On 16 Aug 2016, JosC wrote:
In the absence of running 'pkg audit -F', only
the"LOCALBASE/periodic/security/410.pkg-audit script updates the vuxml
file and audit results. Until that happens, or pkg audit -F is run, pkg
will still see an older version.
Thinking with you I now ask myself:
- Would
On Tue, Aug 16, 2016, at 11:41, Roger Marquis wrote:
>
> There's also an issue with older versions (perl 5.1*) no longer showing
> up in the vuln.xml at all. I've seen perl, php and other critical
> network components still in use because the site depended on 'pkg audit'
> but did not know that
