|Front | Info | Lists | Newsfeeds | Study Guide | What is BSD?|
This is the BSDA Study Guide Book written via a wiki collaboration. This is a work in progress. You may contribute to or discuss this specific page at http://bsdwiki.reedmedia.net/wiki/Determine_which_software_have_outstanding_security_advisories.html.
Determine which software have outstanding security advisories
Recognize the importance of being aware of software security vulnerabilities . Also recognize the third-party utilities which integrate with the BSD package managers to determine which software has outstanding vulnerabilities.
portaudit: system to check installed packages for known vulnerabilities
portaudit -a prints a vulnerability report for all installed packages
portaudit -F fetches current database from FreeBSD servers
portaudit -Fa (does both at one time, very useful)
TODO: mention enabling periodic portaudit script
The following is an example of using portaudit on FreeBSD. (The "-d" option prints the date of the vulnerability database.)
audit-packages for Dragonfly and NetBSD; portaudit and vuxml for FreeBSD and OpenBSD
TODO: verify for OpenBSD?