pkg audit-pkg RFQ
Roger Marquis
marquis at roble.com
Fri Aug 21 14:42:08 UTC 2015
Matthew Seaman wrote:
> pkg audit already takes an optional pkgname argument, and it will give
> you all the vulnerability reports for that package, even if not
> installed.
Great news, thanks Matt. Didn't see this while perusing the source code.
Perhaps the man page should be updated:
< audit Audit installed packages against known vulnerabilities.
> audit Audit installed packages or package/s specified on the command line against known vulnerabilities.
> What it doesn't do is filter by either the installed version or the
> available versions in your configured repos. That would be good
> functionality to have, but I don't think it warrants adding a whole extra
> verb to pkg(8); just a few command line flags to pkg audit.
Also doesn't parse stdin but I agree this should be easy to workaround.
Roger
More information about the freebsd-pkg
mailing list