checking for vulnerabilities?
Ryan Schmidt
ryandesign at macports.org
Mon Dec 3 15:55:02 PST 2007
On Dec 3, 2007, at 16:54, George Georgalis wrote:
> With in my root crontab (sudo crontab -e) I run:
> port selfupdate
> port sync && port outdated
FYI, "selfupdate" includes "sync" so if you just did "selfupdate" you
don't need to "sync" also; it's already been done for you.
> which is handy to identify when I need to upgrade.
> but what about when a vulnerability is known for
> which a port upgrade is not yet available? Is
> there any way to query installed ports for known
> vulnerabilities?
There is absolutely nothing in place to separately deal with
vulnerabilities. They would be handled like any other problem with a
port. Someone would file a ticket in Trac and assign it to the
maintainer and the maintainer would deal with it. If the port has no
maintainer, someone would have to notice the ticket and deal with it.
If you're interested in seeing if there are any open issues with
ports you use, search for the port name in Trac.
More information about the macports-users
mailing list