New pkg audit FNs

Jan Beich jbeich at
Mon Oct 9 21:55:26 UTC 2017

Steve Wills <swills at> writes:

> Hi,
> On 10/09/2017 16:34, Jan Beich wrote:
>> Matthew Seaman <matthew at> writes:
>>> On 09/10/2017 16:57, Roger Marquis wrote:
>>>> Can anyone say what mechanisms the ports-security team might have in
>>>> place to monitor CVEs and port software versions? 
> I've been hacking at a prototype for scanning what I can find:

Wouldn't that encourage copypasta, exacerbating filesize issue? Why not
teach pkg-audit(8) to query NVD based on CPE annotations in *binary* packages?
Doing so would also provide a workaround for VuXML entries cancelled
to reduce bloat.

More information about the freebsd-ports mailing list