only the package _p_a_c_k_a_g_e for vulnerabilities.
+
+     --vv            Set verbose mode.  aauuddiitt--ppaacckkaaggeess will warn when the vul-
+                   nerabilities file is more than a week old.
 
      The ddoowwnnllooaadd--vvuullnneerraabbiilliittyy--lliisstt program downloads this file from
      
_f_t_p_:_/_/_f_t_p_._N_e_t_B_S_D_._o_r_g_/_p_u_b_/_N_e_t_B_S_D_/_p_a_c_k_a_g_e_s_/_d_i_s_t_f_i_l_e_s_/_p_k_g_-_v_u_l_n_e_r_a_b_i_l_i_t_i_e_s
      using @FETCH_CMD_SHORT@(1).  This vulnerabilities file documents all
      known security issues in pkgsrc packages and is kept up-to-date by the
-     NetBSD packages team.
+     NetBSD pkgsrc-security team.
 
      Each line lists the package and vulnerable versions, the type of exploit,
-     and an Internet address for further information.  The type of exploit can
-     be any text, although some common types of exploits listed are:
-           ++oo   cross-site-html
-           ++oo   cross-site-scripting
-           ++oo   denial-of-service
-           ++oo   file-permissions
-           ++oo   local-access
-           ++oo   local-code-execution
-           ++oo   local-file-read
-           ++oo   local-file-removal
-           ++oo   local-file-write
-           ++oo   local-root-file-view
-           ++oo   local-root-shell
-           ++oo   local-symlink-race
-           ++oo   local-user-file-view
-           ++oo   local-user-shell
-           ++oo   privacy-leak
-           ++oo   remote-code-execution
-           ++oo   remote-command-inject
-           ++oo   remote-file-creation
-           ++oo   remote-file-read
-           ++oo   remote-file-view
-           ++oo   remote-file-write
-           ++oo   remote-key-theft
-           ++oo   remote-root-access
-           ++oo   remote-root-shell
-           ++oo   remote-script-inject
-           ++oo   remote-server-admin
-           ++oo   remote-use-of-secret
-           ++oo   remote-user-access
-           ++oo   remote-user-file-view
-           ++oo   remote-user-shell
-           ++oo   unknown
-           ++oo   weak-authentication
-           ++oo   weak-encryption
-           ++oo   weak-ssl-authentication
+     and an Internet address for further information:
+
+     <package pattern> <vulnid>,<type> <url>
+
+     The type of exploit can be any text, although some common types of
+     exploits listed are:
+           ··   cross-site-html
+           ··   cross-site-scripting
+           ··   denial-of-service
+           ··   file-permissions
+           ··   local-access
+           ··   local-code-execution
+           ··   local-file-read
+           ··   local-file-removal
+           ··   local-file-write
+           ··   local-root-file-view
+           ··   local-root-shell
+           ··   local-symlink-race
+           ··   local-user-file-view
+           ··   local-user-shell
+           ··   privacy-leak
+           ··   remote-code-execution
+           ··   remote-command-inject
+           ··   remote-file-creation
+           ··   remote-file-read
+           ··   remote-file-view
+           ··   remote-file-write
+           ··   remote-key-theft
+           ··   remote-root-access
+           ··   remote-root-shell
+           ··   remote-script-inject
+           ··   remote-server-admin
+           ··   remote-use-of-secret
+           ··   remote-user-access
+           ··   remote-user-file-view
+           ··   remote-user-shell
+           ··   unknown
+           ··   weak-authentication
+           ··   weak-encryption
+           ··   weak-ssl-authentication
 
      By default, the vulnerabilities file is stored in the @PKGVULNDIR@ direc-
      tory.  This can be changed by defining the environment variable
      PKGVULNDIR to the directory containing the vulnerabilities file.
 
+EEXXIITT SSTTAATTUUSS
+     The aauuddiitt--ppaacckkaaggeess utility exits 0 on success, and >0 if an error occurs.
+
 EENNVVIIRROONNMMEENNTT
      These variables can also be defined in the @PKG_SYSCONFDIR@/audit-pack-
      ages.conf file.
@@ -91,8 +115,6 @@
      export FETCH_ARGS="-4"
 
 DDIIAAGGNNOOSSTTIICCSS
-     The aauuddiitt--ppaacckkaaggeess utility exits 0 on success, and >0 if an error occurs.
-
      The following errors can occur:
 
      Checksum mismatch
@@ -135,4 +157,4 @@
      September 19, 2000.  The original idea came from Roland Dowdeswell and
      Bill Sommerfeld.
 
-NetBSD 3.0                       June 9, 2005                       NetBSD 3.0
+NetBSD 3.0                     November 16, 2005                    NetBSD 3.0



Home | Main Index | Thread Index | Old Index