Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 23 Jan 2012 21:35:02 +0100
From:      Roland Smith <rsmith@xs4all.nl>
To:        Victor Sudakov <vas@mpeks.tomsk.su>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: portmaster best practices
Message-ID:  <20120123203502.GC32692@slackbox.erewhon.net>
In-Reply-To: <20120123103232.GA79175@admin.sibptus.tomsk.ru>
References:  <20120123103232.GA79175@admin.sibptus.tomsk.ru>
next in thread | previous in thread | raw e-mail | index | archive | help 

--2/5bycvrmDh4d1IB
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Jan 23, 2012 at 05:32:33PM +0700, Victor Sudakov wrote:
> Hello portmaster users,
>=20
> If portaudit shows that some installed packages have vulnerabilities,
> what do you usually do?

It depends on the vulnerability and what the package does. I will de-install
it if I think that the vulnerability is critical for me and there is no
workaround.

Look at freshports [http://www.freshports.org/commits.php] regularly to see=
 if
updates for vulnerable packages are available.

Generally I like to run 'portsnap fetch update' followed by 'portmaster -ai'
(after reading /usr/ports/UPDATING) every week. This keeps the number of hu=
ge
compilefests (like gettext updates :-() to a minimum.

For efficiency, I tend to keep one machine up-to-date in that way, and use
rsync to then distribute the changes in /usr/local to my other machines. Th=
is
only works for machines that are on the same major FreeBSD version and
architecture, of course.

Roland
--=20
R.F.Smith                                   http://www.xs4all.nl/~rsmith/
[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 1A2B 477F 9970 BA3C 2914  B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)

--2/5bycvrmDh4d1IB
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (FreeBSD)

iEYEARECAAYFAk8dxHYACgkQEnfvsMMhpyVM1wCgiNuBKVr3urE7qkp11lpsmBR3
6U8An1QupwxyFo1mwN8riZKqyz0GNm9j
=JtAF
-----END PGP SIGNATURE-----

--2/5bycvrmDh4d1IB--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120123203502.GC32692>