pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security/audit-packages Support fetching the pkg-vulne...
details: https://anonhg.NetBSD.org/pkgsrc/rev/400dca9739a3
branches: trunk
changeset: 513125:400dca9739a3
user: adrianp <adrianp%pkgsrc.org@localhost>
date: Sun May 21 13:31:27 2006 +0000
description:
Support fetching the pkg-vulnerabilities file over http
Bump to version 1.43
diffstat:
security/audit-packages/Makefile | 4 +-
security/audit-packages/files/audit-packages.0 | 79 ++++++++------
security/audit-packages/files/audit-packages.8 | 16 ++-
security/audit-packages/files/download-vulnerability-list | 14 ++-
4 files changed, 74 insertions(+), 39 deletions(-)
diffs (195 lines):
diff -r 1f3a01944f4b -r 400dca9739a3 security/audit-packages/Makefile
--- a/security/audit-packages/Makefile Sun May 21 13:24:44 2006 +0000
+++ b/security/audit-packages/Makefile Sun May 21 13:31:27 2006 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.66 2006/04/16 16:15:01 salo Exp $
+# $NetBSD: Makefile,v 1.67 2006/05/21 13:31:27 adrianp Exp $
-DISTNAME= audit-packages-1.42
+DISTNAME= audit-packages-1.43
CATEGORIES= security pkgtools
MASTER_SITES= # empty
DISTFILES= # empty
diff -r 1f3a01944f4b -r 400dca9739a3 security/audit-packages/files/audit-packages.0
--- a/security/audit-packages/files/audit-packages.0 Sun May 21 13:24:44 2006 +0000
+++ b/security/audit-packages/files/audit-packages.0 Sun May 21 13:31:27 2006 +0000
@@ -41,40 +41,40 @@
The type of exploit can be any text, although some common types of
exploits listed are:
- ·· cross-site-html
- ·· cross-site-scripting
- ·· denial-of-service
- ·· file-permissions
- ·· local-access
- ·· local-code-execution
- ·· local-file-read
- ·· local-file-removal
- ·· local-file-write
- ·· local-root-file-view
- ·· local-root-shell
- ·· local-symlink-race
- ·· local-user-file-view
- ·· local-user-shell
- ·· privacy-leak
- ·· remote-code-execution
- ·· remote-command-inject
- ·· remote-file-creation
- ·· remote-file-read
- ·· remote-file-view
- ·· remote-file-write
- ·· remote-key-theft
- ·· remote-root-access
- ·· remote-root-shell
- ·· remote-script-inject
- ·· remote-server-admin
- ·· remote-use-of-secret
- ·· remote-user-access
- ·· remote-user-file-view
- ·· remote-user-shell
- ·· unknown
- ·· weak-authentication
- ·· weak-encryption
- ·· weak-ssl-authentication
+ ++oo cross-site-html
+ ++oo cross-site-scripting
+ ++oo denial-of-service
+ ++oo file-permissions
+ ++oo local-access
+ ++oo local-code-execution
+ ++oo local-file-read
+ ++oo local-file-removal
+ ++oo local-file-write
+ ++oo local-root-file-view
+ ++oo local-root-shell
+ ++oo local-symlink-race
+ ++oo local-user-file-view
+ ++oo local-user-shell
+ ++oo privacy-leak
+ ++oo remote-code-execution
+ ++oo remote-command-inject
+ ++oo remote-file-creation
+ ++oo remote-file-read
+ ++oo remote-file-view
+ ++oo remote-file-write
+ ++oo remote-key-theft
+ ++oo remote-root-access
+ ++oo remote-root-shell
+ ++oo remote-script-inject
+ ++oo remote-server-admin
+ ++oo remote-use-of-secret
+ ++oo remote-user-access
+ ++oo remote-user-file-view
+ ++oo remote-user-shell
+ ++oo unknown
+ ++oo weak-authentication
+ ++oo weak-encryption
+ ++oo weak-ssl-authentication
By default, the vulnerabilities file is stored in the @PKGVULNDIR@ direc-
tory. This can be changed by defining the environment variable
@@ -92,6 +92,11 @@
FETCH_ARGS Specifies optional arguments for the ftp client.
+ FETCH_PROTO
+ Specifies the protocol to use when fetching the
+ _p_k_g_-_v_u_l_n_e_r_a_b_i_l_i_t_i_e_s file. Currently supports only http and
+ ftp. The default is ftp.
+
FFIILLEESS
@PKGVULNDIR@/pkg-vulnerabilities
@@ -107,6 +112,12 @@
export FETCH_ARGS="-4"
+ The ddoowwnnllooaadd--vvuullnneerraabbiilliittyy--lliisstt command can be forced to use http to
+ download the _p_k_g_-_v_u_l_n_e_r_a_b_i_l_i_t_i_e_s file with the following setting in
+ @PKG_SYSCONFDIR@/audit-packages.conf :
+
+ export FETCH_PROTO="http"
+
DDIIAAGGNNOOSSTTIICCSS
The following errors can occur:
diff -r 1f3a01944f4b -r 400dca9739a3 security/audit-packages/files/audit-packages.8
--- a/security/audit-packages/files/audit-packages.8 Sun May 21 13:24:44 2006 +0000
+++ b/security/audit-packages/files/audit-packages.8 Sun May 21 13:31:27 2006 +0000
@@ -1,4 +1,4 @@
-.\" $NetBSD: audit-packages.8,v 1.18 2006/04/15 15:02:10 salo Exp $
+.\" $NetBSD: audit-packages.8,v 1.19 2006/05/21 13:31:27 adrianp Exp $
.\"
.\" Copyright (c) 2003 Jeremy C. Reed. All rights reserved.
.\"
@@ -186,6 +186,10 @@
file.
.It Ev FETCH_ARGS
Specifies optional arguments for the ftp client.
+.It Ev FETCH_PROTO
+Specifies the protocol to use when fetching the
+.Pa pkg-vulnerabilities
+file. Currently supports only http and ftp. The default is ftp.
.El
.Sh FILES
@PKGVULNDIR@/pkg-vulnerabilities
@@ -214,6 +218,16 @@
@PKG_SYSCONFDIR@/audit-packages.conf :
.Pp
export FETCH_ARGS="-4"
+.Pp
+The
+.Nm download-vulnerability-list
+command can be forced to use http to download the
+.Pa pkg-vulnerabilities
+file with the following setting in
+@PKG_SYSCONFDIR@/audit-packages.conf :
+.Pp
+export FETCH_PROTO="http"
+.Pp
.Sh DIAGNOSTICS
The following errors can occur:
.Bl -tag -width 10n
diff -r 1f3a01944f4b -r 400dca9739a3 security/audit-packages/files/download-vulnerability-list
--- a/security/audit-packages/files/download-vulnerability-list Sun May 21 13:24:44 2006 +0000
+++ b/security/audit-packages/files/download-vulnerability-list Sun May 21 13:31:27 2006 +0000
@@ -1,6 +1,6 @@
#! @SH@
-# $NetBSD: download-vulnerability-list,v 1.27 2005/10/20 10:26:54 agc Exp $
+# $NetBSD: download-vulnerability-list,v 1.28 2006/05/21 13:31:27 adrianp Exp $
#
# Copyright (c) 2000-2003 Alistair Crooks. All rights reserved.
#
@@ -34,8 +34,8 @@
#
: ${PKGVULNDIR=@PKGVULNDIR@}
+: ${FETCH_PROTO=ftp}
-VUL_SOURCE="ftp://ftp.NetBSD.org/pub/NetBSD/packages/distfiles/pkg-vulnerabilities"
NEW_VUL_LIST=pkg-vulnerabilities.$$
EXIST_VUL_LIST=pkg-vulnerabilities
@@ -45,11 +45,21 @@
. @PKG_SYSCONFDIR@/audit-packages.conf
fi
+VUL_SOURCE="${FETCH_PROTO}://ftp.NetBSD.org/pub/NetBSD/packages/distfiles/pkg-vulnerabilities"
+
if [ ! -d ${PKGVULNDIR}/. ]; then
echo "Creating ${PKGVULNDIR}"
@MKDIR@ ${PKGVULNDIR} || (echo "Can't create ${PKGVULNDIR}" 1>&2; exit 1)
fi
+case ${FETCH_PROTO} in
+http) ;;
+ftp) ;;
+*) echo "Unknown FETCH_PROTO specified - Only http and ftp are aurrently supported."
+ exit 1
+ ;;
+esac
+
cd ${PKGVULNDIR}
utility=`echo "@FETCH_CMD@" | @AWK@ '{ print $1 }'`
case "$utility" in
Home |
Main Index |
Thread Index |
Old Index