On 8 September 2016 at 05:25, Mark Felder <f...@freebsd.org> wrote: > I have been toying with the idea of creating a port that provides a > script called "baseaudit" that can make it very easy to check your > system for known vulns. With the majority of the logic in this script we > could also include this periodic script in the package which would check > nightly as well. Perhaps we should collaborate on this together? I will > need to review your script in detail but at a glance it appears very > thorough. > > > Thanks! > > -- > Mark Felder > ports-secteam member > f...@freebsd.org >
Just a thought, once we move to PkgBase, will this simply work work "pkg audit"? Are the new vuxml entries in the correct format to detect for individual base packages? E.g. FreeBSD-libxo, FreeBSD-libxo-debug, FreeBSD-libxo-development Are the new vuxml entries in a format that would support PkgBase for releases as well as for stable/current? E.g. FreeBSD-libxo-12.0_2, FreeBSD-libxo-12.0.s20160903042939 Regards, Ben _______________________________________________ freebsd-security@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
