FreshPorts -- security/govulncheck: Database client and tools for the Go vulnerability database

Port details on branch 2025Q4

govulncheck Database client and tools for the Go vulnerability database

1.1.4_5 security =0 1.1.4_5Version of this port present on the latest quarterly branch.

Maintainer: einar@isnic.is

Port Added: 2025-11-01 15:53:31

Last Update: 2025-11-01 15:48:35

Commit Hash: ae07b4c

License: BSD3CLAUSE

WWW:

https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck

Description:

Govulncheck reports known vulnerabilities that affect Go code. It uses static analysis of source code or a binary's symbol table to narrow down reports to only those that could affect the application. By default, govulncheck makes requests to the Go vulnerability database at https://vuln.go.dev. Requests to the vulnerability database contain only module paths with vulnerabilities already known to the database, not code or other properties of your program. See https://vuln.go.dev/privacy.html for more. Use the -db flag to specify a different database, which must implement the specification at https://go.dev/security/vuln/database. Govulncheck looks for vulnerabilities in Go programs using a specific build configuration. For analyzing source code, that configuration is the Go version specified by the "go" command found on the PATH. For binaries, the build configuration is the one used to build the binary. Note that different build configurations may have different known vulnerabilities.

¦ ¦ ¦ ¦

Manual pages:

FreshPorts has no man page information for this port.

pkg-plist: as obtained via: make generate-plist

Expand this list (4 items)

Collapse this list.

bin/govulncheck
/usr/local/share/licenses/govulncheck-1.1.4_5/catalog.mk
/usr/local/share/licenses/govulncheck-1.1.4_5/LICENSE
/usr/local/share/licenses/govulncheck-1.1.4_5/BSD3CLAUSE

Collapse this list.

USE_RC_SUBR (Service Scripts)

no SUBR information found for this port

Dependency lines:

govulncheck>0:security/govulncheck

To install the port:

cd /usr/ports/security/govulncheck/ && make install clean

To add the package, run one of these commands:

pkg install security/govulncheck
pkg install govulncheck

NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.

PKGNAME: govulncheck

Flavors: there is no flavor information for this port.

distinfo:

TIMESTAMP = 1742556049 SHA256 (go/security_govulncheck/govulncheck-v1.1.4/v1.1.4.mod) = 40e5fa329adbfd7dad2476465ba340d2531b4d33640b82c81c34ac90f36cbd2a SIZE (go/security_govulncheck/govulncheck-v1.1.4/v1.1.4.mod) = 387

Expand this list (2 items)

Collapse this list.

SHA256 (go/security_govulncheck/govulncheck-v1.1.4/v1.1.4.zip) = 115ff76fba8f73b27106eb2e59e3f30696f4f7faaeed55471b5b65c3994b503d SIZE (go/security_govulncheck/govulncheck-v1.1.4/v1.1.4.zip) = 853384

Collapse this list.

Packages (timestamps in pop-ups are UTC):

govulncheck
ABI	aarch64	amd64	armv6	armv7	i386	powerpc	powerpc64	powerpc64le
FreeBSD:13:latest	1.1.4_6	1.1.4_7	-	1.1.4_4	1.1.4_7	n/a	n/a	n/a
FreeBSD:13:quarterly	1.1.4_4	1.1.4_5	-	1.1.4_1	1.1.4_5	n/a	n/a	n/a
FreeBSD:14:latest	1.1.4_6	1.1.4_7	-	1.1.4_3	1.1.4_7	-	-	-
FreeBSD:14:quarterly	1.1.4_5	1.1.4_5	-	1.1.4_1	1.1.4_5	-	-	-
FreeBSD:15:latest	1.1.4_7	1.1.4_7	n/a	-	n/a	n/a	-	-
FreeBSD:15:quarterly	1.1.4_5	1.1.4_5	n/a	-	n/a	n/a	-	-
FreeBSD:16:latest	1.1.4_5	1.1.4_7	n/a	-	n/a	n/a	-	-

Dependencies

NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:

go124 : lang/go124

Runtime dependencies:

go124 : lang/go124

Fetch dependencies:

go124 : lang/go124

There are no ports dependent upon this port

Configuration Options:

No options to configure

Options name:

security_govulncheck

USES:

go:modules,run zip

FreshPorts was unable to extract/find any pkg message

Master Sites:

Expand this list (1 items)

Collapse this list.

https://proxy.golang.org/golang.org/x/vuln/@v/

Collapse this list.

Number of commits found: 1

Commit History - (may be incomplete: for full details, see links to repositories near top of page)

Commit

Credits

Log message

1.1.4_5
01 Nov 2025 15:48:35

Adam Weinberger (adamw)

various: Bump Go ports for 1.24.9

This is a direct commit to 2025Q4. It'll definitely bring things (esp.
PORTREVISION lines) out of sync with main, but trying to MFH the
associated bump commit would bring in a massive quantity of conflicts.

Number of commits found: 1

Login
User Login Create account

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD

This site
What is FreshPorts? About the authors Issues FAQ How big is it? Security Policy Privacy Blog Contact

Search
Enter Keywords: more...

Latest Vulnerabilities

mongodb70	Dec 01
mongodb70	Dec 01
mongodb70	Dec 01
mongodb80	Dec 01
mongodb80	Dec 01
mongodb80	Dec 01
wolfssl	Nov 30
mongodb70	Nov 29
mongodb80	Nov 29
gitlab	Nov 27
png	Nov 27
unbound^*	Nov 27
gnutls	Nov 21
chromium	Nov 18
ungoogled-chromium	Nov 18

14 vulnerabilities affecting 177 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities

Last processed:
2025-12-01 17:02:04 UTC

Ports
Home Categories Deleted ports Sanity Test Failures Newsfeeds

Statistics

Graphs
NEW Graphs (Javascript)

Calculated hourly:

Port count	33978
Broken	118
Deprecated	253
Ignore	234
Forbidden	0
Restricted	2
No CDROM	1
Vulnerable	37
Expired	9
Set to expire	195
Interactive	0
new 24 hours	13
new 48 hours	13
new 7 days	42
new fortnight	54
new month	136