forked from freebsd/pkg
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpkg-audit.8
142 lines (142 loc) · 3.44 KB
/
pkg-audit.8
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
.\"
.\" FreeBSD pkg - a next generation package for the installation and maintenance
.\" of non-core utilities.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\"
.\"
.\" @(#)pkg.8
.\"
.Dd October 30, 2014
.Dt PKG-AUDIT 8
.Os
.Sh NAME
.Nm "pkg audit"
.Nd audit installed packages against known vulnerabilities
.Sh SYNOPSIS
.Nm
.Op Fl Fqr
.Op Fl R Ns Op Ar format
.Op Fl f Ar filename
.Ar pkg-name
.Pp
.Nm
.Op Cm --{fetch,quiet,recursive}
.Op Cm --raw Ns Op = Ns Ar format
.Op Cm --file Ar filename
.Ar pkg-name
.Sh DESCRIPTION
.Nm
checks installed packages for known vulnerabilities and generates reports
including references to security advisories.
Its intended audience is system
administrators and individual users.
.Pp
.Nm
uses a database maintained by port committers and the
.Fx
security team
to check if security advisories for any installed packages exist.
Note that a current ports tree (or any local copy of the ports tree) is not
required for operation.
.Pp
The URL that is used to fetch the database can be overridden via the VULNXML_SITE
config variable.
See
.Xr pkg.conf 5
for more information.
.Pp
If you have a vulnerable package installed, you are advised to update or
deinstall it immediately.
.Pp
Supplying a
.Ar pkg-name
will audit only that package.
.Sh OPTIONS
The following options are supported by
.Nm :
.Bl -tag -width fetch
.It Fl f Ar filename , Cm --file Ar filename
Use
.Pa filename
as the local copy of the vulnerability database.
If used in combination with
.Fl F
download the vulnerability database to the named
.Pa filename
before auditing installed ports against it.
.It Fl F , Cm --fetch
Fetch the database before checking.
.It Fl q , Cm --quiet
Be ``quiet''.
Prints only the requested information without
displaying many hints.
.It Fl r , Cm --recursive
Prints packages that depend on vulnerable packages and are thus
potentially vulnerable as well.
.It Fl R , Cm --raw Ns Op = Ns Ar format
The output will be formatted in a parseable
.Ar format .
It can be ucl (default), json, json-compact and yaml.
.El
.Sh ENVIRONMENT
The following environment variables affect the execution of
.Nm .
See
.Xr pkg.conf 5
for further description.
.Bl -tag -width ".Ev NO_DESCRIPTIONS"
.It Ev PKG_DBDIR
.It Ev VULNXML_SITE
.El
.Sh FILES
See
.Xr pkg.conf 5 .
.Sh SEE ALSO
.Xr pkg_create 3 ,
.Xr pkg_printf 3 ,
.Xr pkg_repos 3 ,
.Xr pkg-keywords 5 ,
.Xr pkg-lua-script 5 ,
.Xr pkg-repository 5 ,
.Xr pkg-script 5 ,
.Xr pkg-triggers 5 ,
.Xr pkg.conf 5 ,
.Xr pkg 8 ,
.Xr pkg-add 8 ,
.Xr pkg-alias 8 ,
.Xr pkg-annotate 8 ,
.Xr pkg-autoremove 8 ,
.Xr pkg-backup 8 ,
.Xr pkg-check 8 ,
.Xr pkg-clean 8 ,
.Xr pkg-config 8 ,
.Xr pkg-create 8 ,
.Xr pkg-delete 8 ,
.Xr pkg-fetch 8 ,
.Xr pkg-info 8 ,
.Xr pkg-install 8 ,
.Xr pkg-lock 8 ,
.Xr pkg-query 8 ,
.Xr pkg-register 8 ,
.Xr pkg-repo 8 ,
.Xr pkg-rquery 8 ,
.Xr pkg-search 8 ,
.Xr pkg-set 8 ,
.Xr pkg-shell 8 ,
.Xr pkg-shlib 8 ,
.Xr pkg-ssh 8 ,
.Xr pkg-stats 8 ,
.Xr pkg-triggers 8 ,
.Xr pkg-update 8 ,
.Xr pkg-updating 8 ,
.Xr pkg-upgrade 8 ,
.Xr pkg-version 8 ,
.Xr pkg-which 8