Sergey from Altex-Soft has brought to my attention the fact that FreeBSD packages (which can be checked in OVAL using the freebsd:port_test) have their own versioning logic — similar to how RedHat and Ubuntu/Debian package versions also have their own comparison logic. Here is a page describing (to an extent, anyway) the FreeBSD version comparison logic:
https://protect-us.mimecast.com/s/7sE5CYEYjoSEr08i031Nl?domain=vuxml.freebsd.org https://protect-us.mimecast.com/s/7sE5CYEYjoSEr08i031Nl?domain=vuxml.freebsd.org
RedHat and Debian package versions are represented in OVAL using the evr_string and debian_evr_string datatypes in OVAL, but we currently have no way of representing port version strings.
I’ve created issue #307 on the OVALProject/Language Github site encapsulating the above, but thought I should also send this to the developer list for general dissemination.
Best regards,
—David Solin
https://protect-us.mimecast.com/s/7sE5CYEYjoSEr08i031Nl?domain=vuxml.freebsd.org
Sergey from Altex-Soft has brought to my attention the fact that FreeBSD packages (which can be checked in OVAL using the freebsd:port_test) have their own versioning logic — similar to how RedHat and Ubuntu/Debian package versions also have their own comparison logic. Here is a page describing (to an extent, anyway) the FreeBSD version comparison logic:
https://protect-us.mimecast.com/s/7sE5CYEYjoSEr08i031Nl?domain=vuxml.freebsd.org <https://protect-us.mimecast.com/s/7sE5CYEYjoSEr08i031Nl?domain=vuxml.freebsd.org>
RedHat and Debian package versions are represented in OVAL using the evr_string and debian_evr_string datatypes in OVAL, but we currently have no way of representing port version strings.
I’ve created issue #307 on the OVALProject/Language Github site encapsulating the above, but thought I should also send this to the developer list for general dissemination.
Best regards,
—David Solin
<https://protect-us.mimecast.com/s/7sE5CYEYjoSEr08i031Nl?domain=vuxml.freebsd.org>
