>>>>> On Tue, 26 Aug 2025 20:25:25 +0000, Wall, Stephen said: > > I’d like to further point out that > https://vuxml.freebsd.org/freebsd/b945ce3f-6f9b-11f0-bd96-b42e991fc52e.html > is not being listed when I run `pkg audit` on the same system. That > vulnerability is listed in the `pkg audit sqlite2` output. I think it > should be, 3.46.1_1,1 is less than 3.49.1.
This is because the version number in this entry is missing the portepoch (the ",1" suffix), so it appears to be older than the installed version. A script is needed to audit the vuxl to find these broken entries. __Martin
