tech-pkg: Re: pkg/19479: pkgsrc waits until package is built to check for

Subject: Re: pkg/19479: pkgsrc waits until package is built to check for
To: None <franklin@elfie.org>
From: Jeremy C. Reed <reed@reedmedia.net>
List: tech-pkg
Date: 12/20/2002 16:59:26

On Fri, 20 Dec 2002 franklin@elfie.org wrote:

> >Synopsis:  pkgsrc waits until package is built to check for security
> >alert

> >How-To-Repeat:
>
> cd /usr/pkgsrc
> cvs update -r netbsd-1-5-PATCH003

You requested the old (non-updated) version.

> cd www/w3m
> make install
> >Fix:
>
> Add checks early on in the make process that a package has a security
> alert issued for it.

Are you talking about audit-packages?

Are you suggesting checking the vulnerabilities list at beginning of the
make? That does sound like an okay idea (if audit-packages is installed).

   Jeremy C. Reed
   http://bsd.reedmedia.net/