portaudit -C
Craig Rodrigues
rodrigc at freebsd.org
Mon Sep 22 09:25:14 UTC 2014
On Mon, Sep 22, 2014 at 1:56 AM, Victor Sudakov <vas at mpeks.tomsk.su> wrote:
>
> > > >
> > > > cd /usr/ports/net/asterisk11
> > > > pkg audit `make -V PKGNAME`
> > >
> > > This requires that net/asterisk11 be already installed, doesn't it?
> > >
> >
> > No.
>
> $
> $ pwd
> /var/poudriere/ports/default/www/squid
> $ pkg audit `make -V PKGNAME`
> 0 problem(s) in the installed packages found.
> $
>
> I see the phrase "installed packages" there.
>
The message from 'pkg audit' is wrong. It parses /var/db/pkg/vuln.xml to
list the vulnerabilities.
If you give it an exact package name, it searches vuln.xml for that. The
package does not need to be installed.
For example:
pkg audit phpmyfaq-1.5.2
--
Craig
More information about the freebsd-pkg
mailing list