From owner-freebsd-ports@freebsd.org  Tue Oct 10 09:50:20 2017
Return-Path: <owner-freebsd-ports@freebsd.org>
Delivered-To: freebsd-ports@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id B8E1DE2AED1
 for <freebsd-ports@mailman.ysv.freebsd.org>;
 Tue, 10 Oct 2017 09:50:20 +0000 (UTC) (envelope-from se@freebsd.org)
Received: from mailout04.t-online.de (mailout04.t-online.de [194.25.134.18])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mailout00.t-online.de",
 Issuer "TeleSec ServerPass DE-2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 7DDA074C54
 for <freebsd-ports@freebsd.org>; Tue, 10 Oct 2017 09:50:20 +0000 (UTC)
 (envelope-from se@freebsd.org)
Received: from fwd27.aul.t-online.de (fwd27.aul.t-online.de [172.20.26.132])
 by mailout04.t-online.de (Postfix) with SMTP id 1BCAE41B2E76
 for <freebsd-ports@freebsd.org>; Tue, 10 Oct 2017 11:50:18 +0200 (CEST)
Received: from Stefans-MBP-2.fritz.box
 (EYMsr6ZdQh5HyKpcuDagG3ioBjQYbeingT9YY2Kga9VQk7zb0N-br-9olvkj01KgEy@[87.151.210.245])
 by fwd27.t-online.de
 with (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384 encrypted)
 esmtp id 1e1rAy-3b1lM80; Tue, 10 Oct 2017 11:50:12 +0200
Subject: Re: New pkg audit FNs
To: freebsd-ports@freebsd.org
References: <nycvar.OFS.7.76.1710090833020.60492@eboyr.pbz>
 <b63f2936-e922-4a90-f256-6d7870dbd55b@FreeBSD.org>
 <tvz8-rrf3-wny@FreeBSD.org>
 <d56ddf99-a1fc-e813-67ed-ea6d65c8211f@FreeBSD.org>
 <o9pg-ouk5-wny@FreeBSD.org>
 <c75df693-11a2-e583-d0ba-713df1351623@FreeBSD.org>
From: Stefan Esser <se@freebsd.org>
Message-ID: <4bb6a7c4-1c60-81c7-d7c8-f58fc57b31c5@freebsd.org>
Date: Tue, 10 Oct 2017 11:50:11 +0200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:52.0)
 Gecko/20100101 Thunderbird/52.3.0
MIME-Version: 1.0
In-Reply-To: <c75df693-11a2-e583-d0ba-713df1351623@FreeBSD.org>
Content-Type: text/plain; charset=windows-1252
Content-Language: de-DE
Content-Transfer-Encoding: 7bit
X-ID: EYMsr6ZdQh5HyKpcuDagG3ioBjQYbeingT9YY2Kga9VQk7zb0N-br-9olvkj01KgEy
X-TOI-MSGID: a7c01d6c-e6ab-4612-894f-a32415a44287
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports/>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Oct 2017 09:50:20 -0000

Am 10.10.17 um 00:03 schrieb Steve Wills:
> Hi,
> 
> On 10/09/2017 17:55, Jan Beich wrote:
>> Why not
>> teach pkg-audit(8) to query NVD based on CPE annotations in *binary*
>> packages?
>> Doing so would also provide a workaround for VuXML entries cancelled
>> to reduce bloat.
> 
> I agree, pkg-audit needs to be taught to do that. Along those lines, we
> could create a port for cvechecker:
> 
> https://github.com/sjvermeu/cvechecker

I have a mostly working port of cvechecker, which I plan to commit
soonish.

Regards, STefan