aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorpav <pav@FreeBSD.org>2007-02-05 09:08:46 +0800
committerpav <pav@FreeBSD.org>2007-02-05 09:08:46 +0800
commit39ac2723041399f6d1aef1651ca357b0b79bb3ff (patch)
tree02034c53438541f29e62a568c0af566d0248ce01 /security
parent4659cc8510a25e8f835fafb8cceba60d91f34636 (diff)
downloadfreebsd-ports-gnome-39ac2723041399f6d1aef1651ca357b0b79bb3ff.tar.gz
freebsd-ports-gnome-39ac2723041399f6d1aef1651ca357b0b79bb3ff.tar.zst
freebsd-ports-gnome-39ac2723041399f6d1aef1651ca357b0b79bb3ff.zip
Populate a new ports-mgmt category. List of moved ports:
devel/portcheckout -> ports-mgmt/portcheckout devel/portlint -> ports-mgmt/portlint devel/portmk -> ports-mgmt/portmk devel/porttools -> ports-mgmt/porttools misc/instant-tinderbox -> ports-mgmt/instant-tinderbox misc/porteasy -> ports-mgmt/porteasy misc/portell -> ports-mgmt/portell misc/portless -> ports-mgmt/portless misc/tinderbox -> ports-mgmt/tinderbox security/jailaudit -> ports-mgmt/jailaudit security/portaudit -> ports-mgmt/portaudit security/portaudit-db -> ports-mgmt/portaudit-db security/vulnerability-test-port -> ports-mgmt/vulnerability-test-port sysutils/barry -> ports-mgmt/barry sysutils/bpm -> ports-mgmt/bpm sysutils/kports -> ports-mgmt/kports sysutils/managepkg -> ports-mgmt/managepkg sysutils/newportsversioncheck -> ports-mgmt/newportsversioncheck sysutils/pib -> ports-mgmt/pib sysutils/pkgfe -> ports-mgmt/pkgfe sysutils/pkg-orphan -> ports-mgmt/pkg-orphan sysutils/pkg_cutleaves -> ports-mgmt/pkg_cutleaves sysutils/pkg_install -> ports-mgmt/pkg_install sysutils/pkg_install-devel -> ports-mgmt/pkg_install-devel sysutils/pkg_remove -> ports-mgmt/pkg_remove sysutils/pkg_rmleaves -> ports-mgmt/pkg_rmleaves sysutils/pkg_trackinst -> ports-mgmt/pkg_trackinst sysutils/pkg_tree -> ports-mgmt/pkg_tree sysutils/portbrowser -> ports-mgmt/portbrowser sysutils/portconf -> ports-mgmt/portconf sysutils/portdowngrade -> ports-mgmt/portdowngrade sysutils/portcheck -> ports-mgmt/portcheck sysutils/portmanager -> ports-mgmt/portmanager sysutils/portmaster -> ports-mgmt/portmaster sysutils/portscout -> ports-mgmt/portscout sysutils/portsearch -> ports-mgmt/portsearch sysutils/portsman -> ports-mgmt/portsman sysutils/portsnap -> ports-mgmt/portsnap sysutils/portsopt -> ports-mgmt/portsopt sysutils/portupgrade -> ports-mgmt/portupgrade sysutils/portupgrade-devel -> ports-mgmt/portupgrade-devel sysutils/port-authoring-tools -> ports-mgmt/port-authoring-tools sysutils/port-maintenance-tools -> ports-mgmt/port-maintenance-tools sysutils/psearch -> ports-mgmt/psearch sysutils/p5-FreeBSD-Portindex -> ports-mgmt/p5-FreeBSD-Portindex sysutils/qtpkg -> ports-mgmt/qtpkg textproc/p5-FreeBSD-Ports -> ports-mgmt/p5-FreeBSD-Ports Repocopies by: marcus
Diffstat (limited to 'security')
-rw-r--r--security/Makefile4
-rw-r--r--security/jailaudit/Makefile34
-rw-r--r--security/jailaudit/distinfo3
-rw-r--r--security/jailaudit/pkg-descr20
-rw-r--r--security/jailaudit/pkg-plist11
-rw-r--r--security/portaudit-db/Makefile44
-rw-r--r--security/portaudit-db/database/portaudit.txt84
-rw-r--r--security/portaudit-db/database/portaudit.xlist26
-rw-r--r--security/portaudit-db/database/portaudit.xml1107
-rw-r--r--security/portaudit-db/database/portaudit2vuxml.pl149
-rw-r--r--security/portaudit-db/files/packaudit.conf9
-rw-r--r--security/portaudit-db/files/packaudit.sh142
-rw-r--r--security/portaudit-db/files/portaudit2vuxml.awk95
-rw-r--r--security/portaudit-db/files/vuxml2html.xslt329
-rw-r--r--security/portaudit-db/files/vuxml2portaudit.xslt92
-rw-r--r--security/portaudit-db/pkg-descr16
-rw-r--r--security/portaudit-db/pkg-plist8
-rw-r--r--security/portaudit/Makefile82
-rw-r--r--security/portaudit/files/portaudit-cmd.sh478
-rw-r--r--security/portaudit/files/portaudit.1175
-rw-r--r--security/portaudit/files/portaudit.conf19
-rw-r--r--security/portaudit/files/portaudit.sh61
-rw-r--r--security/portaudit/pkg-deinstall19
-rw-r--r--security/portaudit/pkg-descr16
-rw-r--r--security/portaudit/pkg-install36
-rw-r--r--security/portaudit/pkg-plist7
-rw-r--r--security/portaudit/pkg-req32
-rw-r--r--security/vulnerability-test-port/Makefile35
-rw-r--r--security/vulnerability-test-port/pkg-descr20
29 files changed, 0 insertions, 3153 deletions
diff --git a/security/Makefile b/security/Makefile
index 733b82ba21c2..bd1a627dad6e 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -197,7 +197,6 @@
SUBDIR += isakmpd
SUBDIR += isnprober
SUBDIR += its4
- SUBDIR += jailaudit
SUBDIR += jce_policy14
SUBDIR += john
SUBDIR += kedpm
@@ -557,8 +556,6 @@
SUBDIR += pktsuckers
SUBDIR += poc
SUBDIR += poly1305aes
- SUBDIR += portaudit
- SUBDIR += portaudit-db
SUBDIR += portscanner
SUBDIR += portsentry
SUBDIR += ppars
@@ -716,7 +713,6 @@
SUBDIR += vpnc
SUBDIR += vpnd
SUBDIR += vscan
- SUBDIR += vulnerability-test-port
SUBDIR += vuxml
SUBDIR += vxquery
SUBDIR += webfwlog
diff --git a/security/jailaudit/Makefile b/security/jailaudit/Makefile
deleted file mode 100644
index bc9738dc4a98..000000000000
--- a/security/jailaudit/Makefile
+++ /dev/null
@@ -1,34 +0,0 @@
-# New ports collection makefile for: jailaudit
-# Date created: 21 October 2005
-# Whom: cryx
-#
-# $FreeBSD$
-#
-
-PORTNAME= jailaudit
-PORTVERSION= 1.2
-CATEGORIES= security
-MASTER_SITES= http://outpost.h3q.com/software/jailaudit/
-
-MAINTAINER= cryx-ports@h3q.com
-COMMENT= Script to generate portaudit reports for jails
-
-RUN_DEPENDS= ${LOCALBASE}/sbin/portaudit:${PORTSDIR}/security/portaudit
-
-USE_BZIP2= yes
-
-PERIODICDIR?= ${PREFIX}/etc/periodic
-REPORTDIR?= ${PREFIX}/jailaudit/reports
-TMPDIR?= ${PREFIX}/jailaudit/tmp
-
-PLIST_SUB+= PERIODICDIR="${PERIODICDIR:S,^${PREFIX}/,,}" \
- REPORTDIR="${REPORTDIR:S,^${PREFIX}/,,}" \
- TMPDIR="${TMPDIR:S,^${PREFIX}/,,}"
-
-.include <bsd.port.pre.mk>
-
-.if ( ${OSVERSION} < 501000 )
-IGNORE= needs the jls utility which was added in FreeBSD 5.1
-.endif
-
-.include <bsd.port.post.mk>
diff --git a/security/jailaudit/distinfo b/security/jailaudit/distinfo
deleted file mode 100644
index 804a685dae44..000000000000
--- a/security/jailaudit/distinfo
+++ /dev/null
@@ -1,3 +0,0 @@
-MD5 (jailaudit-1.2.tar.bz2) = 42ba69b07906ebfc29bf3d31c07e88bf
-SHA256 (jailaudit-1.2.tar.bz2) = 5cf7f3a75f5b13cf617ed432eb90453cc2bc152685a0146329e828bea8840689
-SIZE (jailaudit-1.2.tar.bz2) = 2599
diff --git a/security/jailaudit/pkg-descr b/security/jailaudit/pkg-descr
deleted file mode 100644
index 0933960c9516..000000000000
--- a/security/jailaudit/pkg-descr
+++ /dev/null
@@ -1,20 +0,0 @@
-This port contains a script to generate portaudit reports for jails
-running on a FreeBSD system.
-
-Normally portaudit just creates reports for the Host-system or the jail
-it is installed in. With a large number of jails running on a system,
-installing and updating portaudit in every jail is time-consuming and
-error-prone. Jailaudit uses the portaudit installed in the Host-system
-to create a report for every jail.
-
-The reports are appended to the daily security run and can be sent to a
-specific mail address, which allows the Host-system administrator to
-dispatch portaudit reports to the owners of jails, keeping them informed
-about potential security advisories of their installed ports.
-
-Jailaudit can be used on FreeBSD 5.1 or larger.
-
-WWW: https://anonsvn.h3q.com/projects/jailaudit/
-
-- cryx
-Philipp Wuensche <cryx-ports@h3q.com>
diff --git a/security/jailaudit/pkg-plist b/security/jailaudit/pkg-plist
deleted file mode 100644
index 43a7a083dd0d..000000000000
--- a/security/jailaudit/pkg-plist
+++ /dev/null
@@ -1,11 +0,0 @@
-bin/jailaudit
-etc/jailaudit.conf.sample
-%%PERIODICDIR%%/security/410.jailaudit
-@dirrmtry %%PERIODICDIR%%/security
-@dirrmtry %%PERIODICDIR%%
-@exec mkdir -p %D/%%REPORTDIR%%
-@dirrmtry %%REPORTDIR%%
-@exec mkdir -p %D/%%TMPDIR%%
-@dirrmtry %%TMPDIR%%
-@unexec rmdir %DPDIR%% 2>/dev/null || true
-@dirrmtry jailaudit
diff --git a/security/portaudit-db/Makefile b/security/portaudit-db/Makefile
deleted file mode 100644
index db754b90df57..000000000000
--- a/security/portaudit-db/Makefile
+++ /dev/null
@@ -1,44 +0,0 @@
-# New ports collection makefile for: portaudit-db
-# Date created: 12 Jun 2004
-# Whom: Oliver Eikemeier
-#
-# $FreeBSD$
-#
-
-PORTNAME= portaudit-db
-PORTVERSION= 0.2.3
-CATEGORIES= security
-DISTFILES=
-
-MAINTAINER= secteam@FreeBSD.org
-COMMENT= Creates a portaudit database from a current ports tree
-
-RUN_DEPENDS= xsltproc:${PORTSDIR}/textproc/libxslt
-
-DEPENDS_ARGS+= WITHOUT_PYTHON=yes
-
-DATABASEDIR?= ${AUDITFILE:H}
-
-PLIST_SUB+= DATABASEDIR="${DATABASEDIR}"
-
-SED_SCRIPT= -e 's,%%PREFIX%%,${PREFIX},g' \
- -e "s|%%DATADIR%%|${DATADIR}|g" \
- -e "s|%%LOCALBASE%%|${LOCALBASE}|g" \
- -e "s|%%PORTSDIR%%|${PORTSDIR}|g" \
- -e "s|%%PORTVERSION%%|${PORTVERSION}|g" \
- -e "s|%%DATABASEDIR%%|${DATABASEDIR}|g"
-
-do-build:
- @for f in packaudit.sh packaudit.conf; do \
- ${SED} ${SED_SCRIPT} "${FILESDIR}/$$f" > "${WRKDIR}/$$f"; \
- done
-
-do-install:
- @${INSTALL_SCRIPT} ${WRKDIR}/packaudit.sh ${PREFIX}/bin/packaudit
- @${INSTALL_DATA} ${WRKDIR}/packaudit.conf ${PREFIX}/etc/packaudit.conf.sample
- @${MKDIR} ${DATADIR}
- @${INSTALL_SCRIPT} ${FILESDIR}/portaudit2vuxml.awk ${DATADIR}
- @${INSTALL_DATA} ${FILESDIR}/vuxml2html.xslt ${FILESDIR}/vuxml2portaudit.xslt ${DATADIR}
- @${MKDIR} ${DATABASEDIR}
-
-.include <bsd.port.mk>
diff --git a/security/portaudit-db/database/portaudit.txt b/security/portaudit-db/database/portaudit.txt
deleted file mode 100644
index ccb7b401f54c..000000000000
--- a/security/portaudit-db/database/portaudit.txt
+++ /dev/null
@@ -1,84 +0,0 @@
-# portaudit text based database
-# $FreeBSD$
-apache>=2.*<2.0.49_1|http://www.osvdb.org/6472 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0488|mod_ssl stack-based buffer overflow|662cd99e-bc9d-11d8-916c-000347dd607f
-apache+mod_ssl*<1.3.31+2.8.18|http://www.osvdb.org/6472 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0488|mod_ssl stack-based buffer overflow|662cd99e-bc9d-11d8-916c-000347dd607f
-ru-apache+mod_ssl<1.3.31+30.20+2.8.18|http://www.osvdb.org/6472 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0488|mod_ssl stack-based buffer overflow|662cd99e-bc9d-11d8-916c-000347dd607f
-apache<1.3.31_1|http://www.osvdb.org/6839 http://www.apacheweek.com/features/security-13|mod_proxy buffer overflow (CAN-2004-0492)|5bcd500c-bc9d-11d8-916c-000347dd607f
-apache+mod_ssl*<1.3.31+2.8.18_4|http://www.osvdb.org/6839 http://www.apacheweek.com/features/security-13|mod_proxy buffer overflow (CAN-2004-0492)|5bcd500c-bc9d-11d8-916c-000347dd607f
-ru-apache+mod_ssl<=1.3.31+30.20+2.8.18|http://www.osvdb.org/6839 http://www.apacheweek.com/features/security-13|mod_proxy buffer overflow (CAN-2004-0492)|5bcd500c-bc9d-11d8-916c-000347dd607f
-dbmail{-mysql,-postgresql}<1.2.8a|http://mailman.fastxs.net/pipermail/dbmail/2004-June/004960.html|DBMail: remote exploitable buffer overflow|3b9b196e-bd12-11d8-b071-00e08110b673
-smtpproxy<=1.1.3|http://0xbadc0ded.org/advisories/0402.txt|smtpproxy: remotely exploitable format string vulnerability|1abf65f9-bc9d-11d8-916c-000347dd607f
-subversion{,-perl,-python}<1.0.5|http://www.osvdb.org/6935 http://subversion.tigris.org/security/CAN-2004-0413-advisory.txt|subversion: remote exploitable buffer overflow in 'svn://' parser|4616bc3b-bd0f-11d8-a252-02e0185c0b53
-imp<3.2.4|http://article.gmane.org/gmane.comp.horde.imp/14421/|imp: XSS hole exploited via the Content-type header of malicious emails|911f1b19-bd20-11d8-84f9-000bdb1444a4
-chora<1.2.2|http://article.gmane.org/gmane.comp.horde.chora/610/|chora: hole in the diff code that allowed malicious input|9e09399d-bd21-11d8-84f9-000bdb1444a4
-squirrelmail<1.4.3a|http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0519 http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt|SquirrelMail XSS vulnerability|89a0de27-bf66-11d8-a252-02e0185c0b53
-ja-squirrelmail<1.4.3a,1|http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0519 http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt|SquirrelMail XSS vulnerability|89a0de27-bf66-11d8-a252-02e0185c0b53
-webmin<1.150|http://www.webmin.com/changes-1.150.html http://www.osvdb.org/6729 http://www.osvdb.org/6730|Multiple vulnerabilities in Webmin|ab61715f-c027-11d8-b00e-000347a4fa7d
-racoon<20040617a|http://lists.netsys.com/pipermail/full-disclosure/2004-June/022617.html http://www.securityfocus.com/archive/1/366023 http://securitytracker.com/alerts/2004/Jun/1010495.html http://orange.kame.net/dev/cvsweb.cgi/kame/kame/kame/racoon/crypto_openssl.c#rev1.86 http://www.securityfocus.com/bid/10546 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0607|Racoon may validate invalid certificates|a96c1d37-c033-11d8-b00e-000347a4fa7d
-ircd-hybrid<=7.0_1|http://lists.netsys.com/pipermail/full-disclosure/2004-June/022820.html http://www.securityfocus.com/archive/1/366486 http://www.osvdb.org/7242|ircd-hybrid-7 low-bandwidth DoS|23aafa20-c28a-11d8-864c-02e0185c0b53
-ircd-hybrid-ru<=7.1_2|http://lists.netsys.com/pipermail/full-disclosure/2004-June/022820.html http://www.securityfocus.com/archive/1/366486 http://www.osvdb.org/7242|ircd-hybrid-7 low-bandwidth DoS|23aafa20-c28a-11d8-864c-02e0185c0b53
-{,??-}aspell<=0.50.5_2|http://nettwerked.mg2.org/advisories/wlc http://marc.theaimsgroup.com/?l=bugtraq&m=108761564006503&w=2 http://www.securityfocus.com/bid/10497|Buffer overflow in word-list-compress|b7b03bab-c296-11d8-bfb2-000bdb1444a4
-linux-aspell<=0.50.4.1|http://nettwerked.mg2.org/advisories/wlc http://marc.theaimsgroup.com/?l=bugtraq&m=108761564006503&w=2 http://www.securityfocus.com/bid/10497|Buffer overflow in word-list-compress|b7b03bab-c296-11d8-bfb2-000bdb1444a4
-bnbt<7.5b3|http://www.osvdb.org/6336|BNBT Authorization Header DoS|0f9b3542-c35f-11d8-8898-000d6111a684
-scorched3d<0.37.2|http://marc.theaimsgroup.com/?l=bugtraq&m=108152473130133&w=2 http://www.osvdb.org/5086 http://www.freebsd.org/cgi/query-pr.cgi?pr=67541 http://secunia.com/advisories/11319 http://security.gentoo.org/glsa/glsa-200404-12.xml|Scorched 3D server chat box format string vulnerability|36808860-c363-11d8-8898-000d6111a684
-super<3.23.0|http://www.secunia.com/advisories/11899 http://www.debian.org/security/2004/dsa-522 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0579|super format string vulnerability|fae06c04-c38c-11d8-8898-000d6111a684
-mailman<2.1.5|http://mail.python.org/pipermail/mailman-announce/2004-May/000072.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0412 http://www.osvdb.org/6422|mailman allows 3rd parties to retrieve member passwords|2a405a43-c396-11d8-8898-000d6111a684
-roundup<0.7.3|http://www.osvdb.org/6691 http://secunia.com/advisories/11801 http://xforce.iss.net/xforce/xfdb/16350 http://securityfocus.com/bid/10495 http://mail.python.org/pipermail/python-announce-list/2004-May/003126.html|Roundup remote file disclosure vulnerability|40800696-c3b0-11d8-864c-02e0185c0b53
-sqwebmail<4.0.5|http://www.securityfocus.com/archive/1/366595|Sqwebmail XSS vulnerability|c3e56efa-c42f-11d8-864c-02e0185c0b53
-isc-dhcp3<3.0.1.r11|http://www.cert.org/advisories/CA-2003-01.html http://www.kb.cert.org/vuls/id/284857 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0026|ISC DHCPD minires library contains multiple buffer overflows|f71745cd-c509-11d8-8898-000d6111a684
-isc-dhcp3<3.0.1.r11_1|http://www.kb.cert.org/vuls/id/149953 http://www.securityfocus.com/bid/6628 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0039|ISC "dhcrelay" fails to limit hop count when malicious bootp packet is received|02957734-c50b-11d8-8898-000d6111a684
-icecast2<2.0.1,1|http://secunia.com/advisories/11578 http://www.osvdb.org/6075|Icecast remote DoS vulnerability|8de7cf18-c5ca-11d8-8898-000d6111a684
-rssh<2.2.1|http://secunia.com/advisories/11926 http://www.securityfocus.com/archive/1/366691 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0609 http://www.securityfocus.com/bid/10574 http://www.osvdb.org/7239|rssh file existence information disclosure weakness|a4815970-c5cc-11d8-8898-000d6111a684
-sup<=2.0|http://secunia.com/advisories/11898 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0451|CMU SUP logging format string vulnerabilities|238ea8eb-c5cf-11d8-8898-000d6111a684
-rlpr<2.04_1|http://secunia.com/advisories/11906 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0393 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0454 http://www.osvdb.org/7194 http://www.osvdb.org/7195 http://securitytracker.com/id?1010545 http://www.securityfocus.com/archive/1/367045|rlpr "msg()" buffer overflow and format string vulnerabilities|29a72da5-c5ea-11d8-8898-000d6111a684
-pure-ftpd<1.0.19|http://www.pureftpd.org/ http://www.osvdb.org/7415|Pure-FTPd DoS when maximum number of connections is reached|ec5cf461-c691-11d8-8898-000d6111a684
-libxine<1.0.r4|http://www.xinehq.de/index.php/security/XSA-2004-3 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0433 http://secunia.com/advisories/11500|xine-lib RTSP handling vulnerabilities|83cbd52c-c8e8-11d8-8898-000d6111a684
-apache>=2.*<2.0.49_3|http://www.guninski.com/httpd1.html http://www.apacheweek.com/features/security-20 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0493 http://secunia.com/advisories/11956 http://www.osvdb.org/7269|Apache input header folding DoS vulnerability|81a8c9c2-c94f-11d8-8898-000d6111a684
-isakmpd<20040611|http://lists.netsys.com/pipermail/full-disclosure/2004-June/022399.html http://www.osvdb.org/6951 http://www.secunia.com/advisories/11827 http://www.securityfocus.com/bid/10496|isakmpd security association deletion vulnerability|9a73a5b4-c9b5-11d8-95ca-02e081301d81
-krb5<1.3.4|http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-001-an_to_ln.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0523 http://www.osvdb.org/6846 http://secunia.com/advisories/11753 http://www.kb.cert.org/vuls/id/686862 http://www.securityfocus.com/bid/10448|MIT Kerberos 5 krb5_aname_to_localname() buffer overflow|5177b6e5-c9b7-11d8-95ca-02e081301d81
-png<1.2.5_6|http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1363 http://rhn.redhat.com/errata/RHSA-2003-006.html http://www.osvdb.org/7191 http://www.securityfocus.com/bid/6431|libpng row buffer overflow|1b78d43f-d32b-11d8-b479-02e0185c0b53
-linux-png<1.0.14_3|http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1363 http://rhn.redhat.com/errata/RHSA-2003-006.html http://www.osvdb.org/7191 http://www.securityfocus.com/bid/6431|libpng row buffer overflow|1b78d43f-d32b-11d8-b479-02e0185c0b53
-{ja-,}bugzilla<2.16.6|http://www.bugzilla.org/security/2.16.5/ http://secunia.com/advisories/12057 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0704 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0705 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0707 http://www.securityfocus.com/bid/10698|multiple vulnerabilities in Bugzilla|672975cb-d526-11d8-b479-02e0185c0b53
-wv<=1.0.0_1|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0645 http://www.idefense.com/application/poi/display?id=115&type=vulnerabilities&flashstatus=false http://secunia.com/advisories/12040 http://www.osvdb.org/7761|wv library datetime field buffer overflow|7a5430df-d562-11d8-b479-02e0185c0b53
-ru-apache+mod_ssl<1.3.31+30.20+2.8.19|http://www.mail-archive.com/modssl-users@modssl.org/msg16853.html http://www.mail-archive.com/modssl-users@modssl.org/msg16855.html http://secunia.com/advisories/12077 http://www.osvdb.org/7929|mod_ssl format string vulnerability|a3b7cb56-d8a7-11d8-9b0a-000347a4fa7d
-apache+mod_ssl*<1.3.31+2.8.19|http://www.mail-archive.com/modssl-users@modssl.org/msg16853.html http://www.mail-archive.com/modssl-users@modssl.org/msg16855.html http://secunia.com/advisories/12077 http://www.osvdb.org/7929|mod_ssl format string vulnerability|a3b7cb56-d8a7-11d8-9b0a-000347a4fa7d
-subversion<1.0.6|http://subversion.tigris.org/security/mod_authz_svn-copy-advisory.txt http://secunia.com/advisories/12079 http://www.osvdb.org/8239|mod_authz_svn access control bypass|cc35a97d-da35-11d8-9b0a-000347a4fa7d
-subversion-{perl,python}<1.0.6|http://subversion.tigris.org/security/mod_authz_svn-copy-advisory.txt http://secunia.com/advisories/12079 http://www.osvdb.org/8239|mod_authz_svn access control bypass|cc35a97d-da35-11d8-9b0a-000347a4fa7d
-phpbb<2.0.10|http://secunia.com/advisories/12114 http://www.phpbb.com/support/documents.php?mode=changelog#209 http://www.osvdb.org/8164 http://www.osvdb.org/8165 http://www.osvdb.org/8166|phpBB cross site scripting vulnerabilities|c59dbaf0-dbe1-11d8-9b0a-000347a4fa7d
-l2tpd<=0.69_2|http://www.securityfocus.com/archive/1/365211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0649 http://www.osvdb.org/6726 http://secunia.com/advisories/11788|l2tpd BSS-based buffer overflow|807b9ddd-dc11-11d8-9b0a-000347a4fa7d
-dropbear<0.43|http://matt.ucc.asn.au/dropbear/dropbear.html http://secunia.com/advisories/12153|Dropbear DSS verification vulnerability|0316f983-dfb6-11d8-9b0a-000347a4fa7d
-nessus<2.0.12|http://www.osvdb.org/8167 http://secunia.com/advisories/12127 http://www.securityfocus.com/bid/10784|Nessus "adduser" race condition vulnerability|054e4aad-dfb6-11d8-9b0a-000347a4fa7d
-nessus-devel>=2.*<2.1.1|http://www.osvdb.org/8167 http://secunia.com/advisories/12127 http://www.securityfocus.com/bid/10784|Nessus "adduser" race condition vulnerability|054e4aad-dfb6-11d8-9b0a-000347a4fa7d
-pavuk<=0.9.28_5|http://www.securityfocus.com/archive/1/370248 http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1119.html http://secunia.com/advisories/12152 http://www.osvdb.org/8242 http://www.securityfocus.com/bid/10797 http://www.gentoo.org/cgi-bin/viewcvs.cgi/net-misc/pavuk/files/pavuk-0.9.28-digest_auth.c.patch|pavuk digest auth buffer overflow|f67ea071-dfb8-11d8-9b0a-000347a4fa7d
-lcdproc<0.4.5|http://sourceforge.net/project/shownotes.php?release_id=230910 http://secunia.com/advisories/11333 http://www.securityfocus.com/archive/1/360209 http://www.securityfocus.com/bid/10085 http://www.osvdb.org/5157 http://www.osvdb.org/5158 http://www.osvdb.org/5159 http://www.osvdb.org/5160|LCDProc buffer overflow/format string vulnerabilities|62d23317-e072-11d8-9a79-000347dd607f
-dansguardian<2.8.0.1|http://secunia.com/advisories/12191 http://www.securityfocus.com/archive/1/370346 http://www.osvdb.org/8270|DansGuardian banned extension filter bypass vulnerability|f6fd9200-e20e-11d8-9b0a-000347a4fa7d
-imp<3.2.5|http://www.greymagic.com/security/advisories/gm005-mc/ http://cvs.horde.org/diff.php/imp/docs/CHANGES?r1=1.389.2.106&r2=1.389.2.109&ty=h http://secunia.com/advisories/12202|XSS hole in the HTML viewer - This vulnerability only exists when using the Internet Explorer to access IMP and only when using the inline MIME viewer for HTML messages.|49189b47-e24d-11d8-9f75-000bdb1444a4
-phpMyAdmin<2.5.7.1|http://www.securityfocus.com/archive/1/367486 http://www.securityfocus.com/bid/10629 http://secunia.com/SA11974 http://www.osvdb.org/7314 http://www.osvdb.org/7315|phpMyAdmin configuration manipulation and code injection|56648b44-e301-11d8-9b0a-000347a4fa7d
-gnutls<1.0.17|http://www.hornik.sk/SA/SA-20040802.txt http://secunia.com/advisories/12156|GnuTLS certificate chain verification DoS|84ab58cf-e4ac-11d8-9b0a-000347a4fa7d
-gnutls-devel>=1.1.*<1.1.12|http://www.hornik.sk/SA/SA-20040802.txt http://secunia.com/advisories/12156|GnuTLS certificate chain verification DoS|84ab58cf-e4ac-11d8-9b0a-000347a4fa7d
-{linux-,}opera<7.54|http://www.opera.com/freebsd/changelogs/754/ http://www.greymagic.com/security/advisories/gm008-op/ http://secunia.com/advisories/12233 http://www.osvdb.org/8331|Opera "location" object write access vulnerability|0deed2ce-e6f5-11d8-9a79-000347dd607f
-putty<0.55|http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html http://www.coresecurity.com/common/showdoc.php?idx=417&idxseccion=10 http://www.osvdb.org/8299 http://secunia.com/advisories/12212|modified server can execute commands on the client|4424f4db-e697-11d8-bf04-000c763e9a47
-cfengine2<2.1.8|http://www.coresecurity.com/common/showdoc.php?idx=387&idxseccion=10 http://secunia.com/advisories/12251|cfengine authentication heap corruption|f2a1dc8b-ea66-11d8-9440-000347a4fa7d
-sympa<4.1.2|http://secunia.com/advisories/12286 http://www.sympa.org/release.html http://xforce.iss.net/xforce/xfdb/16984 http://www.securityfocus.com/bid/10941|Sympa unauthorized list creation|4a160c54-ed46-11d8-81b0-000347a4fa7d
-phpgedview<2.65.5|http://sourceforge.net/forum/forum.php?forum_id=344342 http://secunia.com/advisories/10602 http://www.osvdb.org/3473 http://www.osvdb.org/3474 http://www.osvdb.org/3475 http://www.osvdb.org/3476 http://www.osvdb.org/3477 http://www.osvdb.org/3478 http://www.osvdb.org/3479 http://www.osvdb.org/3480 http://www.osvdb.org/3481 http://www.osvdb.org/3482 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0067 http://www.securityfocus.com/archive/1/349698|phpGedView: muliple vulnerabilities|c35d4cae-eed0-11d8-81b0-000347a4fa7d
-{ja-,}phpgroupware<0.9.14.007|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0016 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0017 http://www.securityfocus.com/bid/9386 http://www.securityfocus.com/bid/9387 http://xforce.iss.net/xforce/xfdb/13489 http://xforce.iss.net/xforce/xfdb/14846 http://www.osvdb.org/2691 http://www.osvdb.org/6857 http://secunia.com/advisories/10046|phpGroupWare calendar and infolog SQL injection, calendar server side script execution|96fc0f03-ef13-11d8-81b0-000347a4fa7d
-{ja-,}phpgroupware<0.9.16.002|http://freshmeat.net/releases/168144 http://www.osvdb.org/8354 http://xforce.iss.net/xforce/xfdb/16970|phpGroupWare stores passwords in plain text|82f16a40-ef12-11d8-81b0-000347a4fa7d
-gallery<1.4.4.1|http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0757.html http://xforce.iss.net/xforce/xfdb/17021 http://www.osvdb.org/9019 http://secunia.com/advisories/12316 http://www.securityfocus.com/bid/10968|Gallery arbitrary PHP file upload|031663de-f0a6-11d8-81b0-000347a4fa7d
-apache>=2.*<2.0.50_2|http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0751 http://issues.apache.org/bugzilla/show_bug.cgi?id=30134 http://issues.apache.org/bugzilla/show_bug.cgi?id=27945 http://issues.apache.org/bugzilla/show_bug.cgi?id=29690|potential security flaws in mod_ssl|0e08f539-f151-11d8-81b0-000347a4fa7d
-a2ps-{a4,letter,letterdj}<4.13b_2|http://www.freebsd.org/cgi/query-pr.cgi?pr=70618 http://secunia.com/advisories/12375 http://www.osvdb.org/9176 http://www.securityfocus.com/bid/11025|a2ps: Possible execution of shell commands as local user|8091fcea-f35e-11d8-81b0-000347a4fa7d
-{ja-,}xv<=3.10a_3|http://secunia.com/advisories/12352 http://www.securityfocus.com/archive/1/372345 http://www.osvdb.org/9115 http://www.osvdb.org/9118 http://www.osvdb.org/9119 http://www.osvdb.org/9120 http://www.securityfocus.com/bid/10985|multiple buffer overflows in xv|34c453ba-f686-11d8-81b0-000347a4fa7d
-nss<3.9|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0564 http://secunia.com/advisories/11096 http://www.osvdb.org/4197|Mozilla / NSS S/MIME DoS vulnerability|65532ad9-f69b-11d8-81b0-000347a4fa7d
-{ja-,ru-,}gaim<0.82|http://www.osvdb.org/9261 http://www.osvdb.org/9262 http://www.osvdb.org/9263 http://www.osvdb.org/9264 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0754 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0784 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0785 http://www.securityfocus.com/bid/11056 http://gaim.sourceforge.net/security/index.php|multiple vulnerabilities in gaim|8b29b312-fa6e-11d8-81b0-000347a4fa7d
-{ja-,}samba<2.2.11.*|http://www.samba.org/samba/history/samba-2.2.11.html http://secunia.com/advisories/12397 http://www.osvdb.org/9362|samba printer change notification request DoS|d8ce23a5-fadc-11d8-81b0-000347a4fa7d
-squid>=2.5.*<2.5.6_7|http://secunia.com/advisories/12444 http://www.squid-cache.org/bugs/show_bug.cgi?id=1045 http://www.securityfocus.com/bid/11098|Squid NTLM authentication helper DoS|7c351421-fdbd-11d8-81b0-000347a4fa7d
-FreeBSD>=502120<503000|http://secunia.com/advisories/11129 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0797 http://www.osvdb.org/9360 http://www.osvdb.org/9361 http://www.securityfocus.com/bid/11051|zlib DoS vulnerability|1b98165f-fdd9-11d8-81b0-000347a4fa7d
-FreeBSD>=600000<600001|http://secunia.com/advisories/11129 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0797 http://www.osvdb.org/9360 http://www.osvdb.org/9361 http://www.securityfocus.com/bid/11051|zlib DoS vulnerability|1b98165f-fdd9-11d8-81b0-000347a4fa7d
-{ja-,}phpgroupware<0.9.16.003|http://secunia.com/advisories/12466 http://phpgroupware.org/ http://www.osvdb.org/9729 http://freshmeat.net/releases/171909|XSS vulnerability in phpGroupWare wiki module|64726098-00aa-11d9-81b0-000347a4fa7d
-star>=1.5.*<1.5.a.46|http://lists.berlios.de/pipermail/star-users/2004-August/000239.html http://secunia.com/advisories/12484|Vulnerability in star versions that support ssh for remote tape access|6a5b2998-01c0-11d9-81b0-000347a4fa7d
-multi-gnome-terminal<=1.6.2_1|http://www.gentoo.org/security/en/glsa/glsa-200409-10.xml http://cvs.sourceforge.net/viewcvs.py/multignometerm/multignometerm/gnome-terminal/enhanced_gui.c?r1=text&tr1=1.252&r2=text&tr2=1.253&diff_format=u http://www.osvdb.org/9752|Possible information leak in multi-gnome-terminal|cad7a2f4-01c2-11d9-81b0-000347a4fa7d
-usermin<1.090|http://secunia.com/advisories/12488 http://www.webmin.com/uchanges.html http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/77_e.html http://www.osvdb.org/9775 http://www.osvdb.org/9776|Usermin remote shell command injection and insecure installation vulnerability|9ef2a3cf-01c3-11d9-81b0-000347a4fa7d
-mpg123<=0.59r_13|http://secunia.com/advisories/12478 http://www.osvdb.org/9748 http://www.alighieri.org/advisories/advisory-mpg123.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0805|mpg123 layer 2 decoder buffer overflow|780671ac-01e0-11d9-81b0-000347a4fa7d
-imp<3.2.6|http://thread.gmane.org/gmane.comp.horde.imp/15488 http://cvs.horde.org/diff.php/imp/docs/CHANGES?r1=1.389.2.109&r2=1.389.2.111&ty=h|XSS hole in the HTML viewer - The script vulnerabilities can only be exposed with certain browsers and allow XSS attacks when viewing HTML messages with the HTML MIME viewer.|efc4819b-0b2d-11d9-bfe1-000bdb1444a4
-koffice<1.3.2_1,1|http://kde.org/info/security/advisory-20041021-1.txt|Multiple integer overflow and integer arithmetic flaws in imported xpdf code|ecf6713f-2549-11d9-945e-00e018f69096
-kdegraphics>=3.2.0<3.3.0_1|http://kde.org/info/security/advisory-20041021-1.txt|Multiple integer overflow and integer arithmetic flaws in imported xpdf code|6a04bf0e-254b-11d9-945e-00e018f69096
-horde{-php5}=3.0|http://thread.gmane.org/gmane.comp.horde.user/10059|Horde: two XSS vulnerabilities can be exposed by making an authenticated user click on a specially crafted URL and allows to execute JavaScript code in the context of Horde.|338d1723-5f03-11d9-92a7-000bdb1444a4
diff --git a/security/portaudit-db/database/portaudit.xlist b/security/portaudit-db/database/portaudit.xlist
deleted file mode 100644
index 034472c025f7..000000000000
--- a/security/portaudit-db/database/portaudit.xlist
+++ /dev/null
@@ -1,26 +0,0 @@
-# portaudit exclude list
-# $FreeBSD$
-3362f2c1-8344-11d8-a41f-0020ed76ef5a
-5e7f58c3-b3f8-4258-aeb8-795e5e940ff8
-4aec9d58-ce7b-11d8-858d-000d610a3b12
-78348ea2-ec91-11d8-b913-000c41e2cdad
-641859e8-eca1-11d8-b913-000c41e2cdad
-603fe36d-ec9d-11d8-b913-000c41e2cdad
-2de14f7a-dad9-11d8-b59a-00061bc2ad93
-7a9d5dfe-c507-11d8-8898-000d6111a684
-3a408f6f-9c52-11d8-9366-0020ed76ef5a
-e5e2883d-ceb9-11d8-8898-000d6111a684
-74d06b67-d2cf-11d8-b479-02e0185c0b53
-265c8b00-d2d0-11d8-b479-02e0185c0b53
-4764cfd6-d630-11d8-b479-02e0185c0b53
-730db824-e216-11d8-9b0a-000347a4fa7d
-f9e3e60b-e650-11d8-9b0a-000347a4fa7d
-abe47a5a-e23c-11d8-9b0a-000347a4fa7d
-a713c0f9-ec54-11d8-9440-000347a4fa7d
-5b8f9a02-ec93-11d8-b913-000c41e2cdad
-65a17a3f-ed6e-11d8-aff1-00061bc2ad93
-e811aaf1-f015-11d8-876f-00902714cc7c
-ebffe27a-f48c-11d8-9837-000c41e2cdad
-0d3a5148-f512-11d8-9837-000c41e2cdad
-b6cad7f3-fb59-11d8-9837-000c41e2cdad
-d2102505-f03d-11d8-81b0-000347a4fa7d
diff --git a/security/portaudit-db/database/portaudit.xml b/security/portaudit-db/database/portaudit.xml
deleted file mode 100644
index 61aac6d73564..000000000000
--- a/security/portaudit-db/database/portaudit.xml
+++ /dev/null
@@ -1,1107 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!--
-Copyright (c) 2004 Oliver Eikemeier
-
-Redistribution and use in source (XML) and 'compiled' forms (SGML,
-HTML, PDF, PostScript, RTF and so forth) with or without modification,
-are permitted provided that the following conditions are met:
-
-- Redistributions of source code (XML) must retain the above copyright
- notice, this list of conditions and the following disclaimer as
- the first lines of this file unmodified.
-
-- Redistributions in compiled form (transformed to other DTDs,
- converted to PDF, PostScript, RTF and other formats) must reproduce
- the above copyright notice, this list of conditions and the
- following disclaimer in the documentation and/or other materials
- provided with the distribution.
-
-THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS
-OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
-DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
-GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
-IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
-OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
-EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
- $FreeBSD$
-
--->
-<!DOCTYPE vuxml PUBLIC "-//vuxml.org//DTD VuXML 1.1//EN" "http://www.vuxml.org/dtd/vuxml-1/vuxml-11.dtd">
-<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
-
- <vuln vid="42e330ab-82a4-11d8-868e-000347dd607f">
- <topic>MPlayer remotely exploitable buffer overflow in the ASX parser</topic>
- <affects>
- <package>
- <name>mplayer{,-gtk}{,-esound}</name>
- <range><lt>0.92</lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>A remotely exploitable buffer overflow vulnerability was found in
- MPlayer. A malicious host can craft a harmful ASX header,
- and trick MPlayer into executing arbitrary code upon parsing that header.</p>
- </body>
- </description>
- <references>
- <url>http://www.mplayerhq.hu/</url>
- <url>http://www.securityfocus.com/archive/1/339330</url>
- <url>http://www.securityfocus.com/archive/1/339193</url>
- <cvename>CAN-2003-0835</cvename>
- <bid>8702</bid>
- </references>
- <dates>
- <discovery>2003-09-24</discovery>
- <entry>2004-03-30</entry>
- </dates>
- </vuln>
-
- <vuln vid="d8c46d74-8288-11d8-868e-000347dd607f">
- <topic>MPlayer remotely exploitable buffer overflow in the HTTP parser</topic>
- <affects>
- <package>
- <name>mplayer{,-gtk}{,-esound}</name>
- <range><lt>0.92.1</lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>A remotely exploitable buffer overflow vulnerability was found in
- MPlayer. A malicious host can craft a harmful HTTP header (&quot;Location:&quot;),
- and trick MPlayer into executing arbitrary code upon parsing that header.</p>
- </body>
- </description>
- <references>
- <url>http://www.mplayerhq.hu/</url>
- <url>http://www.securityfocus.com/archive/1/359029</url>
- <url>http://www.securityfocus.com/archive/1/359025</url>
- <cvename>CAN-2004-0386</cvename>
- </references>
- <dates>
- <discovery>2004-03-29</discovery>
- <entry>2004-03-30</entry>
- </dates>
- </vuln>
-
- <vuln vid="1ed556e6-734f-11d8-868e-000347dd607f">
- <cancelled superseded="1a448eb7-6988-11d8-873f-0020ed76ef5a"/>
- </vuln>
-
- <vuln vid="4aec9d58-ce7b-11d8-858d-000d610a3b12">
- <cancelled superseded="c63936c1-caed-11d8-8898-000d6111a684"/>
- </vuln>
-
- <vuln vid="c63936c1-caed-11d8-8898-000d6111a684">
- <topic>SSLtelnet remote format string vulnerability</topic>
- <affects>
- <package>
- <name>SSLtelnet</name>
- <range><le>0.13_1</le></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>SSLtelnet contains a format string vulnerability
- that could allow remote code execution.</p>
- </body>
- </description>
- <references>
- <mlist msgid="FB24803D1DF2A34FA59FC157B77C970502D684B7@idserv04.idef.com">http://lists.freebsd.org/pipermail/freebsd-ports/2004-June/013878.html</mlist>
- <url>http://www.idefense.com/application/poi/display?id=114&amp;type=vulnerabilities&amp;flashstatus=false</url>
- <cvename>CAN-2004-0640</cvename>
- <url>http://www.osvdb.org/7594</url>
- <url>http://secunia.com/advisories/12032</url>
- </references>
- <dates>
- <discovery>2003-04-03</discovery>
- <entry>2004-06-30</entry>
- </dates>
- </vuln>
-
- <vuln vid="7eded4b8-e6fe-11d8-b12f-0a001f31891a">
- <cancelled superseded="2de14f7a-dad9-11d8-b59a-00061bc2ad93"/>
- </vuln>
-
- <vuln vid="f72ccf7c-e607-11d8-9b0a-000347a4fa7d">
- <cancelled superseded="6f955451-ba54-11d8-b88c-000d610a3b12"/>
- </vuln>
-
- <vuln vid="9fb5bb32-d6fa-11d8-b479-02e0185c0b53">
- <cancelled superseded="40800696-c3b0-11d8-864c-02e0185c0b53"/>
- </vuln>
-
- <vuln vid="78348ea2-ec91-11d8-b913-000c41e2cdad">
- <cancelled superseded="ab166a60-e60a-11d8-9b0a-000347a4fa7d"/>
- </vuln>
-
- <vuln vid="ab166a60-e60a-11d8-9b0a-000347a4fa7d">
- <topic>Acrobat Reader handling of malformed uuencoded pdf files</topic>
- <affects>
- <package>
- <name>acroread</name>
- <range><lt>5.09</lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>Remote exploitation of an input validation error in the uudecoding
- feature of Adobe Acrobat Reader (Unix) 5.0 allows an attacker to execute
- arbitrary code.</p>
- </body>
- </description>
- <references>
- <url>http://www.osvdb.org/7429</url>
- <url>http://freshmeat.net/releases/164883</url>
- <cvename>CAN-2004-0630</cvename>
- <cvename>CAN-2004-0631</cvename>
- <url>http://secunia.com/advisories/12285</url>
- <url>http://xforce.iss.net/xforce/xfdb/16972</url>
- <url>http://xforce.iss.net/xforce/xfdb/16973</url>
- <url>http://www.idefense.com/application/poi/display?id=124&amp;type=vulnerabilities&amp;flashstatus=false</url>
- <url>http://www.idefense.com/application/poi/display?id=125&amp;type=vulnerabilities&amp;flashstatus=false</url>
- <url>http://www.osvdb.org/8654</url>
- <url>http://www.osvdb.org/8655</url>
- <bid>10931</bid>
- <bid>10932</bid>
- </references>
- <dates>
- <discovery>2004-03-30</discovery>
- <entry>2004-08-04</entry>
- </dates>
- </vuln>
-
- <vuln vid="603fe36d-ec9d-11d8-b913-000c41e2cdad">
- <cancelled superseded="a4bd1cd3-eb25-11d8-978e-00e018f69096"/>
- </vuln>
-
- <vuln vid="cd95b452-eca6-11d8-afa6-ed04757064bb">
- <cancelled superseded="a4bd1cd3-eb25-11d8-978e-00e018f69096"/>
- </vuln>
-
- <vuln vid="a4bd1cd3-eb25-11d8-978e-00e018f69096">
- <topic>KDElibs temporary directory vulnerability</topic>
- <affects>
- <package>
- <name>kdelibs</name>
- <range><lt>3.2.3_5</lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>In some cases the
- integrity of symlinks used by KDE are not ensured and that
- these symlinks can be pointing to stale locations. This can
- be abused by a local attacker to create or truncate arbitrary
- files or to prevent KDE applications from functioning
- correctly (Denial of Service).</p>
- </body>
- </description>
- <references>
- <url>http://www.kde.org/info/security/advisory-20040811-1.txt</url>
- <cvename>CAN-2004-0689</cvename>
- <url>http://www.osvdb.org/8589</url>
- <url>http://secunia.com/advisories/12276</url>
- </references>
- <dates>
- <discovery>2004-06-23</discovery>
- <entry>2004-08-12</entry>
- <modified>2004-08-13</modified>
- </dates>
- </vuln>
-
- <vuln vid="608ceab8-eca3-11d8-afa6-ed04757064bb">
- <topic>DCOPServer Temporary Filename Vulnerability</topic>
- <affects>
- <package>
- <name>kdelibs</name>
- <range><lt>3.2.3_4</lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>KDE's DCOPServer creates
- temporary files in an insecure manner. Since the temporary
- files are used for authentication related purposes this can
- potentially allow a local attacker to compromise the account of
- any user which runs a KDE application.</p>
- </body>
- </description>
- <references>
- <url>http://www.kde.org/info/security/advisory-20040811-2.txt</url>
- <cvename>CAN-2004-0690</cvename>
- <url>http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261386</url>
- <url>http://www.osvdb.org/8590</url>
- <url>http://secunia.com/advisories/12276</url>
- </references>
- <dates>
- <discovery>2004-07-25</discovery>
- <entry>2004-08-12</entry>
- <modified>2004-08-13</modified>
- </dates>
- </vuln>
-
- <vuln vid="641859e8-eca1-11d8-b913-000c41e2cdad">
- <cancelled superseded="2e395baa-eb26-11d8-978e-00e018f69096"/>
- </vuln>
-
- <vuln vid="2e395baa-eb26-11d8-978e-00e018f69096">
- <topic>Konqueror frame injection vulnerability</topic>
- <affects>
- <package>
- <name>kdebase</name>
- <range><lt>3.2.3_1</lt></range>
- </package>
- <package>
- <name>kdelibs</name>
- <range><lt>3.2.3_3</lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>The Konqueror webbrowser allows websites to load webpages into
- a frame of any other frame-based webpage that the user may have open.</p>
- </body>
- </description>
- <references>
- <url>http://www.kde.org/info/security/advisory-20040811-3.txt</url>
- <cvename>CAN-2004-0721</cvename>
- <url>http://secunia.com/advisories/11978</url>
- <url>http://www.heise.de/newsticker/meldung/48793</url>
- <url>http://bugs.kde.org/show_bug.cgi?id=84352</url>
- </references>
- <dates>
- <discovery>2004-07-01</discovery>
- <entry>2004-08-11</entry>
- <modified>2004-08-13</modified>
- </dates>
- </vuln>
-
- <vuln vid="2de14f7a-dad9-11d8-b59a-00061bc2ad93">
- <topic>Multiple Potential Buffer Overruns in Samba</topic>
- <affects>
- <package>
- <name>samba</name>
- <range><ge>3.*</ge><lt>3.0.5,1</lt></range>
- <range><lt>2.2.10</lt></range>
- </package>
- <package>
- <name>ja-samba</name>
- <range><lt>2.2.10.*</lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>Evgeny Demidov discovered that the Samba server has a
- buffer overflow in the Samba Web Administration Tool (SWAT)
- on decoding Base64 data during HTTP Basic Authentication.
- Versions 3.0.2 through 3.0.4 are affected.</p>
- <p>Another buffer overflow bug has been found in the code
- used to support the "mangling method = hash" smb.conf
- option. The default setting for this parameter is "mangling
- method = hash2" and therefore not vulnerable. Versions
- between 2.2.0 through 2.2.9 and 3.0.0 through 3.0.4 are affected.
- </p>
- </body>
- </description>
- <references>
- <cvename>CAN-2004-0600</cvename>
- <cvename>CAN-2004-0686</cvename>
- <mlist msgid="web-53121174@cgp.agava.net">http://www.securityfocus.com/archive/1/369698</mlist>
- <mlist msgid="200407222031.25086.bugtraq@beyondsecurity.com">http://www.securityfocus.com/archive/1/369706</mlist>
- <url>http://www.samba.org/samba/whatsnew/samba-3.0.5.html</url>
- <url>http://www.samba.org/samba/whatsnew/samba-2.2.10.html</url>
- <url>http://www.osvdb.org/8190</url>
- <url>http://www.osvdb.org/8191</url>
- <url>http://secunia.com/advisories/12130</url>
- </references>
- <dates>
- <discovery>2004-07-14</discovery>
- <entry>2004-07-21</entry>
- <modified>2004-07-22</modified>
- </dates>
- </vuln>
-
- <vuln vid="7a9d5dfe-c507-11d8-8898-000d6111a684">
- <topic>isc-dhcp3-server buffer overflow in logging mechanism</topic>
- <affects>
- <package>
- <name>isc-dhcp3-{relay,server}</name>
- <range><ge>3.0.1.r12</ge><lt>3.0.1.r14</lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>A buffer overflow exists in the logging functionality
- of the DHCP daemon which could lead to Denial of Service
- attacks and has the potential to allow attackers to
- execute arbitrary code.</p>
- </body>
- </description>
- <references>
- <cvename>CAN-2004-0460</cvename>
- <url>http://www.osvdb.org/7237</url>
- <uscertta>TA04-174A</uscertta>
- <certvu>317350</certvu>
- <mlist msgid="BAY13-F94UHMuEEkHMz0005c4f7@hotmail.com">http://www.securityfocus.com/archive/1/366801</mlist>
- <mlist msgid="40DFAB69.1060909@sympatico.ca">http://www.securityfocus.com/archive/1/367286</mlist>
- </references>
- <dates>
- <discovery>2004-06-22</discovery>
- <entry>2004-06-25</entry>
- <modified>2004-06-28</modified>
- </dates>
- </vuln>
-
- <vuln vid="3a408f6f-9c52-11d8-9366-0020ed76ef5a">
- <topic>libpng denial-of-service</topic>
- <affects>
- <package>
- <name>linux-png</name>
- <range><le>1.0.14_3</le></range>
- <range><ge>1.2.*</ge><le>1.2.2</le></range>
- </package>
- <package>
- <name>png</name>
- <range><lt>1.2.5_4</lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>Steve Grubb reports a buffer read overrun in
- libpng's png_format_buffer function. A specially
- constructed PNG image processed by an application using
- libpng may trigger the buffer read overrun and possibly
- result in an application crash.</p>
- </body>
- </description>
- <references>
- <cvename>CAN-2004-0421</cvename>
- <url>http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120508</url>
- <url>http://rhn.redhat.com/errata/RHSA-2004-181.html</url>
- <url>http://secunia.com/advisories/11505</url>
- <url>http://www.osvdb.org/5726</url>
- <bid>10244</bid>
- <url>http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7</url>
- </references>
- <dates>
- <discovery>2004-04-29</discovery>
- <entry>2004-05-02</entry>
- <modified>2004-08-10</modified>
- </dates>
- </vuln>
-
- <vuln vid="e5e2883d-ceb9-11d8-8898-000d6111a684">
- <topic>MySQL authentication bypass / buffer overflow</topic>
- <affects>
- <package>
- <name>mysql-server</name>
- <range><ge>4.1.*</ge><lt>4.1.3</lt></range>
- <range><ge>5.*</ge><le>5.0.0_2</le></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>By submitting a carefully crafted authentication packet, it is possible
- for an attacker to bypass password authentication in MySQL 4.1. Using a
- similar method, a stack buffer used in the authentication mechanism can
- be overflowed.</p>
- </body>
- </description>
- <references>
- <url>http://www.nextgenss.com/advisories/mysql-authbypass.txt</url>
- <url>http://dev.mysql.com/doc/mysql/en/News-4.1.3.html</url>
- <url>http://secunia.com/advisories/12020</url>
- <url>http://www.osvdb.org/7475</url>
- <url>http://www.osvdb.org/7476</url>
- <mlist msgid="Pine.LNX.4.44.0407080940550.9602-200000@pineapple.shacknet.nu">http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0003.html</mlist>
- <cvename>CAN-2004-0627</cvename>
- <cvename>CAN-2004-0628</cvename>
- <certvu>184030</certvu>
- <certvu>645326</certvu>
- </references>
- <dates>
- <discovery>2004-07-01</discovery>
- <entry>2004-07-05</entry>
- </dates>
- </vuln>
-
- <vuln vid="74d06b67-d2cf-11d8-b479-02e0185c0b53">
- <topic>multiple vulnerabilities in ethereal</topic>
- <affects>
- <package>
- <name>ethereal{,-lite}</name>
- <name>tethereal{,-lite}</name>
- <range><lt>0.10.4</lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>Issues have been discovered in multiple protocol dissectors.</p>
- </body>
- </description>
- <references>
- <url>http://www.ethereal.com/appnotes/enpa-sa-00014.html</url>
- <cvename>CAN-2004-0504</cvename>
- <cvename>CAN-2004-0505</cvename>
- <cvename>CAN-2004-0506</cvename>
- <cvename>CAN-2004-0507</cvename>
- <url>http://secunia.com/advisories/11608</url>
- <bid>10347</bid>
- <url>http://www.osvdb.org/6131</url>
- <url>http://www.osvdb.org/6132</url>
- <url>http://www.osvdb.org/6133</url>
- <url>http://www.osvdb.org/6134</url>
- </references>
- <dates>
- <discovery>2004-05-13</discovery>
- <entry>2004-07-11</entry>
- </dates>
- </vuln>
-
- <vuln vid="265c8b00-d2d0-11d8-b479-02e0185c0b53">
- <topic>multiple vulnerabilities in ethereal</topic>
- <affects>
- <package>
- <name>ethereal{,-lite}</name>
- <name>tethereal{,-lite}</name>
- <range><lt>0.10.5</lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>Issues have been discovered in multiple protocol dissectors.</p>
- </body>
- </description>
- <references>
- <url>http://www.ethereal.com/appnotes/enpa-sa-00015.html</url>
- <cvename>CAN-2004-0633</cvename>
- <cvename>CAN-2004-0634</cvename>
- <cvename>CAN-2004-0635</cvename>
- <url>http://secunia.com/advisories/12024</url>
- <bid>10672</bid>
- <url>http://www.osvdb.org/7536</url>
- <url>http://www.osvdb.org/7537</url>
- <url>http://www.osvdb.org/7538</url>
- </references>
- <dates>
- <discovery>2004-07-06</discovery>
- <entry>2004-07-11</entry>
- </dates>
- </vuln>
-
- <vuln vid="4764cfd6-d630-11d8-b479-02e0185c0b53">
- <topic>PHP memory_limit and strip_tags() vulnerabilities</topic>
- <affects>
- <package>
- <name>php4</name>
- <name>php4-{cgi,cli,dtc,horde,nms}</name>
- <name>mod_php4-twig</name>
- <range><lt>4.3.8</lt></range>
- </package>
- <package>
- <name>mod_php4</name>
- <range><lt>4.3.8,1</lt></range>
- </package>
- <package>
- <name>php5</name>
- <name>php5-{cgi,cli}</name>
- <range><lt>5.0.0</lt></range>
- </package>
- <package>
- <name>mod_php5</name>
- <range><lt>5.0.0,1</lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>Stefan Esser has reported two vulnerabilities in PHP, which can
- be exploited by malicious people to bypass security functionality
- or compromise a vulnerable system. An error within PHP's memory_limit
- request termination allows remote code execution on PHP servers
- with activated memory_limit. A binary safety problem within PHP's
- strip_tags() function may allow injection of arbitrary tags in
- Internet Explorer and Safari browsers.</p>
- </body>
- </description>
- <references>
- <url>http://www.php.net/ChangeLog-4.php</url>
- <url>http://www.php.net/ChangeLog-5.php</url>
- <url>http://security.e-matters.de/advisories/112004.html</url>
- <url>http://security.e-matters.de/advisories/122004.html</url>
- <url>http://secunia.com/advisories/12064</url>
- <url>http://www.osvdb.org/7870</url>
- <url>http://www.osvdb.org/7871</url>
- <cvename>CAN-2004-0594</cvename>
- <cvename>CAN-2004-0595</cvename>
- </references>
- <dates>
- <discovery>2007-07-07</discovery>
- <entry>2004-07-15</entry>
- </dates>
- </vuln>
-
- <vuln vid="730db824-e216-11d8-9b0a-000347a4fa7d">
- <topic>Mozilla / Firefox user interface spoofing vulnerability</topic>
- <affects>
- <package>
- <name>firefox</name>
- <range><le>0.9.1_1</le></range>
- </package>
- <package>
- <name>linux-mozilla</name>
- <range><le>1.7.1</le></range>
- </package>
- <package>
- <name>linux-mozilla-devel</name>
- <range><le>1.7.1</le></range>
- </package>
- <package>
- <name>mozilla</name>
- <range><le>1.7.1,2</le></range>
- <range><ge>1.8.*,2</ge><le>1.8.a2,2</le></range>
- </package>
- <package>
- <name>mozilla-gtk1</name>
- <range><le>1.7.1_1</le></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>A vulnerability has been reported in Mozilla and Firefox,
- allowing malicious websites to spoof the user interface.</p>
- </body>
- </description>
- <references>
- <url>http://bugzilla.mozilla.org/show_bug.cgi?id=252198</url>
- <url>http://www.nd.edu/~jsmith30/xul/test/spoof.html</url>
- <url>http://secunia.com/advisories/12188</url>
- <bid>10832</bid>
- <cvename>CAN-2004-0764</cvename>
- </references>
- <dates>
- <discovery>2004-07-19</discovery>
- <entry>2004-07-30</entry>
- </dates>
- </vuln>
-
- <vuln vid="f9e3e60b-e650-11d8-9b0a-000347a4fa7d">
- <topic>libpng stack-based buffer overflow and other code concerns</topic>
- <affects>
- <package>
- <name>png</name>
- <range><le>1.2.5_7</le></range>
- </package>
- <package>
- <name>linux-png</name>
- <range><le>1.0.14_3</le></range>
- <range><ge>1.2.*</ge><le>1.2.2</le></range>
- </package>
- <package>
- <name>firefox</name>
- <range><lt>0.9.3</lt></range>
- </package>
- <package>
- <name>thunderbird</name>
- <range><lt>0.7.3</lt></range>
- </package>
- <package>
- <name>linux-mozilla</name>
- <range><lt>1.7.2</lt></range>
- </package>
- <package>
- <name>linux-mozilla-devel</name>
- <range><lt>1.7.2</lt></range>
- </package>
- <package>
- <name>mozilla</name>
- <range><lt>1.7.2,2</lt></range>
- <range><ge>1.8.*,2</ge><le>1.8.a2,2</le></range>
- </package>
- <package>
- <name>mozilla-gtk1</name>
- <range><lt>1.7.2</lt></range>
- </package>
- <package>
- <name>netscape-{communicator,navigator}</name>
- <range><le>4.78</le></range>
- </package>
- <package>
- <name>linux-netscape-{communicator,navigator}</name>
- <name>{ja,ko}-netscape-{communicator,navigator}-linux</name>
- <range><le>4.8</le></range>
- </package>
- <package>
- <name>{,ja-}netscape7</name>
- <range><le>7.1</le></range>
- </package>
- <package>
- <name>{de-,fr-,pt_BR-}netscape7</name>
- <range><le>7.02</le></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>Chris Evans has discovered multiple vulnerabilities in libpng,
- which can be exploited by malicious people to compromise a
- vulnerable system or cause a DoS (Denial of Service).</p>
- </body>
- </description>
- <references>
- <mlist msgid="Pine.LNX.4.58.0408041840080.20655@sphinx.mythic-beasts.com">http://www.securityfocus.com/archive/1/370853</mlist>
- <url>http://scary.beasts.org/security/CESA-2004-001.txt</url>
- <url>http://www.osvdb.org/8312</url>
- <url>http://www.osvdb.org/8313</url>
- <url>http://www.osvdb.org/8314</url>
- <url>http://www.osvdb.org/8315</url>
- <url>http://www.osvdb.org/8316</url>
- <cvename>CAN-2004-0597</cvename>
- <cvename>CAN-2004-0598</cvename>
- <cvename>CAN-2004-0599</cvename>
- <certvu>388984</certvu>
- <certvu>236656</certvu>
- <certvu>160448</certvu>
- <certvu>477512</certvu>
- <certvu>817368</certvu>
- <certvu>286464</certvu>
- <url>http://secunia.com/advisories/12219</url>
- <url>http://secunia.com/advisories/12232</url>
- <url>http://bugzilla.mozilla.org/show_bug.cgi?id=251381</url>
- <url>http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.2</url>
- <uscertta>TA04-217A</uscertta>
- <url>http://dl.sourceforge.net/sourceforge/libpng/ADVISORY.txt</url>
- </references>
- <dates>
- <discovery>2004-08-04</discovery>
- <entry>2004-08-04</entry>
- <modified>2004-08-12</modified>
- </dates>
- </vuln>
-
- <vuln vid="abe47a5a-e23c-11d8-9b0a-000347a4fa7d">
- <topic>Mozilla certificate spoofing</topic>
- <affects>
- <package>
- <name>firefox</name>
- <range><ge>0.9.1</ge><le>0.9.2</le></range>
- </package>
- <package>
- <name>linux-mozilla</name>
- <range><lt>1.7.2</lt></range>
- </package>
- <package>
- <name>linux-mozilla-devel</name>
- <range><lt>1.7.2</lt></range>
- </package>
- <package>
- <name>mozilla</name>
- <range><lt>1.7.2,2</lt></range>
- <range><ge>1.8.*,2</ge><le>1.8.a2,2</le></range>
- </package>
- <package>
- <name>mozilla-gtk1</name>
- <range><lt>1.7.2</lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>Mozilla and Mozilla Firefox contains a flaw that may
- allow a malicious user to spoof SSL certification.</p>
- </body>
- </description>
- <references>
- <mlist msgid="003a01c472ba$b2060900$6501a8c0@sec">http://www.securityfocus.com/archive/1/369953</mlist>
- <url>http://www.cipher.org.uk/index.php?p=advisories/Certificate_Spoofing_Mozilla_FireFox_25-07-2004.advisory</url>
- <url>http://secunia.com/advisories/12160</url>
- <url>http://bugzilla.mozilla.org/show_bug.cgi?id=253121</url>
- <url>http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.2</url>
- <url>http://www.osvdb.org/8238</url>
- <bid>10796</bid>
- <cvename>CAN-2004-0763</cvename>
- </references>
- <dates>
- <discovery>2004-07-25</discovery>
- <entry>2004-07-30</entry>
- <modified>2004-08-05</modified>
- </dates>
- </vuln>
-
- <vuln vid="a713c0f9-ec54-11d8-9440-000347a4fa7d">
- <topic>ImageMagick png and bmp vulnerabilities</topic>
- <affects>
- <package>
- <name>ImageMagick{,-nox11}</name>
- <range><lt>6.0.6</lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>Glenn Randers-Pehrson has contributed a fix for the png
- vulnerabilities discovered by Chris Evans.</p>
- <p>Furthermore, Marcus Meissner has discovered and patched a buffer
- overrun associated with decoding runlength-encoded BMP images.</p>
- </body>
- </description>
- <references>
- <url>http://studio.imagemagick.org/pipermail/magick-users/2004-August/013218.html</url>
- <url>http://studio.imagemagick.org/pipermail/magick-developers/2004-August/002011.html</url>
- <url>http://freshmeat.net/releases/169228</url>
- <url>http://secunia.com/advisories/12236</url>
- <url>http://secunia.com/advisories/12479</url>
- <url>http://www.freebsd.org/ports/portaudit/f9e3e60b-e650-11d8-9b0a-000347a4fa7d.html</url>
- </references>
- <dates>
- <discovery>2004-08-04</discovery>
- <entry>2004-08-04</entry>
- <modified>2004-09-03</modified>
- </dates>
- </vuln>
-
- <vuln vid="0139e7e0-e850-11d8-9440-000347a4fa7d">
- <topic>CVStrac remote code execution vulnerability</topic>
- <affects>
- <package>
- <name>cvstrac</name>
- <range><lt>1.1.4</lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>CVStrac contains a flaw that may allow a remote attacker
- to execute arbitrary commands.</p>
- </body>
- </description>
- <references>
- <mlist msgid="20040805175709.6995.qmail@web50508.mail.yahoo.com">http://www.securityfocus.com/archive/1/370955</mlist>
- <url>http://secunia.com/advisories/12090</url>
- <url>http://www.osvdb.org/8373</url>
- <url>http://www.cvstrac.org/cvstrac/chngview?cn=316</url>
- </references>
- <dates>
- <discovery>2004-08-05</discovery>
- <entry>2004-08-13</entry>
- </dates>
- </vuln>
-
- <vuln vid="5b8f9a02-ec93-11d8-b913-000c41e2cdad">
- <topic>gaim remotely exploitable vulnerabilities in MSN component</topic>
- <affects>
- <package>
- <name>{ja-,ru-,}gaim</name>
- <range><lt>0.81_1</lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>Sebastian Krahmer discovered several remotely exploitable
- buffer overflow vulnerabilities in the MSN component of
- gaim.</p>
- </body>
- </description>
- <references>
- <cvename>CAN-2004-0500</cvename>
- <url>http://secunia.com/advisories/12125</url>
- <url>http://www.osvdb.org/8382</url>
- <url>http://www.osvdb.org/8961</url>
- <url>http://www.osvdb.org/8962</url>
- <url>http://www.suse.com/de/security/2004_25_gaim.html</url>
- <bid>10865</bid>
- </references>
- <dates>
- <discovery>2004-08-12</discovery>
- <entry>2004-08-12</entry>
- <modified>2004-08-30</modified>
- </dates>
- </vuln>
-
- <vuln vid="65a17a3f-ed6e-11d8-aff1-00061bc2ad93">
- <topic>jftpgw remote syslog format string vulnerability</topic>
- <affects>
- <package>
- <name>jftpgw</name>
- <range><lt>0.13.5</lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>Remote authenticated users can execute arbitrary code by
- passing a malicious string containing format specifiers.</p>
- </body>
- </description>
- <references>
- <cvename>CAN-2004-0448</cvename>
- <bid>10438</bid>
- <url>http://secunia.com/advisories/11732</url>
- <url>http://www.debian.org/security/2004/dsa-510</url>
- </references>
- <dates>
- <discovery>2004-05-29</discovery>
- <entry>2004-08-13</entry>
- </dates>
- </vuln>
-
- <vuln vid="e811aaf1-f015-11d8-876f-00902714cc7c">
- <cancelled superseded="a800386e-ef7e-11d8-81b0-000347a4fa7d"/>
- </vuln>
-
- <vuln vid="a800386e-ef7e-11d8-81b0-000347a4fa7d">
- <topic>ruby CGI::Session insecure file creation</topic>
- <affects>
- <package>
- <name>ruby{,_r,_static}</name>
- <range><lt>1.6.8.2004.07.28</lt></range>
- <range><ge>1.8.*</ge><lt>1.8.2.p2</lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>Rubys CGI session management store session information insecurely,
- which can be exploited by a local attacker to take over a session.</p>
- </body>
- </description>
- <references>
- <cvename>CAN-2004-0755</cvename>
- <url>http://secunia.com/advisories/12290</url>
- <url>http://www.debian.org/security/2004/dsa-537</url>
- <url>http://www.ruby-lang.org/cgi-bin/cvsweb.cgi/ruby/ChangeLog?rev=1.2673.2.410</url>
- <url>http://www.osvdb.org/8845</url>
- </references>
- <dates>
- <discovery>2004-07-22</discovery>
- <entry>2004-08-16</entry>
- <modified>2004-08-16</modified>
- </dates>
- </vuln>
-
- <vuln vid="ebffe27a-f48c-11d8-9837-000c41e2cdad">
- <cancelled superseded="eda0ade6-f281-11d8-81b0-000347a4fa7d"/>
- </vuln>
-
- <vuln vid="eda0ade6-f281-11d8-81b0-000347a4fa7d">
- <topic>Qt 3.x BMP heap-based overflow, GIF and XPM DoS NULL pointer dereference</topic>
- <affects>
- <package>
- <name>qt</name>
- <range><ge>3.*</ge><lt>3.3.3</lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>Chris Evans has discovered flaws in th handling of various bitmap
- formats, allowing the execution of arbitrary code or causing a DoS.</p>
- </body>
- </description>
- <references>
- <url>http://scary.beasts.org/security/CESA-2004-004.txt</url>
- <url>http://secunia.com/advisories/12325</url>
- <cvename>CAN-2004-0691</cvename>
- <cvename>CAN-2004-0692</cvename>
- <cvename>CAN-2004-0693</cvename>
- <url>http://www.osvdb.org/9026</url>
- <url>http://xforce.iss.net/xforce/xfdb/17040</url>
- <url>http://xforce.iss.net/xforce/xfdb/17041</url>
- <url>http://xforce.iss.net/xforce/xfdb/17042</url>
- </references>
- <dates>
- <discovery>2004-08-18</discovery>
- <entry>2004-08-20</entry>
- </dates>
- </vuln>
-
- <vuln vid="0d3a5148-f512-11d8-9837-000c41e2cdad">
- <cancelled superseded="bacbc357-ea65-11d8-9440-000347a4fa7d"/>
- </vuln>
-
- <vuln vid="bacbc357-ea65-11d8-9440-000347a4fa7d">
- <topic>SpamAssassin DoS vulnerability</topic>
- <affects>
- <package>
- <name>p5-Mail-SpamAssassin</name>
- <range><lt>2.64</lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>Unspecified malformed messages can be used to
- cause a DoS (Denial of Service).</p>
- </body>
- </description>
- <references>
- <url>http://secunia.com/advisories/12255</url>
- <mlist msgid="20040805034902.6DF465900BB@radish.jmason.org>">http://marc.theaimsgroup.com/?l=spamassassin-announce&amp;m=109168121628767&amp;w=2</mlist>
- <cvename>CAN-2004-0796</cvename>
- <bid>10957</bid>
- </references>
- <dates>
- <discovery>2004-08-05</discovery>
- <entry>2004-08-10</entry>
- </dates>
- </vuln>
-
- <vuln vid="77cc070b-fdbe-11d8-81b0-000347a4fa7d">
- <topic>vpopmail multiple vulnerabilities</topic>
- <affects>
- <package>
- <name>vpopmail</name>
- <range><lt>5.4.6</lt></range>
- </package>
- <package>
- <name>vpopmail-devel</name>
- <range><lt>5.5.0</lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>Inter7 vpopmail (vchkpw) versions 5.4.2 and earlier contain
- buffer overflows and format string vulnerabilities in the file vsybase.c</p>
- <p>The buffer overflows are not fixed in versions 5.4.6/5.5.0, but are
- believed to be very hard to exploit, and only by administrators able to add users.</p>
- </body>
- </description>
- <references>
- <url>http://www.osvdb.org/9146</url>
- <url>http://www.osvdb.org/9147</url>
- <url>http://www.osvdb.org/9148</url>
- <bid>10962</bid>
- <url>http://secunia.com/advisories/12441</url>
- <url>http://cvs.sourceforge.net/viewcvs.py/vpopmail/vpopmail/vsybase.c?r1=1.9.2.1&amp;r2=1.9.2.2</url>
- <url>http://www.kupchino.org.ru/unl0ck/advisories/vpopmail.txt</url>
- <mlist msgid="200408181347.12199.bugtraq@beyondsecurity.com">http://www.securityfocus.com/archive/1/372257</mlist>
- <mlist msgid="58114.66.79.185.80.1092936304.squirrel@mail.xyxx.com">http://www.securityfocus.com/archive/1/372468</mlist>
- <url>http://xforce.iss.net/xforce/xfdb/17016</url>
- <url>http://xforce.iss.net/xforce/xfdb/17017</url>
- <url>http://security.gentoo.org/glsa/glsa-200409-01.xml</url>
- </references>
- <dates>
- <discovery>2004-08-17</discovery>
- <entry>2004-09-03</entry>
- </dates>
- </vuln>
-
- <vuln vid="d2102505-f03d-11d8-81b0-000347a4fa7d">
- <topic>multiple vulnerabilities in the cvs server code</topic>
- <affects>
- <package>
- <name>cvs+ipv6</name>
- <range><lt>1.11.17</lt></range>
- </package>
- <package>
- <name>FreeBSD</name>
- <range><lt>491101</lt></range>
- <range><ge>500000</ge><lt>502114</lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>Stefan Esser reports multiple remote exploitable vulnerabilites
- in the cvs code base.</p>
- <p>Additionaly there exists an undocumented switch to the history
- command allows an attacker to determine whether arbitrary files
- exist and whether the CVS process can access them.</p>
- </body>
- </description>
- <references>
- <cvename>CAN-2004-0414</cvename>
- <cvename>CAN-2004-0416</cvename>
- <cvename>CAN-2004-0417</cvename>
- <cvename>CAN-2004-0418</cvename>
- <cvename>CAN-2004-0778</cvename>
- <url>http://secunia.com/advisories/11817</url>
- <url>http://secunia.com/advisories/12309</url>
- <url>http://security.e-matters.de/advisories/092004.html</url>
- <url>http://www.idefense.com/application/poi/display?id=130&amp;type=vulnerabilities&amp;flashstatus=false</url>
- <url>https://ccvs.cvshome.org/source/browse/ccvs/NEWS?rev=1.116.2.104</url>
- <url>http://www.osvdb.org/6830</url>
- <url>http://www.osvdb.org/6831</url>
- <url>http://www.osvdb.org/6832</url>
- <url>http://www.osvdb.org/6833</url>
- <url>http://www.osvdb.org/6834</url>
- <url>http://www.osvdb.org/6835</url>
- <url>http://www.osvdb.org/6836</url>
- <url>http://www.packetstormsecurity.org/0405-exploits/cvs_linux_freebsd_HEAP.c</url>
- <bid>10499</bid>
- </references>
- <dates>
- <discovery>2004-05-20</discovery>
- <entry>2004-08-17</entry>
- </dates>
- </vuln>
-
- <vuln vid="59669fc9-fdf4-11d8-81b0-000347a4fa7d">
- <topic>multiple vulnerabilities in LHA</topic>
- <affects>
- <package>
- <name>lha</name>
- <range><le>1.14i_4</le></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>Multiple vulnerabilities have been found in the LHA code by Lukasz Wojtow
- and Thomas Biege.</p>
- <p>Successful exploitation may allow execution of arbitrary code.</p>
- </body>
- </description>
- <references>
- <url>http://secunia.com/advisories/12435</url>
- <cvename>CAN-2004-0694</cvename>
- <cvename>CAN-2004-0745</cvename>
- <cvename>CAN-2004-0769</cvename>
- <cvename>CAN-2004-0771</cvename>
- <mlist msgid="20040606162856.29866.qmail@www.securityfocus.com">http://www.securityfocus.com/archive/1/365386</mlist>
- <mlist msgid="20040515110900.24784.qmail@www.securityfocus.com">http://www.securityfocus.com/archive/1/363418</mlist>
- <url>http://lw.ftw.zamosc.pl/lha-exploit.txt</url>
- <url>http://www.osvdb.org/9519</url>
- <url>http://www.osvdb.org/9520</url>
- <url>http://www.osvdb.org/9521</url>
- <url>http://www.osvdb.org/9522</url>
- <bid>10354</bid>
- <bid>11093</bid>
- <url>http://rhn.redhat.com/errata/RHSA-2004-323.html</url>
- </references>
- <dates>
- <discovery>2004-05-19</discovery>
- <entry>2004-09-03</entry>
- </dates>
- </vuln>
-
- <vuln vid="fdbbed57-f933-11d8-a776-00e081220a76">
- <topic>cdrtools local privilege escalation</topic>
- <affects>
- <package>
- <name>cdrtools</name>
- <range><lt>2.0.3_4</lt></range>
- </package>
- <package>
- <name>cdrtools-cjk</name>
- <range><lt>2.0.3.20030714_4</lt></range>
- </package>
- <package>
- <name>cdrtools-devel</name>
- <range><lt>2.01a38</lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>Max Vozeler found a flaw in in cdrecord allowing a local root exploit</p>
- </body>
- </description>
- <references>
- <url>ftp://ftp.berlios.de/pub/cdrecord/alpha/AN-2.01a38</url>
- <url>http://www.osvdb.org/9395</url>
- <cvename>CAN-2004-0806</cvename>
- <mlist msgid="E1C0yA3-0002cc-00@newraff.debian.org">http://lists.debian.org/debian-devel-changes/2004/08/msg03421.html</mlist>
- <bid>11075</bid>
- <url>http://secunia.com/advisories/12481</url>
- </references>
- <dates>
- <discovery>2004-08-28</discovery>
- <entry>2004-08-30</entry>
- </dates>
- </vuln>
-</vuxml>
diff --git a/security/portaudit-db/database/portaudit2vuxml.pl b/security/portaudit-db/database/portaudit2vuxml.pl
deleted file mode 100644
index d352bb2f8661..000000000000
--- a/security/portaudit-db/database/portaudit2vuxml.pl
+++ /dev/null
@@ -1,149 +0,0 @@
-#!/usr/bin/perl -w
-#
-# Copyright (c) 2004 Oliver Eikemeier. All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are
-# met:
-#
-# 1. Redistributions of source code must retain the above copyright notice
-# this list of conditions and the following disclaimer.
-#
-# 2. Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in the
-# documentation and/or other materials provided with the distribution.
-#
-# 3. Neither the name of the author nor the names of its contributors may be
-# used to endorse or promote products derived from this software without
-# specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
-# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
-# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-#
-# $FreeBSD$
-#
-# portaudit to VuXML converter, use with
-# portaudit2vuxml.pl <uuid>
-# and edit the entry to suit your needs.
-#
-
-require 5.005;
-use strict;
-use Cwd 'abs_path';
-
-my $portsdir = $ENV{PORTSDIR} ? $ENV{PORTSDIR} : '/usr/ports';
-
-my $portauditdb = "$portsdir/security/portaudit-db/database/portaudit.txt";
-
-my $uuid = $ARGV[0];
-
-$#ARGV == 0 && $uuid =~ /^[0-9a-f]{8}(?:-[0-9a-f]{4}){4}[0-9a-f]{8}$/
- or die "usage: $0 $uuid <uuid>\n";
-
-my $today=`date -u +%Y-%m-%d`;
-chomp $today;
-
-my @pkg;
-my $url;
-my $topic;
-
-open PORTAUDITDB, "<$portauditdb"
- or die "Can't open $portauditdb: $!\n";
-
-while (<PORTAUDITDB>) {
- chomp;
- next if /^(?:#|$)/;
- my @line = split /\|/;
- next if $#line < 3 || $line[3] ne $uuid;
- push @pkg, $line[0];
- $url = $line[1];
- $topic = $line[2];
-}
-
-close PORTAUDITDB;
-
-$url =~ s/</&lt;/g;
-$url =~ s/>/&gt;/g;
-$url =~ s/&/&amp;/g;
-
-$topic =~ s/</&lt;/g;
-$topic =~ s/>/&gt;/g;
-$topic =~ s/&/&amp;/g;
-
-my %oper = (
- '<' => 'lt',
- '<=' => 'le',
- '=' => 'eq',
- '>=' => 'ge',
- '>' => 'gt'
-);
-
-if (@pkg) {
- print " <vuln vid=\"$uuid\">\n";
- print " <topic>$topic</topic>\n";
- print " <affects>\n";
- foreach (@pkg) {
- my @vers = split /((?:<|>)=?|=)/;
- my $pkgname = shift @vers;
- print " <package>\n";
- print " <name>$pkgname</name>\n";
- if (@vers) {
- print " <range>";
- while (@vers) {
- my $op = $oper{shift @vers};
- my $v = shift @vers;
- print "<$op>$v</$op>";
- }
- print "</range>\n";
- }
- print " </package>\n";
- }
- print " </affects>\n";
-
- print " <description>\n";
- print " <body xmlns=\"http://www.w3.org/1999/xhtml\">\n";
- print " <p>Please <a href=\"mailto:security\@FreeBSD.org?subject=vid%20$uuid\">contact\n";
- print " the FreeBSD Security Team</a> for more information.</p>\n";
- print " </body>\n";
- print " </description>\n";
- print " <references>\n";
-
- foreach (split ' ', $url) {
- if (m'^http://cve\.mitre\.org/cgi-bin/cvename\.cgi\?name=(.+)$') {
- print " <cvename>$1</cvename>\n"
- }
- elsif (m'^(http://www\.securityfocus\.com/archive/.+)$') {
- print " <mlist>$1</mlist>\n"
- }
- elsif (m'^http://www\.securityfocus\.com/bid/(.+)$') {
- print " <bid>$1</bid>\n"
- }
- elsif (m'^(http://(?:article\.gmane\.org|lists\.netsys\.com|marc\.theaimsgroup\.com)/.+)$') {
- print " <mlist>$1</mlist>\n"
- }
- elsif (m'^http://www\.kb\.cert\.org/vuls/id/(.+)$') {
- print " <certvu>$1</certvu>\n"
- }
- elsif (m'^http://www\.cert\.org/advisories/(.+)\.html$') {
- print " <certsa>$1</certsa>\n"
- }
- else {
- print " <url>$_</url>\n";
- }
- }
-
- print " </references>\n";
- print " <dates>\n";
- print " <discovery>2000-00-00</discovery>\n";
- print " <entry>$today</entry>\n";
- print " </dates>\n";
- print " </vuln>\n";
-}
diff --git a/security/portaudit-db/files/packaudit.conf b/security/portaudit-db/files/packaudit.conf
deleted file mode 100644
index 6b952effc14f..000000000000
--- a/security/portaudit-db/files/packaudit.conf
+++ /dev/null
@@ -1,9 +0,0 @@
-#
-# $FreeBSD$
-#
-# packaudit.conf sample file
-#
-
-# avoid network access
-export SGML_CATALOG_FILES="%%LOCALBASE%%/share/xml/catalog"
-XSLTPROC_EXTRA_ARGS="--catalogs --nonet"
diff --git a/security/portaudit-db/files/packaudit.sh b/security/portaudit-db/files/packaudit.sh
deleted file mode 100644
index 4d0e245da6a8..000000000000
--- a/security/portaudit-db/files/packaudit.sh
+++ /dev/null
@@ -1,142 +0,0 @@
-#!/bin/sh -e
-#
-# Copyright (c) 2004 Oliver Eikemeier. All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are
-# met:
-#
-# 1. Redistributions of source code must retain the above copyright notice
-# this list of conditions and the following disclaimer.
-#
-# 2. Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in the
-# documentation and/or other materials provided with the distribution.
-#
-# 3. Neither the name of the author nor the names of its contributors may be
-# used to endorse or promote products derived from this software without
-# specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
-# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
-# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-#
-# $FreeBSD$
-#
-
-AWK=/usr/bin/awk
-BASENAME=/usr/bin/basename
-CAT=/bin/cat
-DATE=/bin/date
-ENV=/usr/bin/env
-MD5=/sbin/md5
-MKDIR="/bin/mkdir -p"
-MKTEMP=/usr/bin/mktemp
-RM=/bin/rm
-SED=/usr/bin/sed
-TAR=/usr/bin/tar
-XSLTPROC=%%LOCALBASE%%/bin/xsltproc
-
-PORTSDIR="${PORTSDIR:-%%PORTSDIR%%}"
-VUXMLDIR="${VUXMLDIR:-$PORTSDIR/security/vuxml}"
-PORTAUDITDBDIR="${PORTAUDITDBDIR:-$PORTSDIR/security/portaudit-db}"
-
-DATABASEDIR="${DATABASEDIR:-%%DATABASEDIR%%}"
-
-STYLESHEET="%%DATADIR%%/vuxml2portaudit.xslt"
-
-PUBLIC_HTML="${PUBLIC_HTML:-$HOME/public_html/portaudit}"
-HTMLSHEET="%%DATADIR%%/vuxml2html.xslt"
-BASEURL="${BASEURL:-http://www.freebsd.org/ports/portaudit/}"
-
-PORTAUDIT2VUXML="%%DATADIR%%/portaudit2vuxml.awk"
-
-[ -d "$DATABASEDIR" ] || $MKDIR "$DATABASEDIR"
-
-if [ ! -w "$DATABASEDIR" ]; then
- echo "$DATABASEDIR is not writable by you, exiting."
- exit 1
-fi
-
-TMPNAME=`$BASENAME "$0"`
-
-VULVER=`$SED -En -e '/^.*\\$FreeBSD\: [^$ ]+,v ([0-9]+(\.[0-9]+)+) [^$]+\\$.*$/{s//\1/p;q;}' "$VUXMLDIR/vuln.xml"`
-VULURL="http://cvsweb.freebsd.org/ports/security/vuxml/vuln.xml?rev=$VULVER"
-
-[ -r "%%PREFIX%%/etc/packaudit.conf" ] && . "%%PREFIX%%/etc/packaudit.conf"
-
-if [ -d "$PUBLIC_HTML" -a -w "$PUBLIC_HTML" ]; then
- VULNMD5=`$CAT "$VUXMLDIR/vuln.xml" "$PORTAUDITDBDIR/database/portaudit.xml" "$PORTAUDITDBDIR/database/portaudit.txt" | $MD5`
- if [ -f "$PUBLIC_HTML/portaudit.md5" ]; then
- VULNMD5_OLD=`$CAT "$PUBLIC_HTML/portaudit.md5"`
- fi
- if [ "$VULNMD5" != "$VULNMD5_OLD" ]; then
- echo -n "$VULNMD5" > "$PUBLIC_HTML/portaudit.md5"
- TMPXML=`$MKTEMP -t "$TMPNAME.$$"` || exit 1
- $PORTAUDIT2VUXML "$PORTAUDITDBDIR/database/portaudit.txt" "$PORTAUDITDBDIR/database/portaudit.xml" > "$TMPXML"
- $XSLTPROC $XSLTPROC_EXTRA_ARGS --stringparam vulurl "$VULURL" --stringparam extradoc "$TMPXML" \
- -o "$PUBLIC_HTML/" "$HTMLSHEET" "$VUXMLDIR/vuln.xml"
- $RM "$TMPXML"
- fi
-fi
-
-TMPDIR=`$MKTEMP -d -t "$TMPNAME.$$"` || exit 1
-
-TESTPORT="vulnerability-test-port>=2000<`$DATE -u +%Y.%m.%d`"
-TESTURL="http://cvsweb.freebsd.org/ports/security/vulnerability-test-port/"
-TESTREASON="Not vulnerable, just a test port (database: `$DATE -u +%Y-%m-%d`)"
-
-XLIST_FILE="$PORTAUDITDBDIR/database/portaudit.xlist"
-
-cd "$TMPDIR" || exit 1
-{
- $DATE -u "+#CREATED: %Y-%m-%d %H:%M:%S"
- echo "# Created by packaudit %%PORTVERSION%%"
- echo "$TESTPORT|$TESTURL|$TESTREASON"
- echo "# Please refer to the original document for copyright information:"
- echo "# $VULURL"
- $XSLTPROC $XSLTPROC_EXTRA_ARGS --stringparam baseurl "$BASEURL" "$STYLESHEET" "$VUXMLDIR/vuln.xml" \
- | $AWK -F\| -v XLIST_FILE="$XLIST_FILE" '
- BEGIN {
- while((getline < XLIST_FILE) > 0)
- if(!/^(#|$)/)
- ignore[$1]=1
- }
- /^(#|$)/ || !($4 in ignore) {
- print
- }
- '
- echo "# This part is in the public domain"
- $XSLTPROC $XSLTPROC_EXTRA_ARGS --stringparam baseurl "$BASEURL" "$STYLESHEET" "$PORTAUDITDBDIR/database/portaudit.xml"
- $AWK -F\| '
- /^(#|$)/ {
- print
- next
- }
- {
- if ($4)
- print $1 FS "'"$BASEURL"'" $4 ".html" FS $3 FS $4
- else
- print
- }
- ' "$PORTAUDITDBDIR/database/portaudit.txt"
-} | $AWK -F\| -v XLIST_FILE="$XLIST_FILE" '
- /^(#|$)/ {
- print
- next
- }
- {
- print $1 "|" $2 "|" $3
- }
-' > auditfile
-echo "#CHECKSUM: MD5 `$MD5 < auditfile`" >> auditfile
-$TAR -jcf "$DATABASEDIR/auditfile.tbz" auditfile
-cd
-$RM -Rf "$TMPDIR"
diff --git a/security/portaudit-db/files/portaudit2vuxml.awk b/security/portaudit-db/files/portaudit2vuxml.awk
deleted file mode 100644
index c02929077d0a..000000000000
--- a/security/portaudit-db/files/portaudit2vuxml.awk
+++ /dev/null
@@ -1,95 +0,0 @@
-#!/usr/bin/awk -f
-
- BEGIN {
- XMLFILE=ARGV[2]
- delete ARGV[2]
- while (getline < XMLFILE) {
- if (/<\/vuxml>/)
- break
- print
- }
- XML=$0
- FS="|"
- }
-
- /^(#|$)/ { next }
-
- {
- if (PKG[$4])
- PKG[$4]=PKG[$4] FS $1
- else
- PKG[$4]=$1
- gsub(/</, "&lt;")
- gsub(/>/, "&gt;")
- gsub(/&/, "&amp;")
- URL[$4]=$2
- TOPIC[$4]=$3
- }
-
- END {
- OPN["<"]="lt"
- OPN["<="]="le"
- OPN["="]="eq"
- OPN[">="]="ge"
- OPN[">"]="gt"
-
- for (UUID in PKG) {
- print " <vuln vid=\"" UUID "\">"
- print " <topic>" TOPIC[UUID] "</topic>"
-
- print " <affects>"
- split(PKG[UUID], APKG)
- for (TPKG in APKG) {
- VERS=APKG[TPKG]
- print " <package>"
- if (match(VERS, /(<|>)=?|=/) > 0) {
- print " <name>" substr(VERS, 1, RSTART-1) "</name>"
- printf " <range>"
- do {
- OP=substr(VERS, RSTART, RLENGTH)
- LEN=length(VERS)
- VERS=substr(VERS, RSTART+RLENGTH, LEN+1-RSTART-RLENGTH)
- NEXTRANGE=match(VERS, /(<|>)=?|=/)
- if (NEXTRANGE > 0)
- printf "<%s>%s</%s>", OPN[OP], substr(VERS, 1, RSTART-1), OPN[OP]
- else
- printf "<%s>%s</%s>", OPN[OP], VERS, OPN[OP]
- } while (NEXTRANGE > 0)
- printf "</range>\n"
- }
- else {
- print " <name>" VERS "</name>"
- }
- print " </package>"
- }
- print " </affects>"
-
- print " <description>"
- print " <body xmlns=\"http://www.w3.org/1999/xhtml\">"
- print " <p>Please <a href=\"mailto:security@FreeBSD.org?subject=vid%20" UUID "\">contact"
- print " the FreeBSD Security Team</a> for more information.</p>"
- print " </body>"
- print " </description>"
- print " <references>"
-
- split(URL[UUID], URLS, / /)
- for (U in URLS) {
- if (!URLS[U])
- continue
- print " <url>" URLS[U] "</url>"
- }
-
- print " </references>"
- print " <dates>"
- print " <discovery>2000-00-00</discovery>"
- print " <entry>2000-00-00</entry>"
- print " </dates>"
- print " </vuln>"
- print ""
- }
- print XML
- while (getline < XMLFILE) {
- print
- }
- close(XMLFILE)
- }
diff --git a/security/portaudit-db/files/vuxml2html.xslt b/security/portaudit-db/files/vuxml2html.xslt
deleted file mode 100644
index 2c892170292a..000000000000
--- a/security/portaudit-db/files/vuxml2html.xslt
+++ /dev/null
@@ -1,329 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- $FreeBSD$
-
-Copyright (c) 2004 Oliver Eikemeier. All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
-
-1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
-2. Redistributions in binary form must reproduce the above copyright notice,
- this list of conditions and the following disclaimer in the documentation
- and/or other materials provided with the distribution.
-3. Neither the name of the author nor the names of its contributors may be
- used to endorse or promote products derived from this software without
- specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
-INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
-FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
-PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
-LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
-NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
-EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-
-VuXML to HTML converter.
-
-Usage:
- xsltproc -o html/ vuxml2html.xslt vuxml.xml
-
--->
-<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:xhtml="http://www.w3.org/1999/xhtml" xmlns:vuxml="http://www.vuxml.org/apps/vuxml-1" xmlns="http://www.w3.org/1999/xhtml" exclude-result-prefixes="xhtml vuxml" version="1.0">
- <xsl:output method="xml"/>
- <xsl:strip-space elements="vuxml:affects vuxml:package vuxml:name vuxml:range" />
-<!-- whole vuxml file -->
- <xsl:template match="vuxml:vuxml">
-<!-- index page, xhtml strict -->
- <xsl:document href="index.html" method="xml" indent="yes" encoding="UTF-8" doctype-public="-//W3C//DTD XHTML 1.0 Strict//EN" doctype-system="http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
- <head>
- <title>portaudit: Vulnerability list</title>
- <xsl:call-template name="css"/>
- </head>
- <body>
- <div>
- <xsl:call-template name="bar"/>
- </div>
- <h1>Vulnerabilities</h1>
- <table>
- <xsl:for-each select="vuxml:vuln | document($extradoc)/vuxml:vuxml/vuxml:vuln">
- <xsl:sort select="(vuxml:dates/vuxml:modified | vuxml:dates/vuxml:entry)[1]" order="descending"/>
- <tr>
- <td>
- <xsl:value-of select="(vuxml:dates/vuxml:modified | vuxml:dates/vuxml:entry)[1]"/>
- </td>
- <td>
- <a href="{translate(@vid, 'ABCDEF', 'abcdef')}.html">
- <xsl:value-of select="vuxml:topic"/>
- </a>
- </td>
- </tr>
- </xsl:for-each>
- </table>
- <p>
- <a href="index-pkg.html">[Sorted by package name]</a>
- </p>
- <xsl:call-template name="foo">
- <xsl:with-param name="vid">index</xsl:with-param>
- </xsl:call-template>
- </body>
- </html>
- </xsl:document>
-<!-- index page by packages, xhtml strict -->
- <xsl:document href="index-pkg.html" method="xml" indent="yes" encoding="UTF-8" doctype-public="-//W3C//DTD XHTML 1.0 Strict//EN" doctype-system="http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
- <head>
- <title>portaudit: Vulnerability list by packages</title>
- <xsl:call-template name="css"/>
- </head>
- <body>
- <div>
- <xsl:call-template name="bar"/>
- </div>
- <h1>Vulnerabilities</h1>
- <table>
- <xsl:for-each select="//vuxml:affects/vuxml:package/vuxml:name | document($extradoc)//vuxml:affects/vuxml:package/vuxml:name">
- <xsl:sort select="translate(., 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz')"/>
- <xsl:sort select="(ancestor-or-self::vuxml:vuln/vuxml:dates/vuxml:modified | ancestor-or-self::vuxml:vuln/vuxml:dates/vuxml:entry)[1]" order="descending"/>
- <tr>
- <td>
- <xsl:value-of select="."/>
- </td>
- <td>
- <a href="{translate(ancestor-or-self::vuxml:vuln/@vid, 'ABCDEF', 'abcdef')}.html">
- <xsl:value-of select="ancestor-or-self::vuxml:vuln/vuxml:topic"/>
- </a>
- </td>
- </tr>
- </xsl:for-each>
- </table>
- <p>
- <a href="index.html">[Sorted by last modification]</a>
- </p>
- <xsl:call-template name="foo">
- <xsl:with-param name="vid">index</xsl:with-param>
- </xsl:call-template>
- </body>
- </html>
- </xsl:document>
-<!-- individual pages, xhtml strict -->
- <xsl:for-each select="vuxml:vuln | document($extradoc)/vuxml:vuxml/vuxml:vuln">
- <xsl:document href="{translate(@vid, 'ABCDEF', 'abcdef')}.html" method="xml" indent="yes" encoding="UTF-8" doctype-public="-//W3C//DTD XHTML 1.0 Strict//EN" doctype-system="http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
- <head>
- <xsl:choose>
- <xsl:when test="vuxml:cancelled">
- <title>portaudit: Cancelled entry</title>
- </xsl:when>
- <xsl:otherwise>
- <title>portaudit: <xsl:value-of select="vuxml:topic"/></title>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:call-template name="css"/>
- </head>
- <body>
- <div>
- <xsl:call-template name="bar"/>
- </div>
- <xsl:choose>
- <xsl:when test="vuxml:cancelled">
- <h1>
- Cancelled entry
- </h1>
- <xsl:if test="vuxml:cancelled/@superseded">
- <h2>References:</h2>
- <ul>
- <li>Superseded by <a href="./{vuxml:cancelled/@superseded}.html">entry
- <xsl:value-of select="vuxml:cancelled/@superseded"/></a></li>
- </ul>
- </xsl:if>
- </xsl:when>
- <xsl:otherwise>
- <h1>
- <xsl:value-of select="vuxml:topic"/>
- </h1>
- <h2>Description:</h2>
- <xsl:copy-of select="vuxml:description/xhtml:body/*"/>
- <h2>References:</h2>
- <ul>
- <xsl:apply-templates select="vuxml:references"/>
- </ul>
- <h2>Affects:</h2>
- <ul>
- <xsl:for-each select="vuxml:affects/vuxml:package">
- <xsl:for-each select="vuxml:name">
- <xsl:variable name="name" select="."/>
- <xsl:for-each select="../vuxml:range">
- <li>
- <xsl:value-of select="$name"/>
- <xsl:apply-templates/>
- </li>
- </xsl:for-each>
- </xsl:for-each>
- </xsl:for-each>
- <xsl:for-each select="vuxml:affects/vuxml:system">
- <xsl:for-each select="vuxml:name">
- <xsl:variable name="name" select="."/>
- <xsl:for-each select="../vuxml:range">
- <li>
- <xsl:value-of select="$name"/>
- <xsl:apply-templates/>
- </li>
- </xsl:for-each>
- </xsl:for-each>
- </xsl:for-each>
- </ul>
- <title>portaudit: <xsl:value-of select="vuxml:topic"/></title>
- </xsl:otherwise>
- </xsl:choose>
-
- <xsl:call-template name="foo">
- <xsl:with-param name="vid" select="@vid"/>
- </xsl:call-template>
- </body>
- </html>
- </xsl:document>
- </xsl:for-each>
-<!-- end of vuxml file processing -->
- </xsl:template>
-<!-- vulnerability references -->
- <xsl:template match="vuxml:bid">
- <li>BugTraq ID <a href="http://www.securityfocus.com/bid/{.}"><xsl:value-of select="."/></a></li>
- </xsl:template>
- <xsl:template match="vuxml:certsa">
- <li>CERT security advisory <a href="http://www.cert.org/advisories/{.}.html"><xsl:value-of select="."/></a></li>
- </xsl:template>
- <xsl:template match="vuxml:certvu">
- <li>CERT vulnerability note <a href="http://www.kb.cert.org/vuls/id/{.}"><xsl:value-of select="."/></a></li>
- </xsl:template>
- <xsl:template match="vuxml:cvename">
- <li>CVE name <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name={.}"><xsl:value-of select="."/></a></li>
- </xsl:template>
- <xsl:template match="vuxml:freebsdsa">
- <li>FreeBSD security advisory <a href="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-{.}.asc">FreeBSD-<xsl:value-of select="."/></a></li>
- </xsl:template>
- <xsl:template match="vuxml:freebsdpr">
- <li>FreeBSD PR <a href="http://www.freebsd.org/cgi/query-pr.cgi?pr={.}"><xsl:value-of select="."/></a></li>
- </xsl:template>
- <xsl:template match="vuxml:mlist">
- <li>List post: <a href="{.}">&lt;<xsl:value-of select="."/>&gt;</a>
- <xsl:if test="@msgid"><a href="http://www.google.com/search?q={@msgid}">(search)</a></xsl:if>
- </li>
- </xsl:template>
- <xsl:template match="vuxml:url">
- <li>URL: <a href="{.}">&lt;<xsl:value-of select="."/>&gt;</a></li>
- </xsl:template>
- <xsl:template match="vuxml:uscertsa">
- <li>US-CERT security alert <a href="http://www.us-cert.gov/cas/alerts/{.}.html"><xsl:value-of select="."/></a></li>
- </xsl:template>
- <xsl:template match="vuxml:uscertta">
- <li>US-CERT technical security alert <a href="http://www.us-cert.gov/cas/techalerts/{.}.html"><xsl:value-of select="."/></a></li>
- </xsl:template>
-<!-- comparison operators -->
- <xsl:template match="vuxml:lt">
- <xsl:text> &lt;</xsl:text>
- <xsl:value-of select="text()"/>
- </xsl:template>
- <xsl:template match="vuxml:le">
- <xsl:text> &lt;=</xsl:text>
- <xsl:value-of select="text()"/>
- </xsl:template>
- <xsl:template match="vuxml:gt">
- <xsl:text> &gt;</xsl:text>
- <xsl:value-of select="text()"/>
- </xsl:template>
- <xsl:template match="vuxml:ge">
- <xsl:text> &gt;=</xsl:text>
- <xsl:value-of select="text()"/>
- </xsl:template>
- <xsl:template match="vuxml:eq">
- <xsl:text> =</xsl:text>
- <xsl:value-of select="text()"/>
- </xsl:template>
-<!-- style sheet -->
- <xsl:template name="css">
- <link rel="shortcut icon" href="http://www.freebsd.org/favicon.ico" type="image/x-icon"/>
- <style type="text/css">
- <xsl:comment>
- <xsl:text>
- body {
- background-color : #ffffff;
- color : #000000;
- }
-
- a:link { color: #0000ff }
- a:visited { color: #840084 }
- a:active { color: #0000ff }
-
- h1 { color: #990000 }
-
- img { color: white; border:none }
-
- table {
- border: none;
- margin-top: 10px;
- margin-bottom: 10px;
- }
-
- th {
- text-align: left;
- padding: 3px;
- border: none;
- vertical-align: top;
- }
-
- td {
- padding: 3px;
- border: none;
- vertical-align: top;
- }
-
- tr.odd {
- background: #eeeeee;
- color: inherit;
- }
- </xsl:text>
- </xsl:comment>
- </style>
- </xsl:template>
-<!-- xhtml elements -->
- <xsl:template name="bar">
- <img src="http://www.freebsd.org/gifs/bar.gif" alt="Navigation Bar" height="33" width="565" usemap="#bar"/>
- <map id="bar" name="bar">
- <area shape="rect" coords="1,1,111,33" href="http://www.freebsd.org/" alt="Top"/>
- <area shape="rect" coords="112,16,196,33" href="http://www.freebsd.org/ports/index.html" alt="Applications"/>
- <area shape="rect" coords="197,16,256,33" href="http://www.freebsd.org/support.html" alt="Support"/>
- <area shape="rect" coords="257,16,365,33" href="http://www.freebsd.org/docs.html" alt="Documentation"/>
- <area shape="rect" coords="366,16,424,33" href="http://www.freebsd.org/commercial/commercial.html" alt="Vendors"/>
- <area shape="rect" coords="425,16,475,33" href="http://www.freebsd.org/search/search.html" alt="Search"/>
- <area shape="rect" coords="476,16,516,33" href="http://www.freebsd.org/search/index-site.html" alt="Index"/>
- <area shape="rect" coords="517,16,565,33" href="http://www.freebsd.org/" alt="Top"/>
- <area shape="rect" coords="0,0,565,33" href="http://www.freebsd.org/" alt="Top"/>
- </map>
- </xsl:template>
- <xsl:template name="foo">
- <xsl:param name="vid"/>
- <hr/>
- <p><strong>Disclaimer:</strong> The data contained on this page is derived from the VuXML document,
- please refer to the <a href="{$vulurl}">the original document</a> for copyright information. The author of
- portaudit makes no claim of authorship or ownership of any of the information contained herein.</p>
- <p>
- If you have found a vulnerability in a FreeBSD port not listed in the
- database, please <a href="mailto:security@FreeBSD.org?subject=vid%20{$vid}">contact
- the FreeBSD Security Team</a>. Refer to
- <a href="http://www.freebsd.org/security/#how">"FreeBSD Security
- Information"</a> for more information.
- </p>
- <hr/>
- <address title="Oliver Eikemeier">
- Oliver Eikemeier <a href="mailto:eik@FreeBSD.org?subject=portaudit">&lt;eik@FreeBSD.org&gt;</a>
- </address>
- </xsl:template>
-</xsl:stylesheet>
diff --git a/security/portaudit-db/files/vuxml2portaudit.xslt b/security/portaudit-db/files/vuxml2portaudit.xslt
deleted file mode 100644
index 60beed5ec52e..000000000000
--- a/security/portaudit-db/files/vuxml2portaudit.xslt
+++ /dev/null
@@ -1,92 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- $FreeBSD$
-
-Copyright (c) 2004 Oliver Eikemeier. All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
-
-1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
-2. Redistributions in binary form must reproduce the above copyright notice,
- this list of conditions and the following disclaimer in the documentation
- and/or other materials provided with the distribution.
-3. Neither the name of the author nor the names of its contributors may be
- used to endorse or promote products derived from this software without
- specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
-INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
-FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
-PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
-LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
-NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
-EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-
-VuXML to portaudit database converter.
-
-Usage:
- xsltproc -o auditfile vuxml2portaudit.xslt vuxml.xml
-
--->
-<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:vuxml="http://www.vuxml.org/apps/vuxml-1" version="1.0">
- <xsl:output method="text"/>
- <xsl:variable name="newline">
- <xsl:text>&#010;</xsl:text>
- </xsl:variable>
-<!-- xxx -->
- <xsl:strip-space elements="vuxml:affects vuxml:package vuxml:name vuxml:range"/>
- <xsl:template match="/">
- <xsl:text># Converted by vuxml2portaudit
-</xsl:text>
- <xsl:for-each select="vuxml:vuxml/vuxml:vuln">
- <xsl:variable name="topic" select="normalize-space(vuxml:topic)"/>
- <xsl:variable name="vid" select="translate(@vid, 'ABCDEF', 'abcdef')"/>
- <xsl:for-each select="vuxml:affects/vuxml:package">
- <xsl:for-each select="vuxml:name">
- <xsl:variable name="name" select="."/>
- <xsl:for-each select="../vuxml:range">
- <xsl:value-of select="$name"/>
- <xsl:apply-templates/>
- <xsl:text>|</xsl:text>
- <xsl:value-of select="$baseurl"/>
- <xsl:value-of select="$vid"/>
- <xsl:text>.html</xsl:text>
- <xsl:text>|</xsl:text>
- <xsl:value-of select="$topic"/>
- <xsl:text>|</xsl:text>
- <xsl:value-of select="$vid"/>
- <xsl:value-of select="$newline"/>
- </xsl:for-each>
- </xsl:for-each>
- </xsl:for-each>
- </xsl:for-each>
- </xsl:template>
-<!-- xxx -->
- <xsl:template match="vuxml:lt">
- <xsl:text>&lt;</xsl:text>
- <xsl:value-of select="text()"/>
- </xsl:template>
- <xsl:template match="vuxml:le">
- <xsl:text>&lt;=</xsl:text>
- <xsl:value-of select="text()"/>
- </xsl:template>
- <xsl:template match="vuxml:gt">
- <xsl:text>&gt;</xsl:text>
- <xsl:value-of select="text()"/>
- </xsl:template>
- <xsl:template match="vuxml:ge">
- <xsl:text>&gt;=</xsl:text>
- <xsl:value-of select="text()"/>
- </xsl:template>
- <xsl:template match="vuxml:eq">
- <xsl:text>=</xsl:text>
- <xsl:value-of select="text()"/>
- </xsl:template>
-</xsl:stylesheet>
diff --git a/security/portaudit-db/pkg-descr b/security/portaudit-db/pkg-descr
deleted file mode 100644
index 85b315a9d87b..000000000000
--- a/security/portaudit-db/pkg-descr
+++ /dev/null
@@ -1,16 +0,0 @@
-In contrast to security/portaudit, which is designed to be an
-install-and-forget solution, portaudit-db requires a current
-ports tree and generates a database that can be used locally
-or distributed over a network.
-
-Furthermore committers that want to add entries to the VuXML
-database may use this port to check their changes locally.
-It also features a file `database/portaudit.txt' where UUIDs
-for vulnerabilities can be allocated before they have been
-investigated thoroughly and moved to the VuXML database by
-the security officer team.
-
-Call `packaudit' after upgrading your ports tree.
-
-WWW: http://people.freebsd.org/~eik/portaudit/
-Oliver Eikemeier <eik@FreeBSD.org>
diff --git a/security/portaudit-db/pkg-plist b/security/portaudit-db/pkg-plist
deleted file mode 100644
index 46e9b0674f4c..000000000000
--- a/security/portaudit-db/pkg-plist
+++ /dev/null
@@ -1,8 +0,0 @@
-bin/packaudit
-etc/packaudit.conf.sample
-%%DATADIR%%/portaudit2vuxml.awk
-%%DATADIR%%/vuxml2html.xslt
-%%DATADIR%%/vuxml2portaudit.xslt
-@dirrm %%DATADIR%%
-@exec mkdir -p %%DATABASEDIR%%
-@unexec rmdir %%DATABASEDIR%% 2>/dev/null || true
diff --git a/security/portaudit/Makefile b/security/portaudit/Makefile
deleted file mode 100644
index 8d585f433cba..000000000000
--- a/security/portaudit/Makefile
+++ /dev/null
@@ -1,82 +0,0 @@
-# New ports collection makefile for: portaudit
-# Date created: 25 Jan 2004
-# Whom: Oliver Eikemeier
-#
-# $FreeBSD$
-#
-
-PORTNAME= portaudit
-PORTVERSION= 0.5.11
-CATEGORIES= security
-DISTFILES=
-
-MAINTAINER= secteam@FreeBSD.org
-COMMENT= Checks installed ports against a list of security vulnerabilities
-
-MAN1= portaudit.1
-
-PERIODICDIR?= ${PREFIX}/etc/periodic
-DATABASEDIR?= /var/db/portaudit
-
-PKGREQ= ${WRKDIR}/pkg-req
-PKGINSTALL= ${WRKDIR}/pkg-install
-PKGDEINSTALL= ${WRKDIR}/pkg-deinstall
-
-PLIST_SUB+= PERIODICDIR="${PERIODICDIR:S,^${PREFIX}/,,}" \
- DATABASEDIR="${DATABASEDIR}"
-
-REQPKGVER= 20040623
-
-SED_SCRIPT= -e 's|%%PREFIX%%|${PREFIX}|g' \
- -e 's|%%LOCALBASE%%|${LOCALBASE}|g' \
- -e "s|%%PORTSDIR%%|${PORTSDIR}|g" \
- -e "s|%%INDEXFILE%%|${INDEXFILE}|g" \
- -e "s|%%DATABASEDIR%%|${DATABASEDIR}|g" \
- -e "s|%%PORTVERSION%%|${PORTVERSION}|g" \
- -e "s|%%REQPKGVER%%|${REQPKGVER}|g" \
- -e "s|%%BZIP2_CMD%%|${BZIP2_CMD}|g" \
-
-.include <bsd.port.pre.mk>
-
-.if !defined(DFOSVERSION)
-.if ${OSVERSION} < 491101 || ${OSVERSION} >= 500000 && ${OSVERSION} < 502120
-RUN_DEPENDS= ${LOCALBASE}/sbin/pkg_info:${PORTSDIR}/sysutils/pkg_install-devel
-.endif
-.else
-.if ${DFOSVERSION} < 110000
-RUN_DEPENDS= ${LOCALBASE}/sbin/pkg_info:${PORTSDIR}/sysutils/pkg_install-devel
-.endif
-.endif
-
-.if defined(BZIP2DEPENDS)
-RUN_DEPENDS+= bzip2:${PORTSDIR}/archivers/bzip2
-.endif
-
-do-build:
-.for f in portaudit-cmd.sh portaudit.sh portaudit.1 portaudit.conf
- @${SED} ${SED_SCRIPT} ${FILESDIR}/${f} >${WRKDIR}/${f}
-.endfor
-
-post-build:
-.for f in pkg-req pkg-install pkg-deinstall
- @${SED} ${SED_SCRIPT} ${PKGDIR}/${f} >${WRKDIR}/${f}
-.endfor
-
-pre-install:
-.if !defined(PACKAGE_BUILDING)
- @${SETENV} "PKG_PREFIX=${PREFIX}" ${SH} ${PKGREQ} ${PKGNAME} INSTALL
-.endif
- @${SETENV} "PKG_PREFIX=${PREFIX}" ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
-
-do-install:
- @${INSTALL_SCRIPT} ${WRKDIR}/portaudit-cmd.sh ${PREFIX}/sbin/portaudit
- @${INSTALL_DATA} ${WRKDIR}/portaudit.conf ${PREFIX}/etc/portaudit.conf.sample
- @${INSTALL_MAN} ${WRKDIR}/portaudit.1 ${MAN1PREFIX}/man/man1
- @${MKDIR} ${PERIODICDIR}/security
- @${INSTALL_SCRIPT} ${WRKDIR}/portaudit.sh ${PERIODICDIR}/security/410.portaudit
- @${MKDIR} ${DATABASEDIR}
-
-post-install:
- @${SETENV} "PKG_PREFIX=${PREFIX}" ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
-
-.include <bsd.port.post.mk>
diff --git a/security/portaudit/files/portaudit-cmd.sh b/security/portaudit/files/portaudit-cmd.sh
deleted file mode 100644
index 4a303698ce4c..000000000000
--- a/security/portaudit/files/portaudit-cmd.sh
+++ /dev/null
@@ -1,478 +0,0 @@
-#!/bin/sh -efu
-#
-# Copyright (c) 2004 Oliver Eikemeier. All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are
-# met:
-#
-# 1. Redistributions of source code must retain the above copyright notice
-# this list of conditions and the following disclaimer.
-#
-# 2. Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in the
-# documentation and/or other materials provided with the distribution.
-#
-# 3. Neither the name of the author nor the names of its contributors may be
-# used to endorse or promote products derived from this software without
-# specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
-# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
-# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-#
-# $FreeBSD$
-#
-
-portaudit_confs()
-{
- : ${portaudit_dir="%%DATABASEDIR%%"}
- : ${portaudit_filename="auditfile.tbz"}
-
- : ${portaudit_fetch_env=""}
- : ${portaudit_fetch_cmd="fetch -1mp"}
-
- : ${portaudit_sites="http://www.FreeBSD.org/ports/"}
-
- : ${portaudit_fixed=""}
-
- if [ -r %%PREFIX%%/etc/portaudit.conf ]; then
- . %%PREFIX%%/etc/portaudit.conf
- fi
-}
-
-extract_auditfile()
-{
- %%BZIP2_CMD%% -dc -- "$portaudit_dir/$portaudit_filename" | \
- tar -xOf - auditfile
-}
-
-checksum_auditfile()
-{
- chksum1=`extract_auditfile |
- sed -nE -e '$s/^#CHECKSUM: *MD5 *([0-9a-f]{32})$/\1/p'`
- chksum2=`extract_auditfile | sed -e '$d' | md5`
- [ "$chksum1" = "$chksum2" ];
-}
-
-getcreated_auditfile()
-{
- extract_auditfile |
- sed -nE -e '1s/^#CREATED: *([0-9]{4})-?([0-9]{2})-?([0-9]{2}) *([0-9]{2}):?([0-9]{2}):?([0-9]{2}).*$/\1-\2-\3 \4:\5:\6/p'
-}
-
-gettimestamp_auditfile()
-{
- extract_auditfile |
- sed -nE -e '1s/^#CREATED: *([0-9]{4})-?([0-9]{2})-?([0-9]{2}).*$/\1\2\3/p'
-}
-
-checkexpiry_auditfile()
-{
- created=`gettimestamp_auditfile`
- expiry=`date -u -v-$1d '+%Y%m%d'`
- [ "$created" -gt "$expiry" ];
-}
-
-portaudit_prerequisites()
-{
- if $prerequisites_checked; then
- return 0
- fi
-
- if [ -z "${pkg_info:-}" ]; then
- if [ -x "%%LOCALBASE%%/sbin/pkg_info" ]; then
- pkg_info="%%LOCALBASE%%/sbin/pkg_info"
- else
- pkg_info="/usr/sbin/pkg_info"
- fi
- fi
-
- if [ -z "${pkg_version:-}"]; then
- case "$pkg_info" in
- */*)
- pkg_version="${pkg_info%/*}/pkg_version";;
- *)
- pkg_version="pkg_version";;
- esac
- fi
-
- PKG_INSTALL_VER=`$pkg_info -qP 2>/dev/null`
- if [ -z "$PKG_INSTALL_VER" -o "$PKG_INSTALL_VER" -lt %%REQPKGVER%% ]; then
- echo "$pkg_info is too old, please update port sysutils/pkg_install-devel"
- return 1
- fi
-
- if [ ! -r "$portaudit_dir/$portaudit_filename" ]; then
- echo "portaudit: Database missing, run \`portaudit -F' to update." >&2
- return 2
- elif ! checksum_auditfile; then
- echo "portaudit: Corrupt database." >&2
- return 2
- elif ! checkexpiry_auditfile 14; then
- echo "portaudit: Database too old." >&2
- return 2
- fi
-
- prerequisites_checked=true
- return 0
-}
-
-audit_installed()
-{
- local rc=0
- local osversion=`sysctl -n kern.osreldate`
-
- fixedre=`echo -n $portaudit_fixed | tr -c '[:alnum:]- \t\n' 'x' | tr -s ' \t\n' '|'`
- installedre=`$pkg_info -aE | sed -e 's/-[^-]*$//g' | paste -s -d '|' -`
-
- extract_auditfile | awk -F\| "$PRINTAFFECTED_AWK"'
- BEGIN { vul=0; fixedre="'"$fixedre"'" }
- /^(#|\$)/ { next }
- $2 !~ /'"$opt_restrict"'/ { next }
- $1 ~ /^FreeBSD[<=>!]/ {
- if (fixedre && $2 ~ fixedre) next
- if (!system("'"$pkg_version"' -T \"FreeBSD-'"$osversion"'\" \"" $1 "\"")) {
- print_affected("FreeBSD-'"$osversion"'", \
- "To disable this check add the uuid to \`portaudit_fixed'"'"' in %%PREFIX%%/etc/portaudit.conf")
- }
- next
- }
- $1 ~ /^[^{}*?]*[<=>!]/ {
- if ($1 !~ "^('"$installedre"')[<=>!]") next;
- }
- {
- cmd="'"$pkg_info"' -E \"" $1 "\""
- while((cmd | getline pkg) > 0) {
- vul++
- print_affected(pkg, "")
- }
- close(cmd)
- }
- END {
- if ("'$opt_quiet'" == "false") {
- print vul " problem(s) in your installed packages found."
- }
- if (vul > 0) {
- if ("'$opt_quiet'" == "false") {
- print "\nYou are advised to update or deinstall" \
- " the affected package(s) immediately."
- }
- exit(1)
- }
- }
- ' || rc=$?
-
- return $rc
-}
-
-audit_file()
-{
- local rc=0
- local TMPFILE=
-
- case "$1" in
- -)
- TMPFILE=`mktemp -t portaudit`
- cat > "$TMPFILE"
- FILE="$TMPFILE"
- ;;
- http://*|ftp://*|https://*|file://*)
- echo "portaudit: Can't audit remote file $1" >&2
- return 2
- ;;
- *)
- if [ -r "$1" ]; then
- FILE="$1"
- else
- echo "portaudit: Can't read $1" >&2
- return 2
- fi
- ;;
- esac
-
- extract_auditfile | awk -F\| "$PRINTAFFECTED_AWK"'
- BEGIN { vul=0 }
- /^(#|\$)/ { next }
- {
- cmd="'"$pkg_version"' -T - \"" $1 "\" <\"'"$FILE"'\""
- while((cmd | getline pkg) > 0) {
- if ($2 !~ /'"$opt_restrict"'/)
- continue
- vul++
- print_affected(pkg, "")
- }
- close(cmd)
- }
- END {
- print vul " problem(s) found."
- if (vul > 0) {
- exit(1)
- }
- }
- ' || rc=$?
-
- if [ -n "$TMPFILE" ]; then
- rm "$TMPFILE"
- fi
- return $rc
-}
-
-audit_args()
-{
- local VULCNT=0
- while [ $# -gt 0 ]; do
- case "$1" in
- /*|-)
- echo "portaudit: $1 is a file, please use the -f option" >&2
- ;;
- http://*|ftp://*|https://*|file://*)
- echo "portaudit: Can't audit remote file $1" >&2
- ;;
- *)
- if VLIST=`extract_auditfile | awk -F\| '
- /^(#|\$)/ { next }
- $2 !~ /'"$opt_restrict"'/ { next }
- { print }
- ' | $pkg_version -T "$1" -`; then
- VULCNT=$(($VULCNT+1))
- echo "$VLIST" | awk -F\| "$PRINTAFFECTED_AWK"'
- { print_affected("'"$1"'", "") }
- '
- fi
- ;;
- esac
- shift
- done
- $opt_quiet || echo "$VULCNT problem(s) found."
- if [ $VULCNT -gt 0 ]; then
- return 1
- fi
-}
-
-audit_cwd()
-{
- if [ ! -r "Makefile" ]; then
- echo "portaudit: No Makefile here" >&2
- return 2
- fi
-
- PKGNAME=`make -VPKGNAME 2>/dev/null || true"`
-
- if [ -z "$PKGNAME" ]; then
- echo "portaudit: Can't determine the package name" >&2
- return 2
- fi
-
- if VLIST=`extract_auditfile | awk -F\| '
- /^(#|\$)/ { next }
- $2 !~ /'"$opt_restrict"'/ { next }
- { print }
- ' | $pkg_version -T "$PKGNAME" -`; then
- echo "$VLIST" | awk -F\| "$PRINTAFFECTED_AWK"'
- { print_affected("'"$PKGNAME"'", "") }
- '
- return 1
- fi
-}
-
-fetch_auditfile()
-{
- local rc=2
-
- if [ ! -d "$portaudit_dir" ]; then
- if ! mkdir -p "$portaudit_dir"; then
- echo "Couldn't create $portaudit_dir, try running \`portaudit -F' as root" >&2
- return 2
- fi
- fi
- if [ ! -w "$portaudit_dir" ]; then
- echo "Couldn't write to $portaudit_dir, try running \`portaudit -F' as root" >&2
- return 2
-
- fi
- cd "$portaudit_dir"
- if [ -r "$portaudit_filename" ]; then
- cp -f "$portaudit_filename" "$portaudit_filename.old"
- fi
-
- $opt_verbose && echo "Attempting to fetch from $portaudit_sites."
- urls=`echo "$portaudit_sites" | tr -s ' \t' '\n' | sed -E -e "s/?\$/$portaudit_filename"`
-
- if ! env $portaudit_fetch_env $portaudit_fetch_cmd $urls; then
- echo "Couldn't fetch database." >&2
- elif [ ! -f "$portaudit_dir/$portaudit_filename" ] ; then
- echo "portaudit: No database." >&2
- elif ! checksum_auditfile; then
- echo "portaudit: Database corrupt." >&2
- elif ! checkexpiry_auditfile 7; then
- echo "portaudit: Database too old." >&2
- else
- $opt_quiet || echo "New database installed."
- rc=0
- break
- fi
-
- if [ -f "$portaudit_filename.old" ]; then
- if [ $rc -eq 0 ]; then
- rm -f "$portaudit_filename.old"
- else
- mv -f "$portaudit_filename.old" "$portaudit_filename"
- $opt_quiet || echo "Old database restored."
- fi
- fi
- if [ -f "$portaudit_filename" ]; then
- chmod a=r "$portaudit_filename"
- fi
-
- return $rc
-}
-
-portaudit_confs
-
-opt_audit=false
-opt_auditcwd=false
-opt_dbversion=false
-opt_fetch=false
-opt_file=
-opt_quiet=false
-opt_restrict=
-opt_verbose=false
-opt_version=false
-opt_expiry=
-
-if [ $# -eq 0 ] ; then
- opt_audit=true
-fi
-
-while getopts aCdf:Fqr:vVX: opt; do
- case "$opt" in
- a)
- opt_audit=true;;
- C)
- opt_auditcwd=true;;
- d)
- opt_dbversion=true;;
- f)
- opt_file="$OPTARG";;
- F)
- opt_fetch=true;;
- q)
- opt_quiet=true;;
- r)
- opt_restrict="$OPTARG";;
- v)
- opt_verbose=true;;
- V)
- opt_version=true;;
- X)
- opt_expiry="$OPTARG";;
- ?)
- echo "Usage: $0 -aCdFVvq [-X days] [-r pattern] [-f file] [pkg-name ...]"
- exit 2;;
- esac
-done
-
-shift $(($OPTIND-1))
-
-ret=0
-
-if $opt_version; then
- echo "portaudit version %%PORTVERSION%%"
-fi
-
-if $opt_fetch; then
- if ! fetch_auditfile; then
- echo "portaudit: Download failed." >&2
- exit 2
- fi
-elif [ -n "$opt_expiry" ]; then
- if [ ! -r "$portaudit_dir/$portaudit_filename" ] || ! checkexpiry_auditfile "$opt_expiry"; then
- $opt_quiet || echo "Downloading fresh database."
- if ! fetch_auditfile; then
- echo "portaudit: Download failed." >&2
- exit 2
- fi
- ret=1
- fi
-fi
-
-if $opt_dbversion; then
- if [ ! -f "$portaudit_dir/$portaudit_filename" ]; then
- echo "portaudit: Database missing, run \`portaudit -F' to update." >&2
- exit 2
- fi
- if ! checksum_auditfile; then
- echo "portaudit: Database corrupt." >&2
- exit 2
- fi
- created=`getcreated_auditfile`
- echo "Database created: `date -j -f '%Y-%m-%d %H:%M:%S %Z' \"$created GMT\"`"
-fi
-
-prerequisites_checked=false
-
-if $opt_quiet; then
- PRINTAFFECTED_AWK='
- function print_affected(apkg, note) {
- print apkg
- }
- '
-elif $opt_verbose; then
- PRINTAFFECTED_AWK='
- function print_affected(apkg, note) {
- split(apkg, thepkg)
- print "Affected package: " thepkg[1] " (matched by " $1 ")"
- print "Type of problem: " $3 "."
- split($2, ref, / /)
- for (r in ref)
- print "Reference: <" ref[r] ">"
- if (note)
- print "Note: " note
- print ""
- }
- '
-else
- PRINTAFFECTED_AWK='
- function print_affected(apkg, note) {
- split(apkg, thepkg)
- print "Affected package: " thepkg[1]
- print "Type of problem: " $3 "."
- split($2, ref, / /)
- for (r in ref)
- print "Reference: <" ref[r] ">"
- if (note)
- print "Note: " note
- print ""
- }
- '
-fi
-
-if $opt_audit; then
- portaudit_prerequisites
- audit_installed || ret=$?
-fi
-
-if $opt_auditcwd; then
- portaudit_prerequisites
- audit_cwd || ret=$?
-fi
-
-if [ -n "$opt_file" ]; then
- portaudit_prerequisites
- audit_file "$opt_file" || ret=$?
-fi
-
-if [ $# -gt 0 ]; then
- portaudit_prerequisites
- audit_args "$@" || ret=$?
-fi
-
-exit $ret
diff --git a/security/portaudit/files/portaudit.1 b/security/portaudit/files/portaudit.1
deleted file mode 100644
index da683a2a6e8b..000000000000
--- a/security/portaudit/files/portaudit.1
+++ /dev/null
@@ -1,175 +0,0 @@
-.\" Copyright (c) 2004 Oliver Eikemeier. All rights reserved.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions are
-.\" met:
-.\"
-.\" 1. Redistributions of source code must retain the above copyright notice
-.\" this list of conditions and the following disclaimer.
-.\"
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\" notice, this list of conditions and the following disclaimer in the
-.\" documentation and/or other materials provided with the distribution.
-.\"
-.\" 3. Neither the name of the author nor the names of its contributors may be
-.\" used to endorse or promote products derived from this software without
-.\" specific prior written permission.
-.\"
-.\" THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
-.\" INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-.\" AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-.\" COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
-.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-.\"
-.\" $FreeBSD$
-.\"
-.Dd July 3, 2005
-.Os
-.Dt PORTAUDIT \&1 "FreeBSD ports collection"
-.
-.
-.Sh NAME
-.
-.Nm portaudit
-.Nd system to check installed packages for known vulnerabilities
-.
-.
-.Sh SYNOPSIS
-.
-.Nm
-.Op Fl aCdFqvV
-.Op Fl X Ar days
-.Op Fl f Ar file
-.Op Fl r Ar eregex
-.Op Ar pkg-name ...
-.
-.
-.Sh DESCRIPTION
-.
-.Nm
-checks installed packages for known vulnerabilities and generates reports
-including references to security advisories.
-Its intended audience is system administrators and individual users.
-.Pp
-.Nm
-uses a database maintained by port committers and the FreeBSD security team
-to check if security advisories for any installed packages exist.
-Note that a current ports tree (or any local copy of the ports tree) is not
-required for operation.
-.Pp
-This package also installs a script into %%PREFIX%%/etc/periodic/security
-that regularly updates this database and includes a report of vulnerable
-packages in the daily security report.
-.Pp
-If you have a vulnerable package installed, you are advised to update or
-deinstall it immediately.
-.
-.
-.Sh OPTIONS
-.
-The following options are supported:
-.Bl -tag -width ".Fl X"
-.It Fl a
-Print a vulnerability report for all installed packages.
-.It Fl C
-Print a vulnerability report for the port in the current working directory.
-Mostly useful for port developers.
-.It Fl d
-Print the creation date of the database.
-.It Fl F
-Fetch the current database from the
-.Fx
-servers.
-.It Fl q
-Quiet mode.
-.It Fl V
-Show
-.Nm
-version number.
-.It Fl v
-Verbose mode.
-.It Fl X Ar days
-Download a fresh database when the local is at least
-.Ar days
-old.
-.It Fl f Ar file
-Check the packages listed in
-.Ar file
-for known vulnerabilities.
-.It Fl r Ar eregex
-Restrict listed vulnerabilities to those where a reference matches
-.Xr egrep 1
-pattern
-.Ar eregex .
-Useful to test new entries.
-.It Ar pkg-name ...
-Test whether
-.Ar pkg-name
-is listed in the audit database.
-.El
-.Pp
-If no options are given,
-.Nm
-prints a vulnerability report for all installed packages.
-.
-.
-.Sh EXAMPLES
-.
-.Bl -item
-.It
-Fetch the current database and print its creation date:
-.Pp
-.Dl "portaudit -Fd"
-.It
-Print a vulnerability report for all installed packages:
-.Pp
-.Dl "portaudit -a"
-.It
-Print a vulnerability report for a remote machine:
-.Pp
-.Dl "ssh remote.example pkg_info | awk '{ print $1 }' | xargs portaudit"
-.It
-Print a vulnerability report for the local INDEX:
-.Pp
-.Dl "portaudit -f %%PORTSDIR%%/%%INDEXFILE%%"
-.It
-Print a vulnerability report for the current set of prebuild packages:
-.Pp
-.Dl "curl -l ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/All/ | sed -n -e 's/\.t[bg]z[[:cntrl:]]*$//p' | portaudit -f -"
-.El
-.
-.
-.Sh FILES
-.
-.Pa %%PREFIX%%/etc/portaudit.conf ,
-.Pa %%DATABASEDIR%%/auditfile.tbz
-.
-.
-.Sh SEE ALSO
-.
-.Xr ports 7 ,
-.Xr periodic.conf 5 ,
-.Pa http://www.FreeBSD.org/ports/portaudit/ ,
-.Pa http://www.FreeBSD.org/security/#adv ,
-.Pa http://FreeBSD.VuXML.org/ .
-.
-.
-.Sh BUGS
-.
-Sure to be some.
-.
-.
-.Sh AUTHOR
-.
-.An Oliver Eikemeier Aq eik@FreeBSD.org
-.
-.
-.Sh HISTORY
-.
-Package auditing first appeared in
-.Nx 1.4.3 .
diff --git a/security/portaudit/files/portaudit.conf b/security/portaudit/files/portaudit.conf
deleted file mode 100644
index c4b7362594c8..000000000000
--- a/security/portaudit/files/portaudit.conf
+++ /dev/null
@@ -1,19 +0,0 @@
-#
-# Sample configuration file for portaudit(1)
-#
-# copy to %%PREFIX%%/etc/portaudit.conf
-#
-# $FreeBSD$
-#
-
-# specify a proxy if needed, see fetch(3)
-#portaudit_fetch_env="FTP_PROXY=http://ftp.proxy.sample/ HTTP_PROXY=http://http.proxy.sample:80/"
-
-# default fetch command
-#portaudit_fetch_cmd="fetch -1amp"
-
-# specify a local mirror that generates databases with portaudit-db here
-#portaudit_sites="http://www.FreeBSD.org/ports/"
-
-# this vulnerability has been fixed in your FreeBSD version
-#portaudit_fixed="d2102505-f03d-11d8-81b0-000347a4fa7d"
diff --git a/security/portaudit/files/portaudit.sh b/security/portaudit/files/portaudit.sh
deleted file mode 100644
index 8e3b460ec750..000000000000
--- a/security/portaudit/files/portaudit.sh
+++ /dev/null
@@ -1,61 +0,0 @@
-#!/bin/sh -f
-#
-# Copyright (c) 2004 Oliver Eikemeier. All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are
-# met:
-#
-# 1. Redistributions of source code must retain the above copyright notice
-# this list of conditions and the following disclaimer.
-#
-# 2. Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in the
-# documentation and/or other materials provided with the distribution.
-#
-# 3. Neither the name of the author nor the names of its contributors may be
-# used to endorse or promote products derived from this software without
-# specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
-# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
-# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-#
-# $FreeBSD$
-#
-
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]; then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
-
-rc=0
-case "${daily_status_security_portaudit_enable:-YES}" in
- [Nn][Oo])
- ;;
- *)
- echo
- echo "Checking for a current audit database:"
- echo
- %%PREFIX%%/sbin/portaudit -X "${daily_status_security_portaudit_expiry:-2}" || rc=$?
- if [ $rc -lt 2 ]; then
- %%PREFIX%%/sbin/portaudit -d
- echo
- echo "Checking for packages with security vulnerabilities:"
- echo
- echo %%PREFIX%%/sbin/portaudit -a |
- su -fm "${daily_status_security_portaudit_user:-nobody}" || rc=$?
- fi
- ;;
-esac
-
-exit "$rc"
diff --git a/security/portaudit/pkg-deinstall b/security/portaudit/pkg-deinstall
deleted file mode 100644
index 948c7135abb6..000000000000
--- a/security/portaudit/pkg-deinstall
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/bin/sh
-#
-# $FreeBSD$
-#
-
-case $2 in
-POST-DEINSTALL)
- echo
- echo "The portaudit package has been deleted."
- if [ -f "%%DATABASEDIR%%/auditfile.tbz" ]; then
- echo "If you're *not* upgrading and won't be using"
- echo "it any longer, you may want to remove the"
- echo "portaudit database:"
- echo
- echo " rm -Rf %%DATABASEDIR%%"
- fi
- echo
- ;;
-esac
diff --git a/security/portaudit/pkg-descr b/security/portaudit/pkg-descr
deleted file mode 100644
index 9dd30dd115f6..000000000000
--- a/security/portaudit/pkg-descr
+++ /dev/null
@@ -1,16 +0,0 @@
-portaudit provides a system to check if installed ports are listed in a
-database of published security vulnerabilities.
-
-After installation it will update this security database automatically and
-include its reports in the output of the daily security run.
-
-If you have found a vulnerability not listed in the database, please contact
-the FreeBSD Security Officer <security-officer@FreeBSD.org>. Refer to
-
- http://www.freebsd.org/security/#sec
-
-for more information.
-
-WWW: http://people.freebsd.org/~eik/portaudit/
-
-Oliver Eikemeier <eik@FreeBSD.org>
diff --git a/security/portaudit/pkg-install b/security/portaudit/pkg-install
deleted file mode 100644
index 6ee3e0433e46..000000000000
--- a/security/portaudit/pkg-install
+++ /dev/null
@@ -1,36 +0,0 @@
-#!/bin/sh
-#
-# $FreeBSD$
-#
-
-PREFIX="${PREFIX:-%%PREFIX%%}"
-
-case $2 in
-PRE-INSTALL)
- if egrep -qs "^(FETCH|MASTER_SITE)_" "$PREFIX/etc/portaudit.conf" ;then
- echo
- echo "*** WARNING ***"
- echo
- echo "The preference file format has changed. Please edit"
- echo " $PREFIX/etc/portaudit.conf"
- echo
- fi
- if egrep -qs "^daily_status_portaudit_" "/etc/periodic.conf" ;then
- echo
- echo "*** WARNING ***"
- echo
- echo "The periodic(8) names have changed. Please edit"
- echo " /etc/periodic.conf"
- echo
- fi
- ;;
-POST-INSTALL)
- if [ ! -f "%%DATABASEDIR%%/auditfile.tbz" ]; then
- echo
- echo "===> To check your installed ports for known vulnerabilities now, do:"
- echo
- echo " $PREFIX/sbin/portaudit -Fda"
- echo
- fi
- ;;
-esac
diff --git a/security/portaudit/pkg-plist b/security/portaudit/pkg-plist
deleted file mode 100644
index 8edf7bb6dbc8..000000000000
--- a/security/portaudit/pkg-plist
+++ /dev/null
@@ -1,7 +0,0 @@
-sbin/portaudit
-etc/portaudit.conf.sample
-%%PERIODICDIR%%/security/410.portaudit
-@dirrmtry %%PERIODICDIR%%/security
-@dirrmtry %%PERIODICDIR%%
-@exec mkdir -p %%DATABASEDIR%%
-@unexec rmdir %%DATABASEDIR%% 2>/dev/null || true
diff --git a/security/portaudit/pkg-req b/security/portaudit/pkg-req
deleted file mode 100644
index 5a8ba2d087db..000000000000
--- a/security/portaudit/pkg-req
+++ /dev/null
@@ -1,32 +0,0 @@
-#!/bin/sh
-#
-# $FreeBSD$
-#
-
-case $2 in
-INSTALL)
- if [ -z "${PKG_INFO}" ]; then
- if [ -x "%%LOCALBASE%%/sbin/pkg_info" ]; then
- PKG_INFO="%%LOCALBASE%%/sbin/pkg_info"
- else
- PKG_INFO="/usr/sbin/pkg_info"
- fi
- fi
-
- if [ ! -x "${PKG_INFO}" ]; then
- echo "${PKG_INFO} missing, please install port sysutils/pkg_install-devel"
- exit 1
- fi
-
- PKG_INSTALL_VER=`${PKG_INFO} -qP 2>/dev/null`
- if [ -z "${PKG_INSTALL_VER}" -o "${PKG_INSTALL_VER}" -lt %%REQPKGVER%% ]; then
- echo "${PKG_INFO} is too old, please update port sysutils/pkg_install-devel"
- exit 1
- fi
-
- if [ "`echo FreeBSD | tr -s .`" != "FreeBSD" ]; then
- echo "tr(1) is broken."
- exit 1
- fi
- ;;
-esac
diff --git a/security/vulnerability-test-port/Makefile b/security/vulnerability-test-port/Makefile
deleted file mode 100644
index 27642976798e..000000000000
--- a/security/vulnerability-test-port/Makefile
+++ /dev/null
@@ -1,35 +0,0 @@
-# New ports collection makefile for: vulnerability-test-port
-# Date created: 25 Jan 2004
-# Whom: Oliver Eikemeier
-#
-# $FreeBSD$
-#
-
-PORTNAME= vulnerability-test-port
-PORTVERSION= ${INSTALLATION_DATE}
-CATEGORIES= security
-DISTFILES=
-
-MAINTAINER= ports@FreeBSD.org
-COMMENT= Standard vulnerability test for port auditing systems
-
-NO_BUILD= yes
-
-.if defined(PARALLEL_PACKAGE_BUILD)
-IGNORE= is disabled on package building systems
-INSTALLATION_DATE= 2004.01.25
-.else
-.ifdef INSTALLATION_DATE
-MYDATE!= date -j -f "%Y.%m.%d" "${INSTALLATION_DATE}" "+%Y.%m.%d" 2>/dev/null
-.if ${MYDATE} != ${INSTALLATION_DATE}
-IGNORE= ": \`\`${INSTALLATION_DATE}\'\' is not a legal date. INSTALLATION_DATE must be in the form YYYY.MM.DD"
-.endif
-.else
-INSTALLATION_DATE!= date -u "+%Y.%m.%d"
-.endif
-.endif
-
-do-install:
- @${DO_NADA}
-
-.include <bsd.port.mk>
diff --git a/security/vulnerability-test-port/pkg-descr b/security/vulnerability-test-port/pkg-descr
deleted file mode 100644
index a07e1b34e991..000000000000
--- a/security/vulnerability-test-port/pkg-descr
+++ /dev/null
@@ -1,20 +0,0 @@
-This is a package to test FreeBSD port auditing systems, e.g. portaudit
-and the upcoming VuXML based system. Even though it installs no files,
-it is registered in the local package database.
-
-Its version number is automagically the installation date, so that you
-can update it every day ;-) If the date is off by one day keep in mind
-that the date is in UTC which may differ from your local time up to
-twelve hours, depending on the time zone you live in.
-
-The portaudit database lists yesterday's vulnerability test port as
-vulnerable so that it should appear in your security report approximately
-after a week, depending on the synchronization schedule of your database.
-
-If you try install the port with
- make INSTALLATION_DATE=`date -u -v-14d "+%Y.%m.%d"` install
-the port is instantly flagged as vulnerable and the ports system should
-hinder you installing it (currently not implemented), otherwise your
-vulnerability database is too old.
-
-Oliver Eikemeier <eik@FreeBSD.org>
generated by cgit (git 2.34.1) at 2024-12-04 09:52:49 +0800