New pkg audit FNs
jbeich at FreeBSD.org
Mon Oct 9 21:55:26 UTC 2017
Steve Wills <swills at FreeBSD.org> writes:
> On 10/09/2017 16:34, Jan Beich wrote:
>> Matthew Seaman <matthew at FreeBSD.org> writes:
>>> On 09/10/2017 16:57, Roger Marquis wrote:
>>>> Can anyone say what mechanisms the ports-security team might have in
>>>> place to monitor CVEs and port software versions?
> I've been hacking at a prototype for scanning what I can find:
Wouldn't that encourage copypasta, exacerbating filesize issue? Why not
teach pkg-audit(8) to query NVD based on CPE annotations in *binary* packages?
Doing so would also provide a workaround for VuXML entries cancelled
to reduce bloat.
More information about the freebsd-ports