Alan Somers wrote on 2019/05/16 05:16:
On Wed, May 15, 2019 at 9:14 PM Miroslav Lachman <000.f...@quip.cz> wrote:
It would also be good if base system vulnerabilities are first published
in FreeBSD vuxml. Then it can be reported to sysadmins by package
security/base-audit.
+1. Reporting base + ports vulnerabilities in a common way would be
great. I assume that this is already part of the pkgbase project
being worked on by brd and others.
The functionality is already there. The only part missing is Security
Office should fill the data in to vuxml at the time of publishing new SA.
Thanks to Mark Felder
https://blog.feld.me/posts/2016/08/monitoring-freebsd-base-system-vulnerabilities-with-pkg-audit/
Then I provided periodic script
https://www.freshports.org/security/base-audit/
Miroslav Lachman
_______________________________________________
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
