maintainer-feedback requested: [Bug 256236] ports-mgmt/pkg: audit command didn't work properly with port epoch

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 256236] ports-mgmt/pkg: audit command didn't work properly with port epoch"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Sat, 29 May 2021 08:00:53 UTC

Bugzilla Automation <bugzilla@FreeBSD.org> has asked freebsd-pkg (Nobody)
<pkg@FreeBSD.org> for maintainer-feedback:
Bug 256236: ports-mgmt/pkg: audit command didn't work properly with port epoch
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256236



--- Description ---
Hi.

We skip some important information about security vulnerabilities if port epoch
> 1.

For example:

server1# pkg audit nginx-1.20.0_2,1
nginx-1.20.0_2,1 is vulnerable:
........


Works well. But if we change the epoch to 2:


server1# pkg audit nginx-1.20.0_2,2
0 problem(s) in 0 installed package(s) found.


The nginx port is currently at epoch 2.