On Wed, Mar 17, 2004 at 02:00:51AM -0500, Peter C. Lai wrote: > Any reason why portaudit and its associated infrastructure was not announced to > this list or security-notifications? I recently discovered it, and discovered > the feature was added to bsd.port.mk in the beginning of feburary. Seeing as > the security officer apparently (without announcement) no longer issues > security notices (SNs) for ports, I am assuming that portaudit has replaced > SNs entirely, and that we should rely on that for ports operational security? > I'm not subscribed to -ports, -questions, or -current, which were apparently > where the portaudit introduction discussions took place. VuXML is the new mechanism for documenting security issues in ports. It has not been `announced' because it is still at an experimental stage. portaudit is one tool that reads the FreeBSD VuXML document, and is well- suited for automated checking. Cheers, -- Jacques Vidrine / [email protected] / [email protected] / [email protected] _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"