The previous post was based on a question from Martin Wilke, who was looking for a vuxml entry against phpMyAdmin. We eventually found it. It had the wrong dates but it was found. Martin corrected the problem with a followup commit. This incident prompted me to make a couple of changes to FreshPorts with respect […]
List the vulnerabilities for this port Read More »
This isn’t about detecting vulnerabilities. It is about finding vulnerabilities that others have already reported. Background reading: FreeBSD Porter’s Handbook: Keeping the community informed FreeBSD VuXML Here are the various vuxml pages provided by FreshPorts: The latest vulnerabilities are listed on the home page A complete list of all vulnerabilities by date A complete list
Vulnerabilities – finding them easily (vuxml) Read More »
This isn’t so much a fix for the vuxml problem mentioned previously as it is a fix for properly detecting and reporting fetch errors. The patch is pretty simple: $ cvs di -u utilities.pm Index: utilities.pm =================================================================== RCS file: /home/repositories/freshports-1/scripts/utilities.pm,v retrieving revision 1.16 diff -u -r1.16 utilities.pm — utilities.pm 13 Sep 2007 13:01:41 -0000 1.16
This morning portaudit told me I needed to upgrade PHP5 on a few servers. Again, I checked FreshPorts to see if a fix was in. Apparently it was. Unfortunately, it was wrong. Checking the version of vuln.xml in the ports tree, I found: $ grep ‘$FreeBSD’ ports/security/vuxml/vuln.xml $FreeBSD: ports/security/vuxml/vuln.xml,v 1.1416 2007/09/11 19:40:02 remko Exp $
vuxml configuration still not right Read More »
After my overnight security report audit came in, I noticed that Apache needed to be upgraded. I went to FreshPorts to see if a fix had been committed. While there, I noticed a lack of vuxml skulls against the latest versions of Apache. Checking the BETA website, I saw it was correctly marked. More digging
vuxml – missing configuration items Read More »
Repo copies are evil. What are repo copies? A repo copy occurs when you move things around in the repository manually. For example, this commit contains a lot of repo copy work. Ports are being moved from their current category to a new category, ports-mgmt. The original files in the CVS repository are manually moved
repo copies are evil Read More »
If you have not installed portaudit, you should. It will save you time. A little bit of work by those that maintain the FreeBSD vulnerability database saves a great deal of time for all the sysadmins out there. For example, this morning, I got this email:
Package names and vuxml Read More »
The Python listening script is now in production. With a few luser-type problems along the way. Specifically: I have discovered, quite recently, that having the same name for both the NOTIFY command and the LISTEN command is kind of a good strategy when you actually want your listener to be notified. The problem? The code
Python listening now in production Read More »
Following on from the previous post, I found myself with a few hours to myself tonight. The estrogen in the house went out as a group so I managed to do a bit more coding on the FreshPorts listening daemon.
Adding stubs for listening – data driven Read More »
Data driven applications are a good concept to keep in mind when design an application, especially when that application needs to have new bits added to it on a regular basis. My idea for using Python to listen for FreshPorts events is a case in point.
Data driven listening Read More »