[Bug 223716] [NEW PORT] sysutils/base-audit Periodic script to check base for vulnerabilities
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu Nov 16 23:34:36 UTC 2017
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223716
Bug ID: 223716
Summary: [NEW PORT] sysutils/base-audit Periodic script to
check base for vulnerabilities
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: Individual Port(s)
Assignee: freebsd-ports-bugs at FreeBSD.org
Reporter: 000.fbsd at quip.cz
Created attachment 188060
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=188060&action=edit
sysutils/base-audit shar
Mark Felder created VuXML entries for FreeBSD base about a year ago so we can
check vulnerabilities based on version returned by freebsd-version.
We discussed it here
https://lists.freebsd.org/pipermail/freebsd-security/2016-August/009049.html
https://lists.freebsd.org/pipermail/freebsd-security/2016-September/009064.html
Mark was talking about creating a port but I can't find any.
I already submitted PR 212306 with patch for ports-mgmt/pkg to include this
periodic script but it was left without any attention for more than one year.
That's why I created this simple port just to install one periodic file:
405.pkg-base-audit
Example of output e-mail by daily security periodic:
Checking for security vulnerabilities in base (userland & kernel):
Host system:
vulnxml file up-to-date
FreeBSD-10.3_3 is vulnerable:
libarchive -- multiple vulnerabilities
CVE: CVE-2015-2304
CVE: CVE-2013-0211
WWW:
https://vuxml.FreeBSD.org/freebsd/7c63775e-be31-11e5-b5fe-002590263bf5.html
FreeBSD-10.3_3 is vulnerable:
FreeBSD -- Heap vulnerability in bspatch
CVE: CVE-2014-9862
WWW:
https://vuxml.FreeBSD.org/freebsd/7d4f4955-600a-11e6-a6c3-14dae9d210b8.html
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list