portaudit -C

Craig Rodrigues rodrigc at freebsd.org
Mon Sep 22 09:25:14 UTC 2014


On Mon, Sep 22, 2014 at 1:56 AM, Victor Sudakov <vas at mpeks.tomsk.su> wrote:

>
> > > >
> > > > cd /usr/ports/net/asterisk11
> > > > pkg audit `make -V PKGNAME`
> > >
> > > This requires that net/asterisk11 be already installed, doesn't it?
> > >
> >
> > No.
>
> $
> $ pwd
> /var/poudriere/ports/default/www/squid
> $ pkg audit `make -V PKGNAME`
> 0 problem(s) in the installed packages found.
> $
>
> I see the phrase "installed packages" there.
>

The message from 'pkg audit' is wrong.  It parses /var/db/pkg/vuln.xml to
list the vulnerabilities.
If you give it an exact package name, it searches vuln.xml for that.  The
package does not need to be installed.

For example:

pkg audit phpmyfaq-1.5.2

--
Craig


More information about the freebsd-pkg mailing list