Date: Fri, 11 Aug 2017 14:47:37 -0700 (PDT) From: Roger Marquis <marquis@roble.com> To: Remko Lodder <remko@FreeBSD.org> Cc: freebsd-security@freebsd.org, freebsd-pkg@freebsd.org Subject: Re: pkg audit false negatives Message-ID: <nycvar.OFS.7.76.1708111441430.53156@eboyr.pbz> In-Reply-To: <D12FD70B-2F2B-4895-AB9D-1BD72F8512B6@FreeBSD.org> References: <nycvar.OFS.7.76.1708101931090.13252@eboyr.pbz> <C540BA50-5F06-4F99-A575-D27347A3F527@FreeBSD.org> <D12FD70B-2F2B-4895-AB9D-1BD72F8512B6@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> It had been resolved for dovecot (it will now match both variants, since people might still have > the old variant of the port installed) and there is a new paragraph added to the porters handbook > which tells that we need to have a look at the vuxml entries. Thanks Remko. > Hope this solves your issue, It may for renamed ports/pkgs but doesn't appear to for deprecations. Once ports are dropped they do not show up in pkg-audit despite having been installed via pkg and/or ports. That's the false negative that appears to still be a problem. Roger
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?nycvar.OFS.7.76.1708111441430.53156>