Date: Wed, 7 May 2014 08:17:46 -0700 From: "edflecko ." <edflecko@gmail.com> To: freebsd-questions@freebsd.org Subject: Re: pkg audit disagrees with pkg upgrade ??? Message-ID: <CAFS4T6aCsYT36gCW8mspLy-B08mOKGU13r7vstdfCZs75WfOwg@mail.gmail.com> In-Reply-To: <44d2fp8w7c.fsf@lowell-desk.lan> References: <CAFS4T6ZTGERL3a6DmkAhHMLG2C%2BNT6hbA--dgwwQZo9Gux_ogg@mail.gmail.com> <5369DF16.40000@qeng-ho.org> <CAFS4T6bWioVcjGNtCsxZgwxgnfavLdTPGvVUdcJPc=r%2Bi7%2BQJg@mail.gmail.com> <44d2fp8w7c.fsf@lowell-desk.lan>
next in thread | previous in thread | raw e-mail | index | archive | help
Cool! Thank you Lowell. :-) Ed On Wed, May 7, 2014 at 8:06 AM, Lowell Gilbert < freebsd-questions-local@be-well.ilk.org> wrote: > Don't top-post, please. > > "edflecko ." <edflecko@gmail.com> writes: > > > On Wed, May 7, 2014 at 12:21 AM, Arthur Chance <freebsd@qeng-ho.org> > wrote: > > > >> On 06/05/2014 21:27, edflecko . wrote: > >> > >>> I'm checking to see if I need to upgrade any installed packages. pkg > audit > >>> -F says I have three vulnerabilities, but when I run pkg upgrade -y, it > >>> thinks everything is O.K. (see below) > >>> > >>> Why the discrepancy? Which one should I believe? > >>> > >> > >> Apples and oranges. Just because a port has a vulnerability doesn't > >> necessarily mean there's a newer version available yet. > > > Great, thank you. > > > > Is there a way to see what package(s) is specifically using these > dependent > > packages? I might choose to remove the host package, for security > reasons, > > and thereby remove these as well. > > Sure. "pkg info -r <package-name>". See "man pkg-info" for details. > > Or, sometimes, I just try to "pkg delete" the package, and (if it's > still a dependency) I'll get an error message that tells me what depends > on it. >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAFS4T6aCsYT36gCW8mspLy-B08mOKGU13r7vstdfCZs75WfOwg>