# VuXML - pkg audit not triggered



## rootbert (Apr 20, 2020)

I just realized the current entries in VuXML concerning ansible (e.g. https://www.vuxml.org/freebsd/0899c0d3-80f2-11ea-bafd-815569f3852d.html). I have py37-ansible 2.8.7 installed, so my software used is vulnerable. However, the VuXML refers to the package "ansible". A `pkg audit -F` on my system does not bail out that I am vulnerable. Now my question: what do I have to do that future vulnerabilities of package "ansible" will trigger a pkg audit to mention the respective CVE? Or: is the VuXML entry bugged - should it contain all the py*-ansible entries to be vulnerable?

Note: if you open "https://www.vuxml.org/freebsd/pkg-ansible.html" and click on the link "ansible at FreshPorts.org" we get to a "not found" search result of freshports


----------

