G'day.  I am relatively new to FreeBSD, but failed to find an answer to
this question in the handbook, manual pages, or other references about

At the moment, portaudit is reporting one vulnerability on my system,
with the 'p5-Crypt-OpenPGP' package.  

There isn't, apparently, a release of this package available that
resolves the issue.

I have checked the advisory and I am quite happy that the specific
problem is not going to hurt here, so I don't mind that the
theoretically vulnerable version is installed.[1]

I can't work out how to tell portaudit to stop bothering me about this
particular vulnerability, though.  

Can I ask it to exclude a vulnerability, or (ever better) a
vulnerability/package combination, from reports?

I specifically /don't/ want to exclude the package from auditing,
though, since I want to know if another security issue turns up for it.


[1]  The specific issue is a cryptographic weakness that needs a
     specific and particularly unlikely bit of code written by us before
     it actually does anything.  Not, as they say, going to happen.

freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to