Subject: audit-packages update
To: None <>
From: Adrian Portelli <>
List: tech-pkg
Date: 05/25/2007 20:43:43

I've re-written audit-packages to get some performance improvements and
while doing this added some additional functionality including:

* eol packages (originally from jschauma@)
* downloading compressed copies of pkg-vulnerabilities (.gz and .bz2)
* checking the signature on the pkg-vulnerabilities file
* merge audit-packages/download-vulnerability-list into pkg_install

Everything should hopefully be clearly documented in the man pages.  You
can get the new code here:

I've tested it on NetBSD 3.1 (i386), NetBSD 4.0_BETA2 (amd64) and OS/X.
I'm very interested in hearing from anyone trying this on other
non-NetBSD systems and any bulk builders.

I'll hopefully have the patches for pkg_install in the NetBSD base up
sometime after the weekend.

Thanks to joerg@, tron@, agc@ and pkgsrc-security@ for their help in
getting this running.