Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
PKG-AUDIT(8)		FreeBSD	System Manager's Manual		  PKG-AUDIT(8)

NAME
     pkg audit -- audit	installed packages against known vulnerabilities

SYNOPSIS
     pkg audit [-Fqr] [-f filename] [-R[format]] [pkg-name]

     pkg audit [--{fetch,quiet,recursive}] [--file filename] [--raw[=format]]
	 [pkg-name]

DESCRIPTION
     pkg audit checks installed	packages for known vulnerabilities and gener-
     ates reports including references to security advisories.	Its intended
     audience is system	administrators and individual users.

     pkg audit uses a database maintained by port committers and the FreeBSD
     security team to check if security	advisories for any installed packages
     exist.  Note that a current ports tree (or	any local copy of the ports
     tree) is not required for operation.

     The URL that is used to fetch the database	can be overridden via the VUL-
     NXML_SITE config variable.	 See pkg.conf(5) for more information.

     If	you have a vulnerable package installed, you are advised to update or
     deinstall it immediately.

     Supplying a pkg-name will audit only that package.

OPTIONS
     The following options are supported by pkg	audit:

     -F, --fetch
	     Fetch the database	before checking.

     -f	filename, --file filename
	     Use filename as the local copy of the vulnerability database.  If
	     used in combination with -F download the vulnerability database
	     to	the named filename before auditing installed ports against it.

     -q, --quiet
	     Be	"quiet".  Prints only the requested information	without	dis-
	     playing many hints.

     -R[format], --raw[=format]
	     Present the output	in one of the following	formats:

	     +o	 json
	     +o	 json-compact
	     +o	 ucl
	     +o	 yaml

	     In	case format is not provided, it	defaults to ucl.

     -r, --recursive
	     Prints packages that depend on vulnerable packages	and are	thus
	     potentially vulnerable as well.

ENVIRONMENT
     The following environment variables affect	the execution of pkg audit.
     See pkg.conf(5) for further description.

     PKG_DBDIR

     VULNXML_SITE

FILES
     See pkg.conf(5).

SEE ALSO
     pkg_create(3), pkg_printf(3), pkg_repos(3), pkg-keywords(5),
     pkg-lua-script(5),	pkg-repository(5), pkg-script(5), pkg-triggers(5),
     pkg.conf(5), pkg(8), pkg-add(8), pkg-alias(8), pkg-annotate(8),
     pkg-autoremove(8),	pkg-backup(8), pkg-check(8), pkg-clean(8),
     pkg-config(8), pkg-create(8), pkg-delete(8), pkg-fetch(8),	pkg-info(8),
     pkg-install(8), pkg-lock(8), pkg-query(8),	pkg-register(8), pkg-repo(8),
     pkg-rquery(8), pkg-search(8), pkg-set(8), pkg-shell(8), pkg-shlib(8),
     pkg-ssh(8), pkg-stats(8), pkg-triggers(8),	pkg-update(8),
     pkg-updating(8), pkg-upgrade(8), pkg-version(8), pkg-which(8)

FreeBSD	13.0			 March 1, 2022			  FreeBSD 13.0

NAME | SYNOPSIS | DESCRIPTION | OPTIONS | ENVIRONMENT | FILES | SEE ALSO

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=pkg-audit&sektion=8&manpath=FreeBSD+13.1-RELEASE+and+Ports>

home | help