pkgsrc-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: pkgsrc guide: Incorrect URL for security vulnerabilities file
[Adding netbsd-docs@ to recipients]
On Sat, 9 May 2020 at 05:57, Martin Husemann <martin%duskware.de@localhost> wrote:
>
> On Sat, May 09, 2020 at 01:00:18AM +0200, Jesus Cea wrote:
> > According to
> > <https://www.netbsd.org/docs/pkgsrc/faq.html#audit-packages>, the
> > vulnerability file is available at
> > <ftp://ftp.NetBSD.org/pkgsrc/distfiles/pkg-vulnerabilities>. That URL is
> > wrong.
>
> Why do you think so?
>
> > The right one is
> > <ftp://ftp.netbsd.org/pub/NetBSD/packages/vulns/pkg-vulnerabilities>.
>
> That one does not exist.
>
> Martin
Valid point.
However, on a standard pkgsrc bootstrap, the url is automatically adjusted to:
$ sudo pkg_admin config-var PKGVULNURL
http://cdn.NetBSD.org/pub/NetBSD/packages/vulns/pkg-vulnerabilities.gz
even without initialising pkg_install.conf.
So: the guide is wrong but pkg_admin does fetch a valid vulnerability file.
--
Ottavio Caruso
Home |
Main Index |
Thread Index |
Old Index