regen.

1 files changed, 89 insertions, 82 deletions

diff --git a/pkgtools/pkg_install/files/audit-packages/audit-packages.cat1.in b/pkgtools/pkg_install/files/audit-packages/audit-packages.cat1.in
index b0473d8c40c..2f0bacc0e09 100644
--- a/pkgtools/pkg_install/files/audit-packages/audit-packages.cat1.in
+++ b/pkgtools/pkg_install/files/audit-packages/audit-packages.cat1.in
@@ -19,49 +19,51 @@ DDEESSCCRRIIPPTTIIOONN
 
      The following flags are supported:
 
-     --dd            Attempt to download the vulnerabilities file using the
-                   _d_o_w_n_l_o_a_d_-_v_u_l_n_e_r_a_b_i_l_i_t_y_-_l_i_s_t script before scanning the
-                   installed packages for vulnerabilities.
+     --cc _c_o_n_f_i_g___f_i_l_e    Specify a custom _c_o_n_f_i_g___f_i_l_e configuration file to use.
 
-     --ee            Check for end-of-life (eol) packages.
+     --dd                Attempt to download the vulnerabilities file using the
+                       ddoowwnnllooaadd--vvuullnneerraabbiilliittyy--lliisstt script before scanning the
+                       installed packages for vulnerabilities.
 
-     --ss            Verify the signature of the current _p_k_g_-_v_u_l_n_e_r_a_b_i_l_i_t_i_e_s
-                   file.  The key used to sign the file is available from:
-                   _f_t_p_._n_e_t_b_s_d_._o_r_g_/_p_u_b_/_N_e_t_B_S_D_/_s_e_c_u_r_i_t_y_/_P_G_P_/_p_k_g_s_r_c_-_s_e_c_u_r_i_t_y_@_N_e_t_B_S_D_._o_r_g_._a_s_c
+     --ee                Check for end-of-life (eol) packages.
 
-                   In order for this to function correctly the above key must
-                   be added to the gpg keyring of the user who runs
-                   _a_u_d_i_t_-_p_a_c_k_a_g_e_s _-_s and/or _d_o_w_n_l_o_a_d_-_v_u_l_n_e_r_a_b_i_l_i_t_y_-_l_i_s_t _-_s.
-                   In addition to this the gpg binary must be installed on
-                   your system.  The path to the gpg binary can be set in
-                   audit-packages.conf(5).
+     --gg _f_i_l_e           Compute the SHA512 hash on _f_i_l_e.
 
-                   The requirement for GnuPG may go away in the future when a
-                   suitable replacement is implemented.
+     --hh _f_i_l_e           Check the SHA512 hash of a _f_i_l_e against the internally
+                       stored value.
 
-     --VV            Display the version number and exit.
+     --KK _p_k_g___d_b_d_i_r      Use package database directory _p_k_g___d_b_d_i_r.
 
-     --vv            Be more verbose. Specify multiple -v flags to increase ver-
-                   bosity.  Currently a maximum level of three is supported.
+     --nn _p_a_c_k_a_g_e        Check only the package _p_a_c_k_a_g_e for vulnerabilities.
 
-     --cc _c_o_n_f___f_i_l_e  Specify a custom _c_o_n_f___f_i_l_e configuration file to use.
+     --pp _p_a_c_k_a_g_e        Check only the installed package _p_a_c_k_a_g_e for vulnera-
+                       bilities.
 
-     --gg _f_i_l_e       Compute the SHA512 hash on _f_i_l_e.
+     --QQ _v_a_r_n_a_m_e        Display the current value of _v_a_r_n_a_m_e and exit.  Cur-
+                       rently supported _v_a_r_n_a_m_e are GPG, PKGVULNDIR, and
+                       IGNORE_URLS.
 
-     --hh _f_i_l_e       Check the SHA512 hash of a _f_i_l_e against the internally
-                   stored value.
+     --ss                Verify the signature of the current _p_k_g_-_v_u_l_n_e_r_a_b_i_l_i_t_i_e_s
+                       file.  The key used to sign the file is available from:
+                       _f_t_p_:_/_/_f_t_p_._n_e_t_b_s_d_._o_r_g_/_p_u_b_/_N_e_t_B_S_D_/_s_e_c_u_r_i_t_y_/_P_G_P_/_p_k_g_s_r_c_-_s_e_c_u_r_i_t_y_@_N_e_t_B_S_D_._o_r_g_._a_s_c
 
-     --KK _p_k_g___d_b_d_i_r  Use package database directory _p_k_g___d_b_d_i_r.
+                       In order for this to function correctly the above key
+                       must be added to the gpg keyring of the user who runs
+                       aauuddiitt--ppaacckkaaggeess --ss and/or ddoowwnnllooaadd--vvuullnneerraabbiilliittyy--lliisstt
+                       --ss.  In addition to this the gpg binary must be
+                       installed on your system.  The path to the gpg binary
+                       can be set in audit-packages.conf(5).
 
-     --nn _p_a_c_k_a_g_e    Check only the package _p_a_c_k_a_g_e for vulnerabilities.
+                       The requirement for GnuPG may go away in the future
+                       when a suitable replacement is implemented.
 
-     --pp _p_a_c_k_a_g_e    Check only the installed package _p_a_c_k_a_g_e for vulnerabili-
-                   ties.
+     --tt _t_y_p_e           Only check for the specified _t_y_p_e of vulnerability.
 
-     --QQ _v_a_r_n_a_m_e    Display the current value of _v_a_r_n_a_m_e and exit.  Currently
-                   supported _v_a_r_n_a_m_e are GPG, PKGVULNDIR and IGNORE_URLS.
+     --VV                Display the version number and exit.
 
-     --tt _t_y_p_e       Only check for the specified _t_y_p_e of vulnerability.
+     --vv                Be more verbose.  Specify multiple --vv flags to increase
+                       verbosity.  Currently a maximum level of three is sup-
+                       ported.
 
      The ddoowwnnllooaadd--vvuullnneerraabbiilliittyy--lliisstt program downloads the _p_k_g_-_v_u_l_n_e_r_a_b_i_l_i_t_i_e_s
      file from _f_t_p_._N_e_t_B_S_D_._o_r_g using ftp(1) by default.  This vulnerabilities
@@ -70,18 +72,18 @@ DDEESSCCRRIIPPTTIIOONN
 
      The following flags are supported:
 
-     --hh            Display program usage.
+     --cc _c_o_n_f_i_g___f_i_l_e    Specify a custom _c_o_n_f_i_g___f_i_l_e configuration file to use.
 
-     --ss            Verify the signature of the current _p_k_g_-_v_u_l_n_e_r_a_b_i_l_i_t_i_e_s
-                   file.  In order for this to function correctly you will
-                   need to add the pkgsrc Security Team key to your gpg
-                   keyring and trust it.  The key is available from:
-                   _f_t_p_._n_e_t_b_s_d_._o_r_g_/_p_u_b_/_N_e_t_B_S_D_/_s_e_c_u_r_i_t_y_/_P_G_P_/_p_k_g_s_r_c_-_s_e_c_u_r_i_t_y_@_N_e_t_B_S_D_._o_r_g_._a_s_c
-                   In addition to this the gpg binary must be installed on
-                   your system.  The path to the gpg binary can be set in
-                   audit-packages.conf(5).
+     --hh                Display program usage.
 
-     --cc _c_o_n_f___f_i_l_e  Specify a custom _c_o_n_f___f_i_l_e configuration file to use.
+     --ss                Verify the signature of the current _p_k_g_-_v_u_l_n_e_r_a_b_i_l_i_t_i_e_s
+                       file.  In order for this to function correctly you will
+                       need to add the pkgsrc Security Team key to your gpg
+                       keyring and trust it.  The key is available from:
+                       _f_t_p_:_/_/_f_t_p_._n_e_t_b_s_d_._o_r_g_/_p_u_b_/_N_e_t_B_S_D_/_s_e_c_u_r_i_t_y_/_P_G_P_/_p_k_g_s_r_c_-_s_e_c_u_r_i_t_y_@_N_e_t_B_S_D_._o_r_g_._a_s_c
+                       In addition to this the gpg binary must be installed on
+                       your system.  The path to the gpg binary can be set in
+                       audit-packages.conf(5).
 
      By default ddoowwnnllooaadd--vvuullnneerraabbiilliittyy--lliisstt will download a compressed version
      of _p_k_g_-_v_u_l_n_e_r_a_b_i_l_i_t_i_e_s from ftp.netbsd.org.  The default file downloaded
@@ -96,65 +98,69 @@ DDEESSCCRRIIPPTTIIOONN
 
      The type of exploit can be any text, although some common types of
      exploits listed are:
-           ··   cross-site-html
-           ··   cross-site-scripting
-           ··   denial-of-service
-           ··   eol
-           ··   file-permissions
-           ··   local-access
-           ··   local-code-execution
-           ··   local-file-read
-           ··   local-file-removal
-           ··   local-file-write
-           ··   local-root-file-view
-           ··   local-root-shell
-           ··   local-symlink-race
-           ··   local-user-file-view
-           ··   local-user-shell
-           ··   privacy-leak
-           ··   remote-code-execution
-           ··   remote-command-inject
-           ··   remote-file-creation
-           ··   remote-file-read
-           ··   remote-file-view
-           ··   remote-file-write
-           ··   remote-key-theft
-           ··   remote-root-access
-           ··   remote-root-shell
-           ··   remote-script-inject
-           ··   remote-server-admin
-           ··   remote-use-of-secret
-           ··   remote-user-access
-           ··   remote-user-file-view
-           ··   remote-user-shell
-           ··   unknown
-           ··   weak-authentication
-           ··   weak-encryption
-           ··   weak-ssl-authentication
+           ++oo   cross-site-html
+           ++oo   cross-site-scripting
+           ++oo   denial-of-service
+           ++oo   eol
+           ++oo   file-permissions
+           ++oo   local-access
+           ++oo   local-code-execution
+           ++oo   local-file-read
+           ++oo   local-file-removal
+           ++oo   local-file-write
+           ++oo   local-root-file-view
+           ++oo   local-root-shell
+           ++oo   local-symlink-race
+           ++oo   local-user-file-view
+           ++oo   local-user-shell
+           ++oo   privacy-leak
+           ++oo   remote-code-execution
+           ++oo   remote-command-inject
+           ++oo   remote-file-creation
+           ++oo   remote-file-read
+           ++oo   remote-file-view
+           ++oo   remote-file-write
+           ++oo   remote-key-theft
+           ++oo   remote-root-access
+           ++oo   remote-root-shell
+           ++oo   remote-script-inject
+           ++oo   remote-server-admin
+           ++oo   remote-use-of-secret
+           ++oo   remote-user-access
+           ++oo   remote-user-file-view
+           ++oo   remote-user-shell
+           ++oo   unknown
+           ++oo   weak-authentication
+           ++oo   weak-encryption
+           ++oo   weak-ssl-authentication
 
      The type _e_o_l implies that the package is no longer maintained by the
      software vendor but is provided by the pkgsrc team for your convenience
      only.  It may contain any number of the above mentioned vulnerabilities.
-     Any packages of type eol are not reported by default. Run aauuddiitt--ppaacckkaaggeess
+     Any packages of type eol are not reported by default.  Run aauuddiitt--ppaacckkaaggeess
      --ee to also report on eol packages.
 
      By default, the vulnerabilities file is stored in the PKG_DBDIR direc-
      tory.  On a standard installation this will be set to @pkgdbdir@.  If you
      have installed pkgsrc on a supported platform this will be what ever you
-     specifed when bootstrapping pkgsrc i.e. --pkgdbdir <pkgdbdir>.  The path
+     specifed when bootstrapping pkgsrc i.e., ----ppkkggddbbddiirr <_p_k_g_d_b_d_i_r>.  The path
      to the _p_k_g_-_v_u_l_n_e_r_a_b_i_l_i_t_i_e_s file can be set in audit-packages.conf(5).
 
 EEXXIITT SSTTAATTUUSS
      The aauuddiitt--ppaacckkaaggeess utility exits 0 on success, and >0 if an error occurs.
 
 FFIILLEESS
-     @pkgdbdir@/pkg-vulnerabilities
+     @pkgdbdir@/pkg-vulnerabilities    Vulnerabilities database.
 
-     @sysconfdir@/audit-packages.conf
+     @sysconfdir@/audit-packages.conf  aauuddiitt--ppaacckkaaggeess configuration file.
+
+     ftp://ftp.netbsd.org/pub/NetBSD/security/PGP/pkgsrc-security@NetBSD.org.asc
+                                       Key used to sign the vulnerabilities
+                                       file.
 
 EEXXAAMMPPLLEESS
      The ddoowwnnllooaadd--vvuullnneerraabbiilliittyy--lliisstt command can be run via cron(8) to update
-     the _p_k_g_-_v_u_l_n_e_r_a_b_i_l_i_t_i_e_s file daily.  And aauuddiitt--ppaacckkaaggeess can be run via
+     the _p_k_g_-_v_u_l_n_e_r_a_b_i_l_i_t_i_e_s file daily.  aauuddiitt--ppaacckkaaggeess can be run via
      cron(8) (or with NetBSD's _/_e_t_c_/_s_e_c_u_r_i_t_y_._l_o_c_a_l daily security script).
 
      The ddoowwnnllooaadd--vvuullnneerraabbiilliittyy--lliisstt command can be forced to use IPv4 with
@@ -169,8 +175,9 @@ EEXXAAMMPPLLEESS
      FETCH_PROTO="http"
 
 SSEEEE AALLSSOO
-     pkg_info(1), audit-packages.conf(5), mk.conf(5), pkgsrc(7), _D_o_c_u_m_e_n_t_a_t_i_o_n
-     _o_n _t_h_e _N_e_t_B_S_D _P_a_c_k_a_g_e _S_y_s_t_e_m
+     pkg_info(1), audit-packages.conf(5), mk.conf(5), pkgsrc(7),
+
+     _D_o_c_u_m_e_n_t_a_t_i_o_n _o_n _t_h_e _N_e_t_B_S_D _P_a_c_k_a_g_e _S_y_s_t_e_m.
 
 HHIISSTTOORRYY
      The aauuddiitt--ppaacckkaaggeess and ddoowwnnllooaadd--vvuullnneerraabbiilliittyy--lliisstt commands were origi-
@@ -180,4 +187,4 @@ HHIISSTTOORRYY
      signatures on downloaded files.  The original idea came from Roland
      Dowdeswell and Bill Sommerfeld.
 
-NetBSD 4.0                       July 07, 2007                      NetBSD 4.0
+NetBSD 4.0                      August 10, 2007                     NetBSD 4.0