[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freebsd-ports
Subject:    Re: ports/126853: ports-mgmt/portaudit: speed up audit of
From:       Eygene Ryabinkin <rea-fbsd () codelabs ! ru>
Date:       2008-09-28 12:14:24
Message-ID: 4bESZpNwE3z/DdlE2fwK/BXzQSo () 2MQ0uKCiT7mdMUuLeUzs8Nv3ToQ
[Download RAW message or body]


Miroslav, good day.

Sun, Sep 28, 2008 at 01:15:01PM +0200, Miroslav Lachman wrote:
> Is there any possibility to cooperate portaudit / pkg_audit with 
> pkg_version to show vulnerable package with information if newer (not 
> vulnerable) package (or port) version is available for upgrade to?
> 
> If I read nightly security e-mail with for example 4 vulnerable 
> packages, then I need to log in to server and manualy try, if newer 
> (fixed) packages are available. It seems not so hard to check output of 
> `pkg_version -vIL =` and compare both versions (installed and available) 
> with portaudit in some shellscript, I didn't start to write it yet ;).

I think it won't be very hard: I'll try to see how to extend portaudit
with such functionality -- it would be very handy, in my opinion.

Hadn't you have a chance to test my patch?

Thanks!
-- 
Eygene
 _                ___       _.--.   #
 \`.|\..----...-'`   `-._.-'_.-'`   #  Remember that it is hard
 /  ' `         ,       __.--'      #  to read the on-line manual   
 )/' _/     \   `-_,   /            #  while single-stepping the kernel.
 `-'" `"\_  ,_.-;_.-\_ ',  fsc/as   #
     _.-'_./   {_.'   ; /           #    -- FreeBSD Developers handbook 
    {_.-``-'         {_/            #

[Attachment #3 (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]