summaryrefslogtreecommitdiff
path: root/security/audit-packages/files/audit-packages.0
diff options
context:
space:
mode:
Diffstat (limited to 'security/audit-packages/files/audit-packages.0')
-rw-r--r--security/audit-packages/files/audit-packages.079
1 files changed, 45 insertions, 34 deletions
diff --git a/security/audit-packages/files/audit-packages.0 b/security/audit-packages/files/audit-packages.0
index c89746b9421..69bcd368520 100644
--- a/security/audit-packages/files/audit-packages.0
+++ b/security/audit-packages/files/audit-packages.0
@@ -41,40 +41,40 @@ DDEESSCCRRIIPPTTIIOONN
The type of exploit can be any text, although some common types of
exploits listed are:
- ·· cross-site-html
- ·· cross-site-scripting
- ·· denial-of-service
- ·· file-permissions
- ·· local-access
- ·· local-code-execution
- ·· local-file-read
- ·· local-file-removal
- ·· local-file-write
- ·· local-root-file-view
- ·· local-root-shell
- ·· local-symlink-race
- ·· local-user-file-view
- ·· local-user-shell
- ·· privacy-leak
- ·· remote-code-execution
- ·· remote-command-inject
- ·· remote-file-creation
- ·· remote-file-read
- ·· remote-file-view
- ·· remote-file-write
- ·· remote-key-theft
- ·· remote-root-access
- ·· remote-root-shell
- ·· remote-script-inject
- ·· remote-server-admin
- ·· remote-use-of-secret
- ·· remote-user-access
- ·· remote-user-file-view
- ·· remote-user-shell
- ·· unknown
- ·· weak-authentication
- ·· weak-encryption
- ·· weak-ssl-authentication
+ ++oo cross-site-html
+ ++oo cross-site-scripting
+ ++oo denial-of-service
+ ++oo file-permissions
+ ++oo local-access
+ ++oo local-code-execution
+ ++oo local-file-read
+ ++oo local-file-removal
+ ++oo local-file-write
+ ++oo local-root-file-view
+ ++oo local-root-shell
+ ++oo local-symlink-race
+ ++oo local-user-file-view
+ ++oo local-user-shell
+ ++oo privacy-leak
+ ++oo remote-code-execution
+ ++oo remote-command-inject
+ ++oo remote-file-creation
+ ++oo remote-file-read
+ ++oo remote-file-view
+ ++oo remote-file-write
+ ++oo remote-key-theft
+ ++oo remote-root-access
+ ++oo remote-root-shell
+ ++oo remote-script-inject
+ ++oo remote-server-admin
+ ++oo remote-use-of-secret
+ ++oo remote-user-access
+ ++oo remote-user-file-view
+ ++oo remote-user-shell
+ ++oo unknown
+ ++oo weak-authentication
+ ++oo weak-encryption
+ ++oo weak-ssl-authentication
By default, the vulnerabilities file is stored in the @PKGVULNDIR@ direc-
tory. This can be changed by defining the environment variable
@@ -92,6 +92,11 @@ EENNVVIIRROONNMMEENNTT
FETCH_ARGS Specifies optional arguments for the ftp client.
+ FETCH_PROTO
+ Specifies the protocol to use when fetching the
+ _p_k_g_-_v_u_l_n_e_r_a_b_i_l_i_t_i_e_s file. Currently supports only http and
+ ftp. The default is ftp.
+
FFIILLEESS
@PKGVULNDIR@/pkg-vulnerabilities
@@ -107,6 +112,12 @@ EEXXAAMMPPLLEESS
export FETCH_ARGS="-4"
+ The ddoowwnnllooaadd--vvuullnneerraabbiilliittyy--lliisstt command can be forced to use http to
+ download the _p_k_g_-_v_u_l_n_e_r_a_b_i_l_i_t_i_e_s file with the following setting in
+ @PKG_SYSCONFDIR@/audit-packages.conf :
+
+ export FETCH_PROTO="http"
+
DDIIAAGGNNOOSSTTIICCSS
The following errors can occur:
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-02 23:43:41 +0000