Working of "pkg audit <package name>"
parv at pair.com
parv at pair.com
Sat Oct 3 08:01:09 UTC 2015
Correction ...
in message <20151003074210.GA50460 at holstein.holy.cow>,
wrote parv at p thusly...
>
...
> Firefox 39 or 40 had been installed from ports. I got tired of
> seeing package being vulnerable on every ports tree update process
> that rebuilds "security/vuxml". As the "www/firefox" port has not
> been updated yet, so I fetched source of firefox 41.0.1; updated
> distinfo; installed (after rebuilding databases/sqlite3 with DBSTAT
> option & moving out "files/patch-bug702179" out of "files").
...
> At least the installed firefox is not vulnerable any more (yet).
Apparently per pkg-version
# pkg version -t 41.0.1 41.0,1
<
... & ...
https://vuxml.freebsd.org/freebsd/2d56c7f4-b354-428f-8f48-38150c607a05.html
... 41.0.1 is still vulnerable. But according to ...
https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/
... there are no outstaning vulnerabilities.
Now I am confused.
--
More information about the freebsd-questions
mailing list