IPS with CVE numbers

A few days ago, Darren Moffat wrote an interesting article about the inclusion of CVE numbers in the IPS packages. You can read the article here. I just want to give a short example by citing Darren. For more information, just go to his blog post.

If we simply want to know if the fix for a given CVE-ID is installed the using 'pkg search -l' with the CVE-ID is sufficent eg: # pkg search -l CVE-2014-7187
info.cve set CVE-2014-7187 pkg:/support/critical-patch-update/solaris-11-cpu@2014.10-1