Subject: Re: update-vulnerability-list via CVS?
To: None <firstname.lastname@example.org>
From: pancake <email@example.com>
Date: 06/20/2005 15:41:50
I think that would be good to have the same vuln-file also in HTTP. Because FTP is unaccessible behind some firewalls, and it's an important file to be catched by a server.
what do you think?
On Mon, 20 Jun 2005 14:03:55 +0200
Geert Hendrickx <firstname.lastname@example.org> wrote:
> I have been wondering for a while why the pkg-vulnerabilities file has
> to been downloaded completely via FTP each time. Since it's largely an
> append-only file, it could very well be synchronised via CVS, if the
> file was somewhere in the pkgsrc/ CVS repository.
> I have been messing with the download-vulnerability-list script (to be
> renamed to update-vulnerability-list), assuming the vulnerabilities file
> is in the root of $PKGSRCDIR. It cvs updates the file if it's already
> there, and checks it out otherwise. This way the file would also be
> updated on a regular pkgsrc update. (see patch in attachment)
> What do you think?