D941.id1981.diff
No OneTemporary
Actions

Size

4 KB

Referenced Files

None

Subscribers

None

D941.id1981.diff
View Options

	Index: en_US.ISO8859-1/books/porters-handbook/security/chapter.xml
	===================================================================
	--- en_US.ISO8859-1/books/porters-handbook/security/chapter.xml
	+++ en_US.ISO8859-1/books/porters-handbook/security/chapter.xml
	@@ -412,38 +412,19 @@
	<title>Testing Changes to the VuXML Database</title>

	<para>This example describes a new entry for a
	- vulnerability in the package <literal>clamav</literal> that
	- has been fixed in version <literal>0.65_7</literal>.</para>
	+ vulnerability in the package <literal>dropbear</literal> that
	+ has been fixed in version <literal>dropbear-2013.59</literal>.</para>

	<para>As a prerequisite,
	- <emphasis>install</emphasis> fresh versions of the ports
	- <package role="port">ports-mgmt/portaudit</package>,
	- <package role="port">ports-mgmt/portaudit-db</package>, and
	- <package role="port">security/vuxml</package>.</para>
	+ install a fresh version of
	+ <package role="port">security/vuxml</package> port.</para>

	- <note>
	- <para>The user running <command>packaudit</command> must have
	- permission to write to its <filename>DATABASEDIR</filename>,
	- typically <filename>/var/db/portaudit</filename>.</para>
	-
	- <para>To use a different directory, set the
	- <varname>DATABASEDIR</varname> environment variable to a
	- different location.</para>
	-
	- <para>If working in a directory other than
	- <filename>${PORTSDIR}/security/vuxml</filename>, set the
	- <varname>VUXMLDIR</varname> environment variable to the
	- directory where <filename>vuln.xml</filename> is
	- located.</para>
	- </note>
	-
	<para>First, check whether there already is an entry for this
	vulnerability. If there were such an entry, it would match
	the previous version of the package,
	- <literal>0.65_6</literal>:</para>
	+ <literal>2013.58</literal>:</para>

	- <screen>&prompt.user; <userinput>packaudit</userinput>
	-&prompt.user; <userinput>portaudit clamav-0.65_6</userinput></screen>
	+ <screen>&prompt.user; <userinput>pkg audit dropbear-2013.58</userinput></screen>

	<para>If there is none found, add a
	new entry for this vulnerability.</para>
	@@ -461,22 +442,11 @@
	<package role="port">textproc/jade</package>.</para>
	</note>

	- <para>Now rebuild the <command>portaudit</command> database from
	- the VuXML file:</para>
	+ <para>Verify that the <literal><affected></literal>
	+ section of the entry will match the correct packages:</para>

	- <screen>&prompt.user; <userinput>packaudit</userinput></screen>
	+ <screen>&prompt.user; <userinput>pkg audit -f ${PORTSDIR}/security/vuxml/vuln.xml dropbear-2013.58</userinput></screen>

	- <para>To verify that the <literal><affected></literal>
	- section of the entry will match the correct package(s), issue this
	- command:</para>
	-
	- <screen>&prompt.user; <userinput>portaudit -f /usr/ports/INDEX -r <replaceable>uuid</replaceable></userinput></screen>
	-
	- <note>
	- <para>Please refer to &man.portaudit.1; for better
	- understanding of the command syntax.</para>
	- </note>
	-
	<para>Make sure that the entry produces no spurious matches in
	the output.</para>

	@@ -483,22 +453,18 @@
	<para>Now check whether the right package versions are matched
	by the entry:</para>

	- <screen>&prompt.user; <userinput>portaudit clamav-0.65_6 clamav-0.65_7</userinput>
	-Affected package: clamav-0.65_6 (matched by clamav<0.65_7)
	-Type of problem: clamav remote denial-of-service.
	-Reference: <http://www.freebsd.org/ports/portaudit/74a9541d-5d6c-11d8-80e3-0020ed76ef5a.html>
	+ <screen>&prompt.user; <userinput>pkg audit -f ${PORTSDIR}/security/vuxml/vuln.xml dropbear-201
	+3.58 dropbear-2013.59</userinput>
	+dropbear-2012.58 is vulnerable:
	+dropbear -- exposure of sensitive information, DoS
	+CVE: CVE-2013-4434
	+CVE: CVE-2013-4421
	+WWW: http://portaudit.FreeBSD.org/8c9b48d1-3715-11e3-a624-00262d8b701d.html

	-1 problem(s) found.</screen>
	+1 problem(s) in the installed packages found.</screen>

	<para>The former version matches while the latter one
	does not.</para>
	-
	- <para>Finally, verify whether the web page generated from the
	- VuXML database looks like expected:</para>
	-
	- <screen>&prompt.user; <userinput>mkdir -p ~/public_html/portaudit</userinput>
	-&prompt.user; <userinput>packaudit</userinput>
	-&prompt.user; <userinput>lynx ~/public_html/portaudit/74a9541d-5d6c-11d8-80e3-0020ed76ef5a.html</userinput></screen>
	</sect2>
	</sect1>
	</chapter>

File Metadata

Mime Type: text/plain
Expires: Sat, Jan 17, 8:34 AM (5 h, 35 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 27686466
Default Alt Text: D941.id1981.diff (4 KB)

D941.id1981.diffNo OneTemporaryActions

D941.id1981.diffView Options

File Metadata

Event Timeline

D941.id1981.diff
No OneTemporary
Actions

D941.id1981.diff
View Options