CVS commit: pkgsrc/templates

["Nia Alarie" <nia%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   nia
Date:           Thu Feb 18 10:44:07 UTC 2021

Modified Files:
        pkgsrc/templates: README.pkg

Log Message:
README.pkg: be more realistic about CVEs in the age of fuzzing


To generate a diff of this commit:
cvs rdiff -u -r1.28 -r1.29 pkgsrc/templates/README.pkg

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/templates/README.pkg
diff -u pkgsrc/templates/README.pkg:1.28 pkgsrc/templates/README.pkg:1.29
--- pkgsrc/templates/README.pkg:1.28    Sat Feb  4 03:47:47 2017
+++ pkgsrc/templates/README.pkg Thu Feb 18 10:44:07 2021
@@ -1,5 +1,5 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
-<!-- $NetBSD: README.pkg,v 1.28 2017/02/04 03:47:47 riastradh Exp $ -->
+<!-- $NetBSD: README.pkg,v 1.29 2021/02/18 10:44:07 nia Exp $ -->
 <html>
 <head>
 <title>The NetBSD Packages Collection: %%PORT%%</title>
@@ -47,12 +47,11 @@ The following security vulnerabilities a
 <UL>
 %%VULNERABILITIES%%
 </UL>
-If you have a vulnerable package installed on any machine, you are
-advised to remove the package
-immediately, using the standard package tools.
 The <a href="../../pkgtools/pkg_install/README.html">pkg_admin audit</a>
 command locates any installed package which has been mentioned in
-security advisories as being vulnerable.
+security advisories as having vulnerabilities.
+Please note the vulnerabilities database might not be fully accurate,
+and not every bug is exploitable with every configuration.
 </P>