diff options
author | adrianp <adrianp> | 2006-05-21 13:31:27 +0000 |
---|---|---|
committer | adrianp <adrianp> | 2006-05-21 13:31:27 +0000 |
commit | 353ec1ea76fd4e3c3755305322c9d8817c9b719a (patch) | |
tree | d9395f790175a3c00e2ff60f6a77a3cff2278001 | |
parent | 39494dba04dceec325d0d240fdd35a8ced8d2895 (diff) | |
download | pkgsrc-353ec1ea76fd4e3c3755305322c9d8817c9b719a.tar.gz |
Support fetching the pkg-vulnerabilities file over http
Bump to version 1.43
-rw-r--r-- | security/audit-packages/Makefile | 4 | ||||
-rw-r--r-- | security/audit-packages/files/audit-packages.0 | 79 | ||||
-rw-r--r-- | security/audit-packages/files/audit-packages.8 | 16 | ||||
-rw-r--r-- | security/audit-packages/files/download-vulnerability-list | 14 |
4 files changed, 74 insertions, 39 deletions
diff --git a/security/audit-packages/Makefile b/security/audit-packages/Makefile index 84582084010..216fb1be505 100644 --- a/security/audit-packages/Makefile +++ b/security/audit-packages/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.66 2006/04/16 16:15:01 salo Exp $ +# $NetBSD: Makefile,v 1.67 2006/05/21 13:31:27 adrianp Exp $ -DISTNAME= audit-packages-1.42 +DISTNAME= audit-packages-1.43 CATEGORIES= security pkgtools MASTER_SITES= # empty DISTFILES= # empty diff --git a/security/audit-packages/files/audit-packages.0 b/security/audit-packages/files/audit-packages.0 index c89746b9421..69bcd368520 100644 --- a/security/audit-packages/files/audit-packages.0 +++ b/security/audit-packages/files/audit-packages.0 @@ -41,40 +41,40 @@ DDEESSCCRRIIPPTTIIOONN The type of exploit can be any text, although some common types of exploits listed are: - ·· cross-site-html - ·· cross-site-scripting - ·· denial-of-service - ·· file-permissions - ·· local-access - ·· local-code-execution - ·· local-file-read - ·· local-file-removal - ·· local-file-write - ·· local-root-file-view - ·· local-root-shell - ·· local-symlink-race - ·· local-user-file-view - ·· local-user-shell - ·· privacy-leak - ·· remote-code-execution - ·· remote-command-inject - ·· remote-file-creation - ·· remote-file-read - ·· remote-file-view - ·· remote-file-write - ·· remote-key-theft - ·· remote-root-access - ·· remote-root-shell - ·· remote-script-inject - ·· remote-server-admin - ·· remote-use-of-secret - ·· remote-user-access - ·· remote-user-file-view - ·· remote-user-shell - ·· unknown - ·· weak-authentication - ·· weak-encryption - ·· weak-ssl-authentication + ++oo cross-site-html + ++oo cross-site-scripting + ++oo denial-of-service + ++oo file-permissions + ++oo local-access + ++oo local-code-execution + ++oo local-file-read + ++oo local-file-removal + ++oo local-file-write + ++oo local-root-file-view + ++oo local-root-shell + ++oo local-symlink-race + ++oo local-user-file-view + ++oo local-user-shell + ++oo privacy-leak + ++oo remote-code-execution + ++oo remote-command-inject + ++oo remote-file-creation + ++oo remote-file-read + ++oo remote-file-view + ++oo remote-file-write + ++oo remote-key-theft + ++oo remote-root-access + ++oo remote-root-shell + ++oo remote-script-inject + ++oo remote-server-admin + ++oo remote-use-of-secret + ++oo remote-user-access + ++oo remote-user-file-view + ++oo remote-user-shell + ++oo unknown + ++oo weak-authentication + ++oo weak-encryption + ++oo weak-ssl-authentication By default, the vulnerabilities file is stored in the @PKGVULNDIR@ direc- tory. This can be changed by defining the environment variable @@ -92,6 +92,11 @@ EENNVVIIRROONNMMEENNTT FETCH_ARGS Specifies optional arguments for the ftp client. + FETCH_PROTO + Specifies the protocol to use when fetching the + _p_k_g_-_v_u_l_n_e_r_a_b_i_l_i_t_i_e_s file. Currently supports only http and + ftp. The default is ftp. + FFIILLEESS @PKGVULNDIR@/pkg-vulnerabilities @@ -107,6 +112,12 @@ EEXXAAMMPPLLEESS export FETCH_ARGS="-4" + The ddoowwnnllooaadd--vvuullnneerraabbiilliittyy--lliisstt command can be forced to use http to + download the _p_k_g_-_v_u_l_n_e_r_a_b_i_l_i_t_i_e_s file with the following setting in + @PKG_SYSCONFDIR@/audit-packages.conf : + + export FETCH_PROTO="http" + DDIIAAGGNNOOSSTTIICCSS The following errors can occur: diff --git a/security/audit-packages/files/audit-packages.8 b/security/audit-packages/files/audit-packages.8 index a70d15dddac..4ce2c6313c4 100644 --- a/security/audit-packages/files/audit-packages.8 +++ b/security/audit-packages/files/audit-packages.8 @@ -1,4 +1,4 @@ -.\" $NetBSD: audit-packages.8,v 1.18 2006/04/15 15:02:10 salo Exp $ +.\" $NetBSD: audit-packages.8,v 1.19 2006/05/21 13:31:27 adrianp Exp $ .\" .\" Copyright (c) 2003 Jeremy C. Reed. All rights reserved. .\" @@ -186,6 +186,10 @@ Specifies the directory containing the file. .It Ev FETCH_ARGS Specifies optional arguments for the ftp client. +.It Ev FETCH_PROTO +Specifies the protocol to use when fetching the +.Pa pkg-vulnerabilities +file. Currently supports only http and ftp. The default is ftp. .El .Sh FILES @PKGVULNDIR@/pkg-vulnerabilities @@ -214,6 +218,16 @@ command can be forced to use IPv4 with the following setting in @PKG_SYSCONFDIR@/audit-packages.conf : .Pp export FETCH_ARGS="-4" +.Pp +The +.Nm download-vulnerability-list +command can be forced to use http to download the +.Pa pkg-vulnerabilities +file with the following setting in +@PKG_SYSCONFDIR@/audit-packages.conf : +.Pp +export FETCH_PROTO="http" +.Pp .Sh DIAGNOSTICS The following errors can occur: .Bl -tag -width 10n diff --git a/security/audit-packages/files/download-vulnerability-list b/security/audit-packages/files/download-vulnerability-list index 886c2e0d399..e25b6b536ff 100644 --- a/security/audit-packages/files/download-vulnerability-list +++ b/security/audit-packages/files/download-vulnerability-list @@ -1,6 +1,6 @@ #! @SH@ -# $NetBSD: download-vulnerability-list,v 1.27 2005/10/20 10:26:54 agc Exp $ +# $NetBSD: download-vulnerability-list,v 1.28 2006/05/21 13:31:27 adrianp Exp $ # # Copyright (c) 2000-2003 Alistair Crooks. All rights reserved. # @@ -34,8 +34,8 @@ # : ${PKGVULNDIR=@PKGVULNDIR@} +: ${FETCH_PROTO=ftp} -VUL_SOURCE="ftp://ftp.NetBSD.org/pub/NetBSD/packages/distfiles/pkg-vulnerabilities" NEW_VUL_LIST=pkg-vulnerabilities.$$ EXIST_VUL_LIST=pkg-vulnerabilities @@ -45,11 +45,21 @@ if [ -r @PKG_SYSCONFDIR@/audit-packages.conf ]; then . @PKG_SYSCONFDIR@/audit-packages.conf fi +VUL_SOURCE="${FETCH_PROTO}://ftp.NetBSD.org/pub/NetBSD/packages/distfiles/pkg-vulnerabilities" + if [ ! -d ${PKGVULNDIR}/. ]; then echo "Creating ${PKGVULNDIR}" @MKDIR@ ${PKGVULNDIR} || (echo "Can't create ${PKGVULNDIR}" 1>&2; exit 1) fi +case ${FETCH_PROTO} in +http) ;; +ftp) ;; +*) echo "Unknown FETCH_PROTO specified - Only http and ftp are aurrently supported." + exit 1 + ;; +esac + cd ${PKGVULNDIR} utility=`echo "@FETCH_CMD@" | @AWK@ '{ print $1 }'` case "$utility" in |