Date: Sat, 12 Dec 2020 19:14:02 +0000 From: bugzilla-noreply@freebsd.org To: pkg@FreeBSD.org Subject: [Bug 212306] ports-mgmt/pkg patch to add ability to run pkg audit on base from periodic Message-ID: <bug-212306-32340-vdRZXZI7aB@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-212306-32340@https.bugs.freebsd.org/bugzilla/> References: <bug-212306-32340@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D212306 --- Comment #5 from Miroslav Lachman <000.fbsd@quip.cz> --- (In reply to Dan Langille from comment #4) There is a difference between 410.pkg-audit and 405.pkg-base-audit. The lat= er checks vulnerabilities in base not in packages from ports tree. Your command output shows vulnerabilities in packages, namely curl. 405.pkg-base-audit will report vulnerability in kernel or FreeBSD userland = and this is still missing from pkg itself. 405.pkg-base-audit is separate port. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-212306-32340-vdRZXZI7aB>