Detections
Analytics

FreeBSD : portupgrade-devel -- lack of distfile checksums (b428e6b3-926c-11e1-8d7b-003067b2972c)

high Nessus Plugin ID 58920

Language:

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Ports security team reports :

The portupgrade-devel port fetched directly from a git respository without checking against a known good SHA hash. This means that it is possible that packages built using this port may not match the one vetted by the maintainer. Users are advised to rebuild portupgrade-devel from known good sources.

Solution

Update the affected package.

See Also

http://web.archiveorange.com/archive/v/6ETvLYPz7CfFT9tiHKiI

http://www.nessus.org/u?d9cf6d8f

http://www.nessus.org/u?e83d73f0

Plugin Details

Severity: High

ID: 58920

File Name: freebsd_pkg_b428e6b3926c11e18d7b003067b2972c.nasl

Version: 1.6

Type: local

Published: 4/30/2012

Updated: 1/6/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:portupgrade-devel, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 4/30/2012

Vulnerability Publication Date: 4/30/2012