summaryrefslogtreecommitdiff
path: root/security/go-cve-dictionary
diff options
context:
space:
mode:
authorRichard Gallamore <ultima@FreeBSD.org>2017-07-28 18:22:22 +0000
committerRichard Gallamore <ultima@FreeBSD.org>2017-07-28 18:22:22 +0000
commitfda3db8dd17ef71cbfba0bc95113a37c2be6b0c8 (patch)
tree91064fe32748af40dc87519c87821aaccf036a87 /security/go-cve-dictionary
parent37129afea9a4dcccba1df23cd7ecf43de7684d46 (diff)
downloadfreebsd-ports-fda3db8dd17ef71cbfba0bc95113a37c2be6b0c8.zip
This is tool to build a local copy of the National Vulnerabilities Database(NVD)
and the Japan Vulnerability Notes (JVN). NVD and JVN contain security vulnerabilities according to their CVE identifiers, including exhaustive information and a risk score. The local copy is generated in sqlite format, and the tool has a server mode for easy querying. WWW: https://github.com/kotakanbe/go-cve-dictionary/ PR: 220561 Submitted by: Alexandru Ciobanu <iscandr@gmail.com> (maintainer) Reviewed by: matthew (mentor), koobs, mat Approved by: matthew (mentor) Differential Revision: https://reviews.freebsd.org/D11745
Diffstat (limited to 'security/go-cve-dictionary')
-rw-r--r--security/go-cve-dictionary/Makefile87
-rw-r--r--security/go-cve-dictionary/distinfo59
-rw-r--r--security/go-cve-dictionary/files/go-cve-dictionary.in64
-rw-r--r--security/go-cve-dictionary/files/patch-commands_fetchjvn.go29
-rw-r--r--security/go-cve-dictionary/files/patch-commands_fetchnvd.go29
-rw-r--r--security/go-cve-dictionary/files/patch-commands_server.go29
-rw-r--r--security/go-cve-dictionary/files/pkg-message.in19
-rw-r--r--security/go-cve-dictionary/pkg-descr7
-rw-r--r--security/go-cve-dictionary/pkg-plist3
9 files changed, 326 insertions, 0 deletions
diff --git a/security/go-cve-dictionary/Makefile b/security/go-cve-dictionary/Makefile
new file mode 100644
index 000000000000..fcf843e55e4a
--- /dev/null
+++ b/security/go-cve-dictionary/Makefile
@@ -0,0 +1,87 @@
+# $FreeBSD$
+
+PORTNAME= go-cve-dictionary
+DISTVERSIONPREFIX= v
+DISTVERSION= 0.1.0-76
+DISTVERSIONSUFFIX= -g0724974
+CATEGORIES= security
+
+MAINTAINER= iscandr@gmail.com
+COMMENT= Build local copies of vulnerabilities from NVD and JVN
+
+LICENSE= APACHE20
+
+RUN_DEPENDS= ca_root_nss>=0:security/ca_root_nss
+
+USES= go:1.7.1+
+
+USE_RC_SUBR= ${PORTNAME}
+
+USE_GITHUB= yes
+GH_ACCOUNT= kotakanbe
+GH_SUBDIR= src/github.com/${GH_ACCOUNT_DEFAULT}/${PORTNAME}
+
+GH_TUPLE+= sirupsen:logrus:v1.0.0:logrus/src/github.com/sirupsen/logrus
+GH_TUPLE+= asaskevich:govalidator:v6:govalidator/src/github.com/asaskevich/govalidator
+GH_TUPLE+= cheggaaa:pb:v2.0.4:pb/src/gopkg.in/cheggaaa/pb.v2
+GH_TUPLE+= go-redis:redis:v6.5.0:redis/src/github.com/go-redis/redis
+GH_TUPLE+= google:subcommands:ce3d4cf:subcommands/src/github.com/google/subcommands
+GH_TUPLE+= jinzhu:gorm:eae7f6b:gorm/src/github.com/jinzhu/gorm
+GH_TUPLE+= kotakanbe:logrus-prefixed-formatter:e7519b8:logrusprefixedformatter/src/github.com/kotakanbe/logrus-prefixed-formatter
+GH_TUPLE+= labstack:echo:bc173df:echo/src/github.com/labstack/echo
+GH_TUPLE+= labstack:gommon:1121fd3:gommon/src/github.com/labstack/gommon
+GH_TUPLE+= parnurzeal:gorequest:v0.2.15:gorequest/src/github.com/parnurzeal/gorequest
+GH_TUPLE+= rifflock:lfshook:1.6:lfshook/src/github.com/rifflock/lfshook
+GH_TUPLE+= dgrijalva:jwt-go:v3.0.0:jwtgo/src/github.com/dgrijalva/jwt-go
+GH_TUPLE+= go-sql-driver:mysql:v1.3:mysql/src/github.com/go-sql-driver/mysql
+GH_TUPLE+= jinzhu:inflection:1c35d90:inflection/src/github.com/jinzhu/inflection
+GH_TUPLE+= k0kubun:pp:v2.3.0:pp/src/github.com/k0kubun/pp
+GH_TUPLE+= lib:pq:8837942:pq/src/github.com/lib/pq
+GH_TUPLE+= mgutz:ansi:9520e82:ansi/src/github.com/mgutz/ansi
+GH_TUPLE+= pkg:errors:c605e28:pkgerrors/src/github.com/pkg/errors
+GH_TUPLE+= moul:http2curl:4e24498:http2curl/src/github.com/moul/http2curl
+GH_TUPLE+= golang:net:5f8847a:golangnet/src/golang.org/x/net
+GH_TUPLE+= mattn:go-colorable:v0.0.8:gocolorable/src/github.com/mattn/go-colorable
+GH_TUPLE+= mattn:go-runewidth:97311d9:gorunewidth/src/github.com/mattn/go-runewidth
+GH_TUPLE+= mattn:go-isatty:v0.0.2:goisatty/src/github.com/mattn/go-isatty
+GH_TUPLE+= mattn:go-sqlite3:v1.2.0:gosqlite3/src/github.com/mattn/go-sqlite3
+GH_TUPLE+= valyala:fasttemplate:dcecefd:fasttemplate/src/github.com/valyala/fasttemplate
+GH_TUPLE+= camlistore:go4:034d17a:go4syncutil/src/go4.org
+GH_TUPLE+= VividCortex:ewma:v1.0:ewma/src/gopkg.in/VividCortex/ewma.v1
+GH_TUPLE+= fatih:color:v1.5.0:colorv1/src/gopkg.in/fatih/color.v1
+
+USERS= vuls
+GROUPS= vuls
+
+SUB_FILES= pkg-message
+SUB_LIST= PORTNAME=${PORTNAME} USERS=${USERS} GROUPS=${GROUPS}
+
+post-patch:
+ @${REINPLACE_CMD} -e 's|Sirupsen|sirupsen|' \
+ ${WRKSRC}/log/log.go \
+ ${WRKSRC}/src/github.com/kotakanbe/logrus-prefixed-formatter/formatter.go \
+ ${WRKSRC}/src/github.com/rifflock/lfshook/lfshook.go
+ @${REINPLACE_CMD} -e 's|github.com/cheggaaa/pb|gopkg.in/cheggaaa/pb.v2|' \
+ ${WRKSRC}/db/rdb.go \
+ ${WRKSRC}/db/redis.go \
+ ${WRKSRC}/jvn/jvn.go \
+ ${WRKSRC}/nvd/nvd.go
+ @${REINPLACE_CMD} -e 's|gopkg.in/mattn/go-runewidth.v0|github.com/mattn/go-runewidth|' \
+ ${WRKSRC}/src/gopkg.in/cheggaaa/pb.v2/util.go
+ @${REINPLACE_CMD} -e 's|gopkg.in/mattn/go-colorable.v0|github.com/mattn/go-colorable|' \
+ ${WRKSRC}/src/gopkg.in/cheggaaa/pb.v2/pb.go
+ @${REINPLACE_CMD} -e 's|gopkg.in/mattn/go-isatty.v0|github.com/mattn/go-isatty|' \
+ ${WRKSRC}/src/gopkg.in/cheggaaa/pb.v2/pb.go
+
+do-build:
+ @cd ${GO_WRKSRC} && \
+ ${SETENV} ${MAKE_ENV} ${GO_ENV} GOPATH=${WRKSRC} \
+ ${GO_CMD} build -v -x -ldflags "-X main.version=${PORTVERSION}" \
+ -o ${WRKSRC}/${PORTNAME}
+
+do-install:
+ ${INSTALL_PROGRAM} ${WRKSRC}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin/${PORTNAME}
+ ${MKDIR} ${STAGEDIR}/var/db/vuls
+ ${MKDIR} ${STAGEDIR}/var/log/vuls
+
+.include <bsd.port.mk>
diff --git a/security/go-cve-dictionary/distinfo b/security/go-cve-dictionary/distinfo
new file mode 100644
index 000000000000..4ba14a98b58d
--- /dev/null
+++ b/security/go-cve-dictionary/distinfo
@@ -0,0 +1,59 @@
+TIMESTAMP = 1501176587
+SHA256 (kotakanbe-go-cve-dictionary-v0.1.0-76-g0724974_GH0.tar.gz) = fe70e8ca0ed86673d8887793659ec088fca87c95719a299ddd37e1e8cd4c47d7
+SIZE (kotakanbe-go-cve-dictionary-v0.1.0-76-g0724974_GH0.tar.gz) = 25122
+SHA256 (sirupsen-logrus-v1.0.0_GH0.tar.gz) = de40c5f36b126217234cf5d40def87ce26789ce95c8f887b229b9f2ea1e3ed6b
+SIZE (sirupsen-logrus-v1.0.0_GH0.tar.gz) = 27996
+SHA256 (asaskevich-govalidator-v6_GH0.tar.gz) = 17ee798f3758885e6ed6f1cfc81033c3aca4c15a9d2b3856a01e648ffb46f0a0
+SIZE (asaskevich-govalidator-v6_GH0.tar.gz) = 39610
+SHA256 (cheggaaa-pb-v2.0.4_GH0.tar.gz) = 21388e5df7bed43ae2b8157a4e17b85ef416ca4925723ddc182f43e3fc719225
+SIZE (cheggaaa-pb-v2.0.4_GH0.tar.gz) = 17205
+SHA256 (go-redis-redis-v6.5.0_GH0.tar.gz) = 992b27dee80639c3605b99525adf76e5e76e4d1acd7e1e97476c5d0446e0d0b8
+SIZE (go-redis-redis-v6.5.0_GH0.tar.gz) = 72475
+SHA256 (google-subcommands-ce3d4cf_GH0.tar.gz) = 660c4a27138acf9f40eb5b69d8f8401521626bd29235f6472f1b1ac457ab4c99
+SIZE (google-subcommands-ce3d4cf_GH0.tar.gz) = 8551
+SHA256 (jinzhu-gorm-eae7f6b_GH0.tar.gz) = aff8d777868e65751deadff1353949cdc1c8c0680e4f687c2fa9311fdb6dfe74
+SIZE (jinzhu-gorm-eae7f6b_GH0.tar.gz) = 79432
+SHA256 (kotakanbe-logrus-prefixed-formatter-e7519b8_GH0.tar.gz) = e14b91af06bc0a752c97519dff4accf4a03547cbb9dd2ba197a9420fb3f14303
+SIZE (kotakanbe-logrus-prefixed-formatter-e7519b8_GH0.tar.gz) = 3862
+SHA256 (labstack-echo-bc173df_GH0.tar.gz) = 130084d65a0fd9fbeba6f2f88b7f6ef0dcf0d42d988b7720a9e158a16afa23f7
+SIZE (labstack-echo-bc173df_GH0.tar.gz) = 322895
+SHA256 (labstack-gommon-1121fd3_GH0.tar.gz) = b2799817a7225c50d37549db05b981cfa416ea7e3ee54aeb53187c3a29f83805
+SIZE (labstack-gommon-1121fd3_GH0.tar.gz) = 10176
+SHA256 (parnurzeal-gorequest-v0.2.15_GH0.tar.gz) = 776fbd9a5ebe79e6e1091cae47d5ace67f7bf49a224a35f2c84e27f3f464817f
+SIZE (parnurzeal-gorequest-v0.2.15_GH0.tar.gz) = 25591
+SHA256 (rifflock-lfshook-1.6_GH0.tar.gz) = 64f6a7b085bbceec503f311d9f130436457b996f7260dad7db6638ceb19d9f45
+SIZE (rifflock-lfshook-1.6_GH0.tar.gz) = 3515
+SHA256 (dgrijalva-jwt-go-v3.0.0_GH0.tar.gz) = af12bdfbfb897c4a5c86aeffd11cab35ee18ab0180b1a6e22e1a1a61d9f70543
+SIZE (dgrijalva-jwt-go-v3.0.0_GH0.tar.gz) = 33451
+SHA256 (go-sql-driver-mysql-v1.3_GH0.tar.gz) = 410bcaca471ea38892101464cc8b4a9cf63a9c7f94fce8728243829e36cd865b
+SIZE (go-sql-driver-mysql-v1.3_GH0.tar.gz) = 59830
+SHA256 (jinzhu-inflection-1c35d90_GH0.tar.gz) = 9403d9051e6fb253555c83261ce4c9ff9cb0210a4f326b8568b18d3e1bfbed24
+SIZE (jinzhu-inflection-1c35d90_GH0.tar.gz) = 4499
+SHA256 (k0kubun-pp-v2.3.0_GH0.tar.gz) = e411569ac6fe6413b24b63765fd9d6b7cbb03d162068c31186db947aeaf4b0b8
+SIZE (k0kubun-pp-v2.3.0_GH0.tar.gz) = 8778
+SHA256 (lib-pq-8837942_GH0.tar.gz) = a7b8aec65325b03799c5336af3ace1a04ade723a30c9abe927f2b16ffbc61385
+SIZE (lib-pq-8837942_GH0.tar.gz) = 85539
+SHA256 (mgutz-ansi-9520e82_GH0.tar.gz) = eed589c0869270ea90e776fa623a0a29a5973f2acc86fbf305573b4861887140
+SIZE (mgutz-ansi-9520e82_GH0.tar.gz) = 4870
+SHA256 (pkg-errors-c605e28_GH0.tar.gz) = 06fa83babc1d9aa80b0decb6d36504090bbde8a38d9a722a1f7a26616590a0d0
+SIZE (pkg-errors-c605e28_GH0.tar.gz) = 11476
+SHA256 (moul-http2curl-4e24498_GH0.tar.gz) = 48957974315c9689a27e4a65315d4eb0e94cb04e266a59f813ad9e1b99df8e66
+SIZE (moul-http2curl-4e24498_GH0.tar.gz) = 100177
+SHA256 (golang-net-5f8847a_GH0.tar.gz) = 55a46531c8c0fb60ae7566cae1c59681c9869e5df1c4a9a8304448afef65164a
+SIZE (golang-net-5f8847a_GH0.tar.gz) = 909712
+SHA256 (mattn-go-colorable-v0.0.8_GH0.tar.gz) = 4f7b0196c6d7a7be96ba394c94860384b537cec6e0da57951bccda0d42c1c23c
+SIZE (mattn-go-colorable-v0.0.8_GH0.tar.gz) = 7526
+SHA256 (mattn-go-runewidth-97311d9_GH0.tar.gz) = 8330497728f75464111ee7145fc97cfa588cb0d6561b3af5447aa05d489bca85
+SIZE (mattn-go-runewidth-97311d9_GH0.tar.gz) = 22384
+SHA256 (mattn-go-isatty-v0.0.2_GH0.tar.gz) = c0681d72b185a8d4aa8f6a557d181bf25c6e3e7f3874711de507e550b25408bf
+SIZE (mattn-go-isatty-v0.0.2_GH0.tar.gz) = 3258
+SHA256 (mattn-go-sqlite3-v1.2.0_GH0.tar.gz) = ec21a30c397d0d3153d54b3aa71065481dd9702819006fb8bc0443a6ab47caa8
+SIZE (mattn-go-sqlite3-v1.2.0_GH0.tar.gz) = 1998473
+SHA256 (valyala-fasttemplate-dcecefd_GH0.tar.gz) = ba29e16f9b2d6425f500b40747b139c6ce88cdd26b60dcf5967fe9e6cf5f3eb7
+SIZE (valyala-fasttemplate-dcecefd_GH0.tar.gz) = 11627
+SHA256 (camlistore-go4-034d17a_GH0.tar.gz) = 1c9111f937747660e5cee7c6c435d010011d6fe506df5603b88cce4dd102f39c
+SIZE (camlistore-go4-034d17a_GH0.tar.gz) = 78850
+SHA256 (VividCortex-ewma-v1.0_GH0.tar.gz) = 7e62b9cc28b336f2496aa98da60f3a8ba6a1f0112f0493c60959e9bcc25709f3
+SIZE (VividCortex-ewma-v1.0_GH0.tar.gz) = 3609
+SHA256 (fatih-color-v1.5.0_GH0.tar.gz) = f22564848cd7d24022413c719bbc9c35d014ba7d19ee802b29ba5a93016d3250
+SIZE (fatih-color-v1.5.0_GH0.tar.gz) = 586937
diff --git a/security/go-cve-dictionary/files/go-cve-dictionary.in b/security/go-cve-dictionary/files/go-cve-dictionary.in
new file mode 100644
index 000000000000..ef483b29574b
--- /dev/null
+++ b/security/go-cve-dictionary/files/go-cve-dictionary.in
@@ -0,0 +1,64 @@
+#!/bin/sh
+
+# PROVIDE: %%PORTNAME%%
+# REQUIRE: LOGIN
+# KEYWORD: shutdown
+#
+# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
+# to enable this service:
+#
+# go_cve_dictionary_enable (bool): Set to NO by default
+# Set it to YES to enable the CVE server
+# go_cve_dictionary_user (string): Set user to run go_cve_dictionary
+# Default is "%%USERS%%"
+# go_cve_dictionary_group (string): Set group to run go_cve_dictionary
+# Default is "%%GROUPS%%"
+# go_cve_dictionary_db_path (string): Set database path
+# Default is "/var/db/vuls/cve.sqlite3"
+# go_cve_dictionary_db_type (string): Set database type
+# Default is "sqlite3"
+# go_cve_dictionary_log_file (string): Set file that go_cve_dictionary will log to
+# Default is "/var/log/vuls/go_cve_dictionary.log"
+# go_cve_dictionary_args (string): Set additional command line arguments
+# Default is ""
+
+. /etc/rc.subr
+
+name=go_cve_dictionary
+rcvar=go_cve_dictionary_enable
+
+load_rc_config $name
+
+: ${go_cve_dictionary_enable:="NO"}
+: ${go_cve_dictionary_user:="%%USERS%%"}
+: ${go_cve_dictionary_group:="%%GROUPS%%"}
+: ${go_cve_dictionary_db_path:="/var/db/vuls/cve.sqlite3"}
+: ${go_cve_dictionary_db_type:="sqlite3"}
+: ${go_cve_dictionary_log_file:="/var/log/vuls/go_cve_dictionary.log"}
+: ${go_cve_dictionary_args:=""}
+
+pidfile=/var/run/go_cve_dictionary.pid
+command="/usr/sbin/daemon"
+procname="%%PREFIX%%/bin/%%PORTNAME%%"
+
+command_args="-p ${pidfile} /usr/bin/env ${procname} server \
+ -dbpath=${go_cve_dictionary_db_path} \
+ -dbtype=${go_cve_dictionary_db_type} \
+ ${go_cve_dictionary_args} >> ${go_cve_dictionary_log_file} 2>&1"
+
+start_precmd=go_cve_dictionary_startprecmd
+
+go_cve_dictionary_startprecmd()
+{
+ if [ ! -e ${pidfile} ]; then
+ install -o ${go_cve_dictionary_user} -g ${go_cve_dictionary_group} \
+ -m 640 /dev/null ${pidfile};
+ fi
+ if [ ! -f "${go_cve_dictionary_log_file}" ]; then
+ install -o ${go_cve_dictionary_user} -g ${go_cve_dictionary_group} \
+ -m 640 /dev/null ${go_cve_dictionary_log_file};
+ fi
+}
+
+load_rc_config $name
+run_rc_command "$1"
diff --git a/security/go-cve-dictionary/files/patch-commands_fetchjvn.go b/security/go-cve-dictionary/files/patch-commands_fetchjvn.go
new file mode 100644
index 000000000000..060efc488de0
--- /dev/null
+++ b/security/go-cve-dictionary/files/patch-commands_fetchjvn.go
@@ -0,0 +1,29 @@
+--- commands/fetchjvn.go.orig 2017-06-26 10:39:59 UTC
++++ commands/fetchjvn.go
+@@ -3,7 +3,6 @@ package commands
+ import (
+ "context"
+ "flag"
+- "os"
+ "strconv"
+ "time"
+
+@@ -45,7 +44,7 @@ func (*FetchJvnCmd) Usage() string {
+ [-latest]
+ [-last2y]
+ [-years] 1998 1999 ...
+- [-dbpath=$PWD/cve.sqlite3 or connection string]
++ [-dbpath=/var/db/vuls/cve.sqlite3 or connection string]
+ [-dbtype=mysql|postgres|sqlite3|redis]
+ [-http-proxy=http://192.168.0.1:8080]
+ [-debug]
+@@ -65,8 +64,7 @@ func (p *FetchJvnCmd) SetFlags(f *flag.F
+ defaultLogDir := util.GetDefaultLogDir()
+ f.StringVar(&p.logDir, "log-dir", defaultLogDir, "/path/to/log")
+
+- pwd := os.Getenv("PWD")
+- f.StringVar(&p.dbpath, "dbpath", pwd+"/cve.sqlite3",
++ f.StringVar(&p.dbpath, "dbpath", "/var/db/vuls/cve.sqlite3",
+ "/path/to/sqlite3 or SQL connection string")
+
+ f.StringVar(&p.dbtype, "dbtype", "sqlite3",
diff --git a/security/go-cve-dictionary/files/patch-commands_fetchnvd.go b/security/go-cve-dictionary/files/patch-commands_fetchnvd.go
new file mode 100644
index 000000000000..e081ba1a7de3
--- /dev/null
+++ b/security/go-cve-dictionary/files/patch-commands_fetchnvd.go
@@ -0,0 +1,29 @@
+--- commands/fetchnvd.go.orig 2017-06-26 10:39:59 UTC
++++ commands/fetchnvd.go
+@@ -3,7 +3,6 @@ package commands
+ import (
+ "context"
+ "flag"
+- "os"
+ "strconv"
+ "time"
+
+@@ -43,7 +42,7 @@ func (*FetchNvdCmd) Usage() string {
+ [-last2y]
+ [-years] 2015 2016 ...
+ [-dbtype=mysql|postgres|sqlite3|redis]
+- [-dbpath=$PWD/cve.sqlite3 or connection string]
++ [-dbpath=/var/db/vuls/cve.sqlite3 or connection string]
+ [-http-proxy=http://192.168.0.1:8080]
+ [-debug]
+ [-debug-sql]
+@@ -65,8 +64,7 @@ func (p *FetchNvdCmd) SetFlags(f *flag.F
+ defaultLogDir := util.GetDefaultLogDir()
+ f.StringVar(&p.logDir, "log-dir", defaultLogDir, "/path/to/log")
+
+- pwd := os.Getenv("PWD")
+- f.StringVar(&p.dbpath, "dbpath", pwd+"/cve.sqlite3",
++ f.StringVar(&p.dbpath, "dbpath", "/var/db/vuls/cve.sqlite3",
+ "/path/to/sqlite3 or SQL connection string")
+
+ f.StringVar(&p.dbtype, "dbtype", "sqlite3",
diff --git a/security/go-cve-dictionary/files/patch-commands_server.go b/security/go-cve-dictionary/files/patch-commands_server.go
new file mode 100644
index 000000000000..a2c836a7bd66
--- /dev/null
+++ b/security/go-cve-dictionary/files/patch-commands_server.go
@@ -0,0 +1,29 @@
+--- commands/server.go.orig 2017-06-26 10:39:59 UTC
++++ commands/server.go
+@@ -3,7 +3,6 @@ package commands
+ import (
+ "context"
+ "flag"
+- "os"
+
+ "github.com/google/subcommands"
+ c "github.com/kotakanbe/go-cve-dictionary/config"
+@@ -37,7 +36,7 @@ func (*ServerCmd) Usage() string {
+ server
+ [-bind=127.0.0.1]
+ [-port=8000]
+- [-dbpath=$PWD/cve.sqlite3 or connection string]
++ [-dbpath=/var/db/vuls/cve.sqlite3 or connection string]
+ [-dbtype=mysql|postgres|sqlite3|redis]
+ [-debug]
+ [-debug-sql]
+@@ -56,8 +55,7 @@ func (p *ServerCmd) SetFlags(f *flag.Fla
+ defaultLogDir := util.GetDefaultLogDir()
+ f.StringVar(&p.logDir, "log-dir", defaultLogDir, "/path/to/log")
+
+- pwd := os.Getenv("PWD")
+- f.StringVar(&p.dbpath, "dbpath", pwd+"/cve.sqlite3",
++ f.StringVar(&p.dbpath, "dbpath", "/var/db/vuls/cve.sqlite3",
+ "/path/to/sqlite3 or SQL connection string")
+
+ f.StringVar(&p.dbtype, "dbtype", "sqlite3",
diff --git a/security/go-cve-dictionary/files/pkg-message.in b/security/go-cve-dictionary/files/pkg-message.in
new file mode 100644
index 000000000000..93125798b97d
--- /dev/null
+++ b/security/go-cve-dictionary/files/pkg-message.in
@@ -0,0 +1,19 @@
+===============================================================================
+Congratulations, you have installed %%PORTNAME%%!
+
+%%PORTNAME%% does not ship any CVE database.
+To download CVEs from 2002 until present run:
+
+for i in `seq 2002 $(date +"%Y")`; \
+ do %%PORTNAME%% fetchnvd -years $i; \
+ done
+
+After download, set the permissions of the CVE databases:
+
+chown %%USERS%%:%%GROUPS%% /var/db/vuls/* /var/log/vuls/*
+
+To enable %%PORTNAME%% and start:
+
+sysrc go_cve_dictionary_enable="YES"
+service %%PORTNAME%% start
+===============================================================================
diff --git a/security/go-cve-dictionary/pkg-descr b/security/go-cve-dictionary/pkg-descr
new file mode 100644
index 000000000000..d0fe55fafcd1
--- /dev/null
+++ b/security/go-cve-dictionary/pkg-descr
@@ -0,0 +1,7 @@
+go-cve-dictionary builds a a local copy of the National Vulnerabilities
+Database(NVD) and Japan Vulnerability Notes(JVN). NVD and JVN contain security
+vulnerabilities according to their CVE identifiers including exhaustive
+information and a risk score. The local copy is generated in sqlite format.
+A server is included for easy querying.
+
+WWW: https://github.com/kotakanbe/go-cve-dictionary/
diff --git a/security/go-cve-dictionary/pkg-plist b/security/go-cve-dictionary/pkg-plist
new file mode 100644
index 000000000000..6d8b031a70a1
--- /dev/null
+++ b/security/go-cve-dictionary/pkg-plist
@@ -0,0 +1,3 @@
+bin/%%GO_PKGNAME%%
+@dir(vuls,vuls,0775) /var/db/vuls
+@dir(vuls,vuls,0775) /var/log/vuls