Jonathan Perkin via smartos-discuss writes: >* On 2014-10-20 at 16:53 PDT, Joe Malcolm via smartos-discuss wrote: > >> Is there a way using pkgin to check packages against the pkgsrc >> vulnerabilities list? >> >> ftp://ftp.netbsd.org/pub/pkgsrc/distfiles/vulnerabilities > >No, it's pkg_admin(1)'s job to do that. The normal usage is: > > # Download latest vulnerabilities file > $ pkg_admin fetch-pkg-vulnerabilities > > # Show current vulnerabilities in installed packages > $ pkg_admin audit
Thank you! Is it the case that images with preinstalled packages will have the necessary pkg metadata for this to work? Also - is there any equivalent for unpackaged things in an image? E.g., /bin/bash comes to mind. >> This file does not seem to be in the githib joyent pkgsrc repository, >> which may or may not be relevant. > >It is distributed outside of pkgsrc deliberately, so that it can >easily be updated and downloaded independently across branches. OK. One more question - if a fix is applied to a specific package branch (e.g., the bash thing), does that rev the package version in some way that it will no longer be flagged by pkg_admin audit? Joe ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
