FreeBSD flood of 8 breakage announcements in 3 mins.
Miroslav Lachman
000.fbsd at quip.cz
Thu May 16 09:41:26 UTC 2019
Alan Somers wrote on 2019/05/16 05:16:
> On Wed, May 15, 2019 at 9:14 PM Miroslav Lachman <000.fbsd at quip.cz> wrote:
>> It would also be good if base system vulnerabilities are first published
>> in FreeBSD vuxml. Then it can be reported to sysadmins by package
>> security/base-audit.
>
> +1. Reporting base + ports vulnerabilities in a common way would be
> great. I assume that this is already part of the pkgbase project
> being worked on by brd and others.
The functionality is already there. The only part missing is Security
Office should fill the data in to vuxml at the time of publishing new SA.
Thanks to Mark Felder
https://blog.feld.me/posts/2016/08/monitoring-freebsd-base-system-vulnerabilities-with-pkg-audit/
Then I provided periodic script
https://www.freshports.org/security/base-audit/
Miroslav Lachman
More information about the freebsd-stable
mailing list