Subject: audit-packages update
To: None <tech-pkg@NetBSD.org>
From: Adrian Portelli <adrianp@stindustries.net>
List: tech-pkg
Date: 05/25/2007 20:43:43
Hi,

I've re-written audit-packages to get some performance improvements and
while doing this added some additional functionality including:

* eol packages (originally from jschauma@)
* downloading compressed copies of pkg-vulnerabilities (.gz and .bz2)
* checking the signature on the pkg-vulnerabilities file
* merge audit-packages/download-vulnerability-list into pkg_install

Everything should hopefully be clearly documented in the man pages.  You
can get the new code here:

	http://www.stindustries.net/NetBSD/stuff/audit-packages/

I've tested it on NetBSD 3.1 (i386), NetBSD 4.0_BETA2 (amd64) and OS/X.
I'm very interested in hearing from anyone trying this on other
non-NetBSD systems and any bulk builders.

I'll hopefully have the patches for pkg_install in the NetBSD base up
sometime after the weekend.

Thanks to joerg@, tron@, agc@ and pkgsrc-security@ for their help in
getting this running.

adrian.