Date: Thu, 04 May 2023 20:05:47 +0000 From: bugzilla-noreply@freebsd.org To: pkg@FreeBSD.org Subject: [Bug 270547] ports-mgmt/pkg: missing information about security vulnerabilities in system components Message-ID: <bug-270547-32340-wJSkGZYytA@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-270547-32340@https.bugs.freebsd.org/bugzilla/> References: <bug-270547-32340@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D270547 Miroslav Lachman <000.fbsd@quip.cz> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |000.fbsd@quip.cz --- Comment #4 from Miroslav Lachman <000.fbsd@quip.cz> --- (In reply to Graham Perrin from comment #1) pkg audit works for base (kernel + world) for more than 6 years. It was originally created by Mark Felder. Then I created a port for periodic script https://www.freshports.org/security/base-audit/ which is now deleted as this functionality is included in pkg for about year. https://lists.freebsd.org/pipermail/freebsd-security/2016-August/009049.html But Security Officer Team must publish SAs to VuXML. It will not work witho= ut entries in database. I think this PR should be assigned to Security Team, because maintainer of ports-mgmt/pkg cannot do anything about it. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-270547-32340-wJSkGZYytA>