#15059: ENH: Add vulnerability (update) notification / detection --------------------------------------------+------------------------------- Reporter: ecronin@macports.org | Owner: ecronin@macports.org Type: enhancement | Status: new Priority: Normal | Milestone: MacPorts base enhancements Component: base | Version: 1.6.0 Keywords: security vulnerabilities vuxml | --------------------------------------------+------------------------------- Right now MacPorts lacks a good way of indicating that an installed port has a known vulnerability or that an update to an installed port fixes this vulnerability. FreeBSD has developed the VuXML database http://www.vuxml.org/ and {{{portaudit}}} tool which may be a starting point for building a tool external to macports core (I have not looked at the practicality of porting {{{portaudit}}} to use the MacPorts registry). A simpler, manual, internal fix would to be to add a monotonic counter similar to Revision which is incremented each time a critical update is made upstream and some changes to {{{port outdated}}} or perhaps a new {{{port vulnerable}}} that lists these. -- Ticket URL: <http://trac.macosforge.org/projects/macports/ticket/15059> MacPorts </projects/macports> Ports system for Mac OS