Subject: pkg/32825: manpage inaccurate for audit-packages
To: None <,,>
From: None <>
List: pkgsrc-bugs
Date: 02/13/2006 20:05:00
>Number:         32825
>Category:       pkg
>Synopsis:       manpage inaccurate for audit-packages
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    pkg-manager
>State:          open
>Class:          doc-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Feb 13 20:05:00 +0000 2006
>Originator:     Anne Bennett
>Release:        NetBSD 3.0
System: NetBSD 3.0 NetBSD 3.0 (QUILL_AMD64) #4: Mon Jan 2 17:33:19 EST 2006 amd64
Architecture: x86_64
Machine: amd64
Manpage for audit-packages gives this syntax to ignore a vulnerability or a
package (or set of packages):

  -i [vulnid:vulnid|pkgpat:pattern]

which leads one to write something like:

  /usr/pkg/sbin/audit-packages -i vulnid:1721 -i vulnid:1722

... which doesn't work (vulnerabilities 1721 and 1722 are still
reported).  The syntax that *does* work as expected is:

  /usr/pkg/sbin/audit-packages -i 1721 -i 1722

See above.
Fix the manpage and/or add some code to the actual script to also
accept the form shown in the manpage.  For audit-packages,v 1.26
2005/11/21, the change would be needed at line 115, where after
the case for pkgpat:*), you might add a very similar case for