Date: Mon, 22 Sep 2014 02:25:11 -0700 From: Craig Rodrigues <rodrigc@freebsd.org> To: Victor Sudakov <vas@mpeks.tomsk.su> Cc: freebsd-pkg@freebsd.org Subject: Re: portaudit -C Message-ID: <CAG=rPVe=zP2OjGyFXTHbSmsQeU5Jj_PLwgYG0y9WHcUEjvJ9cg@mail.gmail.com> In-Reply-To: <20140922085626.GA93280@admin.sibptus.tomsk.ru> References: <20140921153841.GA75919@admin.sibptus.tomsk.ru> <CAG=rPVc9cC2-oSe_FAxkPTEWP-36YznowFcbtcx7s62y7YcObQ@mail.gmail.com> <20140922012612.GA81996@admin.sibptus.tomsk.ru> <CAG=rPVcgStOHU%2BW_ubjsbdCOBwKjPwkxhbExbPGnGJ5HXrx1xA@mail.gmail.com> <20140922085626.GA93280@admin.sibptus.tomsk.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Sep 22, 2014 at 1:56 AM, Victor Sudakov <vas@mpeks.tomsk.su> wrote: > > > > > > > > > cd /usr/ports/net/asterisk11 > > > > pkg audit `make -V PKGNAME` > > > > > > This requires that net/asterisk11 be already installed, doesn't it? > > > > > > > No. > > $ > $ pwd > /var/poudriere/ports/default/www/squid > $ pkg audit `make -V PKGNAME` > 0 problem(s) in the installed packages found. > $ > > I see the phrase "installed packages" there. > The message from 'pkg audit' is wrong. It parses /var/db/pkg/vuln.xml to list the vulnerabilities. If you give it an exact package name, it searches vuln.xml for that. The package does not need to be installed. For example: pkg audit phpmyfaq-1.5.2 -- Craig
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAG=rPVe=zP2OjGyFXTHbSmsQeU5Jj_PLwgYG0y9WHcUEjvJ9cg>