On Wed, 25 Jan 2006, Steven M. Bellovin wrote:

> Like many others, I run audit-packages to learn what I need to update.  
> When I get hits, I do a 'cvs update' and try to build.  Normally, that 
> takes at least several days, with the added load on the CVS servers.  
> It would be nice if there was a single file, updated daily, that had 
> the version string for each package.  I could then write a script that 
> would pull down the version strings for every insecure package I have, 
> and check those strings against the vulnerabilities file.
> 
> Is this feasible?  I don't see any target that would produce the 
> version string that we need.

Can you describe this more?

Is this what you mean?

 pkg_info -Q PKGPATH -a | while read p ; do cd $p && bmake show-var \
   VARNAME=PKGNAME ; cd ${OLDPWD} ; done


 Jeremy C. Reed

 	  	 	 BSD News, BSD tutorials, BSD links
	  	 	 http://www.bsdnewsletter.com/