From owner-freebsd-questions@freebsd.org Sun Nov 27 07:24:35 2016 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6B27FC58592 for ; Sun, 27 Nov 2016 07:24:35 +0000 (UTC) (envelope-from odhiambo@gmail.com) Received: from mail-wj0-x22c.google.com (mail-wj0-x22c.google.com [IPv6:2a00:1450:400c:c01::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 037B63C8 for ; Sun, 27 Nov 2016 07:24:35 +0000 (UTC) (envelope-from odhiambo@gmail.com) Received: by mail-wj0-x22c.google.com with SMTP id xy5so90183694wjc.0 for ; Sat, 26 Nov 2016 23:24:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:from:date:message-id:subject:to; bh=d+6RNPqEOs1YGkoSkwpg7KaUxMurE9Z6elC2DR3eIpc=; b=pcUARsZstHvYXdt9Bl3IPr/8akIwH4U9LzOf+C1nIWLW8tRm//oUYnBcflaae5N1L7 rS1uNF5zniI2m2+fJB3smesSg7nJLCgJo+S/7iShDIWtUzGO7uALWsA0ihpEKIv7IZcy UGmcJ9YhjcJNQINVWfafwRbpJpW0oSv+ryp3SQ1d3zooldGUW7LSIJ3CUB3FDpNLa433 8P3MtChMYuVcPcDN5Q5TKfW50DpbFTGBY7f01EfY2pja75NHS6K/o8/P1RRtcLZ2nzHd 5JIJuVvzghlHwyZ2lx/HtTX5D4Y1HByPQel1hW9ZKRBS2QerLGHNXiXywXH3ztBoNvF6 7BRQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=d+6RNPqEOs1YGkoSkwpg7KaUxMurE9Z6elC2DR3eIpc=; b=MUE53JzQGNBzBpZI6ImOUoiNqeU2uPwAdYCsJ9j8ULp8Of5SKNtNgcON5sVLV2CbET eOy2S3eXNGiVCDi4U9zCn+lXn+4cAtHz/+0rPoSZwbRg//iqETzjUbdzCgB0H5g08+ng 4M+XfVWGu09ex7PJfeCpY9omT1/LcRZ/1D1WjuPR3D1E0zL6Ls5GyrPatezjswX/CnlL wI6oz44T5Ukw0pegVmHq5fvD5OU/aU5v1OsMpCKVRQX+gHLLzroBbmk7gaincNg7LBiD 3BwE2yo2VwrvZLjeqigSR7nxxEyRGdxpMMExZ6wqMsaN4fRZYFXOJgkfR3S4b9TCiChQ Wzmg== X-Gm-Message-State: AKaTC0247JRbF4i/vdTP0sEyZ2p/0+d7aRTvYJgWhOlrea0gwS9Gj8YZjoKrIhqZcpTsUjvwKM9MtXzhv0+4SA== X-Received: by 10.194.86.165 with SMTP id q5mr13645770wjz.178.1480231473170; Sat, 26 Nov 2016 23:24:33 -0800 (PST) MIME-Version: 1.0 Received: by 10.194.44.69 with HTTP; Sat, 26 Nov 2016 23:23:52 -0800 (PST) From: Odhiambo Washington Date: Sun, 27 Nov 2016 10:23:52 +0300 Message-ID: Subject: Dealing with (multiple) pkgs with security vulnerabilities. To: User Questions Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Nov 2016 07:24:35 -0000 Hi, Part of my security run output contains a long list of packages with vulnerabilities. 'pkg audit -F' returns a listing of these pkgs with enough details, but pkg update && pkg upgrade returns nothing so I suppose there is a better way to deal with these. I know I can manually do 'make -C /path/to/port/directory clean reinstall clean', but that is so manual and tirng even just for 10 pkgs to be updated. What is the easiest way of doing a batch update for all the listed pkgs? * Checking for packages with security vulnerabilities: Database fetched: Fri Nov 25 04:06:20 EAT 2016* ipsec-tools-0.7.2 python27-2.7.10 libgcrypt-1.6.3 libXi-1.7.4_1,1 libXv-1.0.10_3,1 libXfixes-5.0.1_3 jasper-1.900.1_14 sqlite3-3.8.10.2 libxslt-1.1.28_7 gnutls-3.3.16 tiff-4.0.4 libidn-1.31 png-1.6.17_1 ffmpeg-2.7.2,1 isc-dhcp42-server-4.2.8_1 libXrandr-1.4.2_3 sudo-1.8.14p3 libXtst-1.2.2_3 libotr-4.1.0_1 p5-PathTools-3.4700_1 neon28-0.28.2_1 openslp-1.2.1_5 libxml2-2.9.2_3 expat-2.1.0_2 perl5-5.20.2_5 libssh2-1.4.3_5,2 nss-3.19.2 pcre-8.37_2 libX11-1.6.2_3,1 libtasn1-4.5_1 libvpx-1.4.0 graphite2-1.2.4 libXvMC-1.0.9 libXrender-0.9.8_3 ruby-2.1.6,1 unzip-6.0_6 curl-7.43.0_2 nspr-4.10.8_1 gdk-pixbuf2-2.31.2_2 libvncserver-0.9.9_11 wget-1.16.3 mailman-with-htdig-2.1.14 * -- End of security output -- * -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft."