On Thu, Aug 29, 2002 at 03:50:53PM -0400, Steven M. Bellovin wrote:
> In message <20020829192035.GA532@antioche.eu.org>, Manuel Bouyer writes:
> >
> >It's in pkgsrc. The binary may not be there for the same reason as
> >mozilla.
> 
> And of course, right now the pkgsrc version of Mozilla has a security
> advisory on it...

Is there some way pkg_add could detect and inform the user of packages
that are missing because of security advisories?  (Obviously, from
network sources.)  Similarly, does pkg_add take advantage of
audit-packages if present?  Say, you install a package from a CDROM
that's old and has a security advisory on it.  Pkg-add could allow it to
proceed (user selectable), but inform the user of the advisory via
audit-packages.

jf
-- 
John Franklin
franklin@elfie.org
ICBM: 35°43'56"N 78°53'27"W