[Bug 270547] ports-mgmt/pkg: missing information about security vulnerabilities in system components

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 270547] ports-mgmt/pkg: missing information about security vulnerabilities in system components"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 04 May 2023 20:05:47 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=270547

Miroslav Lachman <000.fbsd@quip.cz> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |000.fbsd@quip.cz

--- Comment #4 from Miroslav Lachman <000.fbsd@quip.cz> ---
(In reply to Graham Perrin from comment #1)
pkg audit works for base (kernel + world) for more than 6 years. It was
originally created by Mark Felder. Then I created a port for periodic script
https://www.freshports.org/security/base-audit/ which is now deleted as this
functionality is included in pkg for about year.
https://lists.freebsd.org/pipermail/freebsd-security/2016-August/009049.html

But Security Officer Team must publish SAs to VuXML. It will not work without
entries in database.
I think this PR should be assigned to Security Team, because maintainer of
ports-mgmt/pkg cannot do anything about it.

-- 
You are receiving this mail because:
You are the assignee for the bug.