Date: Tue, 10 Oct 2017 11:50:11 +0200 From: Stefan Esser <se@freebsd.org> To: freebsd-ports@freebsd.org Subject: Re: New pkg audit FNs Message-ID: <4bb6a7c4-1c60-81c7-d7c8-f58fc57b31c5@freebsd.org> In-Reply-To: <c75df693-11a2-e583-d0ba-713df1351623@FreeBSD.org> References: <nycvar.OFS.7.76.1710090833020.60492@eboyr.pbz> <b63f2936-e922-4a90-f256-6d7870dbd55b@FreeBSD.org> <tvz8-rrf3-wny@FreeBSD.org> <d56ddf99-a1fc-e813-67ed-ea6d65c8211f@FreeBSD.org> <o9pg-ouk5-wny@FreeBSD.org> <c75df693-11a2-e583-d0ba-713df1351623@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Am 10.10.17 um 00:03 schrieb Steve Wills: > Hi, > > On 10/09/2017 17:55, Jan Beich wrote: >> Why not >> teach pkg-audit(8) to query NVD based on CPE annotations in *binary* >> packages? >> Doing so would also provide a workaround for VuXML entries cancelled >> to reduce bloat. > > I agree, pkg-audit needs to be taught to do that. Along those lines, we > could create a port for cvechecker: > > https://github.com/sjvermeu/cvechecker I have a mostly working port of cvechecker, which I plan to commit soonish. Regards, STefan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4bb6a7c4-1c60-81c7-d7c8-f58fc57b31c5>