summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authoragc <agc@pkgsrc.org>2004-01-01 23:35:28 +0000
committeragc <agc@pkgsrc.org>2004-01-01 23:35:28 +0000
commit7ae16542a6c73a8fc7e53f5f0757794e7ffbbb79 (patch)
tree7b2206d8bed00ea43684c155be39724a68883b57 /security
parent206808a7c05b75c1bc246d1d35de41493de3014d (diff)
downloadpkgsrc-7ae16542a6c73a8fc7e53f5f0757794e7ffbbb79.tar.gz
Update audit-packages to 1.28.
By popular demand, add a -v switch to audit-packages(8) which enables the check for a package vulnerabilities file being unchanged for over 7 days. To enable the check, -v must be specified on the command line: % audit-packages % audit-packages -v *** WARNING - /usr/distfiles/pkg-vulnerabilities more than a week old, continuing... %
Diffstat (limited to 'security')
-rw-r--r--security/audit-packages/Makefile4
-rwxr-xr-xsecurity/audit-packages/files/audit-packages16
-rw-r--r--security/audit-packages/files/audit-packages.88
3 files changed, 20 insertions, 8 deletions
diff --git a/security/audit-packages/Makefile b/security/audit-packages/Makefile
index d583ada1bb2..fdb695fdca1 100644
--- a/security/audit-packages/Makefile
+++ b/security/audit-packages/Makefile
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.38 2003/12/12 21:40:32 erh Exp $
+# $NetBSD: Makefile,v 1.39 2004/01/01 23:35:28 agc Exp $
-DISTNAME= audit-packages-1.27
+DISTNAME= audit-packages-1.28
WRKSRC= ${WRKDIR}
CATEGORIES= security pkgtools
MASTER_SITES= # empty
diff --git a/security/audit-packages/files/audit-packages b/security/audit-packages/files/audit-packages
index a3f960b21bd..47b7e6ed24c 100755
--- a/security/audit-packages/files/audit-packages
+++ b/security/audit-packages/files/audit-packages
@@ -1,6 +1,6 @@
#! @SH@
#
-# $NetBSD: audit-packages,v 1.15 2003/12/11 17:10:21 agc Exp $
+# $NetBSD: audit-packages,v 1.16 2004/01/01 23:35:28 agc Exp $
#
# Copyright (c) 2000-2003 Alistair Crooks. All rights reserved.
#
@@ -37,14 +37,24 @@
vuls=${PKGVULNDIR}/pkg-vulnerabilities
+verbose=no
+while [ $# -gt 0 ]; do
+ case "$1" in
+ -v) verbose=yes ;;
+ esac
+ shift
+done
+
errmsg=""
# check for missing vulnerabilities file
[ ! -f $vuls ] && errmsg="** Missing $vuls"
case "$errmsg" in
-"") # check for old vulnerabilities file
- [ -n "$(find $vuls -ctime +7)" ] && echo "*** WARNING - $vuls more than a week old, continuing..."
+"") # check for old vulnerabilities file if we're being verbose
+ case "$verbose" in
+ yes) [ -n "$(find $vuls -ctime +7)" ] && echo "*** WARNING - $vuls more than a week old, continuing..." ;;
+ esac
;;
esac
diff --git a/security/audit-packages/files/audit-packages.8 b/security/audit-packages/files/audit-packages.8
index f4899e98947..ad2f397822c 100644
--- a/security/audit-packages/files/audit-packages.8
+++ b/security/audit-packages/files/audit-packages.8
@@ -1,5 +1,5 @@
-.\" $NetBSD: audit-packages.8,v 1.5 2003/12/03 09:31:01 wiz Exp $
-.Dd December 3, 2003
+.\" $NetBSD: audit-packages.8,v 1.6 2004/01/01 23:35:28 agc Exp $
+.Dd January 1, 2004
.Os
.Dt AUDIT-PACKAGES 8
.Sh NAME
@@ -8,6 +8,7 @@
.Nd show vulnerabilities in installed packages
.Sh SYNOPSIS
.Nm
+.Op Fl v
.Nm download-vulnerability-list
.Sh DESCRIPTION
The
@@ -32,7 +33,8 @@ packages team.
.Pp
Each line lists the package and vulnerable versions, the type of exploit,
and an Internet address for further information.
-Commonly, the types of exploits listed are:
+The type of exploit can be any text, although
+some common types of exploits listed are:
.Bl -bullet -compact -offset indent
.It
cross-site-html