1 files changed, 20 insertions, 0 deletions

diff --git a/security/vulnerability-test-port/pkg-descr b/security/vulnerability-test-port/pkg-descr
new file mode 100644
index 000000000000..a07e1b34e991
--- /dev/null
+++ b/security/vulnerability-test-port/pkg-descr
@@ -0,0 +1,20 @@
+This is a package to test FreeBSD port auditing systems, e.g. portaudit 
+and the upcoming VuXML based system. Even though it installs no files, 
+it is registered in the local package database.
+
+Its version number is automagically the installation date, so that you 
+can update it every day ;-) If the date is off by one day keep in mind 
+that the date is in UTC which may differ from your local time up to 
+twelve hours, depending on the time zone you live in.
+
+The portaudit database lists yesterday's vulnerability test port as 
+vulnerable so that it should appear in your security report approximately 
+after a week, depending on the synchronization schedule of your database.
+
+If you try install the port with
+  make INSTALLATION_DATE=`date -u -v-14d "+%Y.%m.%d"` install
+the port is instantly flagged as vulnerable and the ports system should 
+hinder you installing it (currently not implemented), otherwise your 
+vulnerability database is too old.
+
+Oliver Eikemeier <eik@FreeBSD.org>