Generally speaking, there are two incentives to upgrade a port: either there are new features you want or bug fixes you must have. For high profile applications it’s often not too hard to track the developement process, since major releases and major bugs or security breaches are often covered widely. But what about all the rest? There are 15000 ports available and not every one is as popular (in the sense of: well known and spoken about) as apache or mysql. That’s where portaudit comes in. It keeps an eye on the FreeBSD VuXML database and alerts you if one of your installed ports has a security issue. For a first start, simply run portaudit -Fa which will fetch the latest database and give you an output of affected packages, together with a short description of the vulnerability. For consecutive peeks to the database, you can omit the -F option, since the latest version is fetched autmatically by a cron script. The best thing about portaudit is, that you don’t even have to run it manually because it will hook itself into the “daily run security output”. Thus using portaudit you will have more time to spend reading feature related update news! (It’s a pity there is no automated tool for this…)