Miroslav, good day. Sun, Sep 28, 2008 at 01:15:01PM +0200, Miroslav Lachman wrote: > Is there any possibility to cooperate portaudit / pkg_audit with > pkg_version to show vulnerable package with information if newer (not > vulnerable) package (or port) version is available for upgrade to? > > If I read nightly security e-mail with for example 4 vulnerable > packages, then I need to log in to server and manualy try, if newer > (fixed) packages are available. It seems not so hard to check output of > `pkg_version -vIL =` and compare both versions (installed and available) > with portaudit in some shellscript, I didn't start to write it yet ;).
I think it won't be very hard: I'll try to see how to extend portaudit with such functionality -- it would be very handy, in my opinion. Hadn't you have a chance to test my patch? Thanks! -- Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-\_ ', fsc/as # _.-'_./ {_.' ; / # -- FreeBSD Developers handbook {_.-``-' {_/ #
pgpT8Y0bE7cmY.pgp
Description: PGP signature