Bug 223716 - [NEW PORT] sysutils/base-audit Periodic script to check base for vulnerabilities
Summary: [NEW PORT] sysutils/base-audit Periodic script to check base for vulnerabilities
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Mark Felder
Depends on:
Reported: 2017-11-16 23:34 UTC by Miroslav Lachman
Modified: 2017-12-10 16:00 UTC (History)
1 user (show)

See Also:

sysutils/base-audit shar (8.39 KB, text/plain)
2017-11-16 23:34 UTC, Miroslav Lachman
no flags Details
poudriere testport build log (11.27 KB, text/plain)
2017-11-16 23:35 UTC, Miroslav Lachman
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Miroslav Lachman 2017-11-16 23:34:36 UTC
Created attachment 188060 [details]
sysutils/base-audit shar

Mark Felder created VuXML entries for FreeBSD base about a year ago so we can check vulnerabilities based on version returned by freebsd-version.

We discussed it here

Mark was talking about creating a port but I can't find any.

I already submitted PR 212306 with patch for ports-mgmt/pkg to include this periodic script but it was left without any attention for more than one year. That's why I created this simple port just to install one periodic file:

Example of output e-mail by daily security periodic:

Checking for security vulnerabilities in base (userland & kernel):
Host system:
vulnxml file up-to-date
FreeBSD-10.3_3 is vulnerable:
libarchive -- multiple vulnerabilities
CVE: CVE-2015-2304
CVE: CVE-2013-0211
WWW: https://vuxml.FreeBSD.org/freebsd/7c63775e-be31-11e5-b5fe-002590263bf5.html

FreeBSD-10.3_3 is vulnerable:
FreeBSD -- Heap vulnerability in bspatch
CVE: CVE-2014-9862
WWW: https://vuxml.FreeBSD.org/freebsd/7d4f4955-600a-11e6-a6c3-14dae9d210b8.html
Comment 1 Miroslav Lachman 2017-11-16 23:35:43 UTC
Created attachment 188061 [details]
poudriere testport build log
Comment 2 Mark Felder freebsd_committer 2017-12-10 16:00:53 UTC
Committed with minor changes in https://svnweb.freebsd.org/ports?view=revision&revision=455902