Date: Sat, 12 Dec 2020 19:14:02 +0000 From: bugzilla-noreply@freebsd.org To: pkg@FreeBSD.org Subject: [Bug 212306] ports-mgmt/pkg patch to add ability to run pkg audit on base from periodic Message-ID: <bug-212306-32340-vdRZXZI7aB@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-212306-32340@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212306 --- Comment #5 from Miroslav Lachman <000.fbsd@quip.cz> --- (In reply to Dan Langille from comment #4) There is a difference between 410.pkg-audit and 405.pkg-base-audit. The later checks vulnerabilities in base not in packages from ports tree. Your command output shows vulnerabilities in packages, namely curl. 405.pkg-base-audit will report vulnerability in kernel or FreeBSD userland and this is still missing from pkg itself. 405.pkg-base-audit is separate port. -- You are receiving this mail because: You are the assignee for the bug.help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-212306-32340-vdRZXZI7aB>