Date: Tue, 19 Oct 2004 20:32:13 -0400 (EDT) From: Dan Langille <dan@langille.org> To: "Jacques A. Vidrine" <nectar@FreeBSD.org> Cc: freebsd-vuxml@freebsd.org Subject: Re: can portaudit report a fixed date/version? Message-ID: <20041019202849.Q99899@xeon.unixathome.org> In-Reply-To: <20041019213329.GB45466@madman.celabo.org> References: <20041017201037.V55729@xeon.unixathome.org> <20041019163753.U74644@xeon.unixathome.org> <20041019213329.GB45466@madman.celabo.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 19 Oct 2004, Jacques A. Vidrine wrote: > > It would save many admins quite a bit of time. > > How so? (serious question) I don't have time just now to answer the other questions but I can answer this one. Portaudit tells me that port xyz is vulnerable. But there there is no fix. How do I know when there is a fix? Only by checking FreshPorts, cvs logs, the ports tree, trying to install the port, portupgrade, etc. I could do this daily for days without a fix. Instead, if portaudit reported that port xyz is vulernable and that there is a fix (if there actually is a fix), then all I need to do is monitor my daily security email that automagically includes the output of portaudit. I can then instantly know that it's time to run portupgrade on port xyz. -- Dan Langille - http://www.langille.org/ BSDCan - The Technical BSD Conference: http://www.bsdcan.org/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041019202849.Q99899>